Microsoft today announced Windows AutoPilot, a new set of features powered by cloud-based services that will simplify deployment and management of new Windows 10 PC’s along with enhancements to Mobile Device Management and new Device Health features in Windows Analytics.
In large organizations, whenever a new PC is purchased, it can’t be handed over to employees directly. IT teams will generally configure the device with a custom image of Windows OS based on their organizations needs. Windows AutoPilot Deployment is a new cloud service that will allow IT to customize the Windows 10 out of box setup experience using a cloud configuration, delivering a self-service deployment experience with new Windows 10 devices.
Windows AutoPilot Deployment also works with existing Azure Active Directory and Intune mobile device management (MDM) services. End users just need to sign-in using their corporate credentials on their new PC, Windows AutoPilot Deployment will fully configure the PC:
joined to Azure Active Directory, enrolled in Intune, transformed to Windows 10 Enterprise, settings applied, Office 365 apps and line-of-business apps installed. Microsoft is also planning to introduce Windows AutoPilot Deployment Program that will allow OEMs, distributors, and resellers to link devices to an organization. Surface team will pilot Windows AutoPilot Deployment program with select customers and partners this summer.
Microsoft is also planning to add the below new in the Windows 10 Fall Creators Update later this year:
- Windows AutoPilot Reset – a new reset mechanism to reset a fully configured device while maintaining MDM management and AAD connection state and automatically get the device back into a fully configured state.
- Enhanced Personalization with Windows AutoPilot Deployment – ability to pre-assign a device to a specific employee in the organization via cloud-configuration.
- Self Service Active Directory domain join – self-service deployment to get new Windows 10 devices into Active Directory domain joined state along with Microsoft Intune enrollment.
In the Windows 10 Fall Creators Update, Microsoft will allow organizations to deploy and configure Windows Defender Application Guard, as well as configuring security baseline settings (such as account and logon policies), to make it easy to use recommended security settings on MDM-managed enterprise devices. They will also allow them to configure Windows Firewall rules. Microsoft also announced that they are bringing MDM support for Active Directory domain joined devices is coming. And they will also add new kiosk configuration and management features, supporting new multi-app scenarios and simplified lockdown configurations in the Fall Creators Update.