Intune/Autopilot

[Heaton, Joseph@Wildlife]

Has anyone here implemented using Autopilot for imaging?  We’re looking at alternatives to ConfigMgr, and this is the one we’re about to research.  Was just looking for any real world experiences that anyone would like to share.

 

Thanks,

 

Joe Heaton

Managed Services and Operational Support Unit

Information Technology Operations Branch

Data and Technology Division

CA Department of Fish and Wildlife

1700 9^th Street, 3^rd Floor

Sacramento, CA 95811

Phone: 916-919-5816

 

[Michael B. Smith]

Yes, I do a lot of it.

 

Be very glad that you aren’t looking at it 2+ years ago. 😊

 

I can answer specific questions. I like it a lot.

--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/SJ0PR09MB6686F1C382B1D7B681963B70AAA7A%40SJ0PR09MB6686.namprd09.prod.outlook.com.

[Jamie McNamara]

Currently implementing autopilot from the vendor and here are some key takeaways if you go this route:

• Always "fresh start" that laptop before you issue it out to yeet the OEM add-ins (unless it's surface and that's plane jane as you can get these days)
• Invest in a package management service. It will save you tons of time packaging software.
• Design and execute windows update for business tiers
• embrace windows hello for business (passkeys)
• Surface devices are tightly integrated so they're a one stop shop for warranty replacement requests
• monitor the quality of the hardware and setup remediation notifications for devices that fall out of compliance

--

You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/SJ0PR09MB6686F1C382B1D7B681963B70AAA7A%40SJ0PR09MB6686.namprd09.prod.outlook.com.

IMPORTANT WARNING: 

The information contained in this transmission is confidential and is intended only for the person or entity to which it is addressed. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this information is strictly prohibited.

This document may contain protected health information. If you are not the recipient, pursuant to HIPAA, please notify our office at 877-739-7481 Opt. 2 and destroy the document(s) immediately.

Recipient acknowledges and agrees that Gemini Duplication, Inc. is not engaged in the practice of law or the provision of legal services, and that recipient alone is completely and independently responsible for its own legal rights and obligations.

[CR Hiestand]

We’ve been using Autopilot/Intune for about five years now. It’s important to note that Autopilot is not an imaging method, it’s a way to automate OOBE and MDM enrollment. 

You’ll still need a way to apply bare metal images (flash drive with Windows installer works) minimally and then can use Intune to install applications, policies, etc. We use Lenovo’s Cloud Deploy service for imaging and include the majority of our applications with that. Intune can be slow to deploy applications, especially when involving Autopilot and requiring a bunch of applications before a user can use the device. 

If you’re starting this journey now, I strongly suggest you do native Entra Joined deployment and not consider hybrid. Microsoft does not want to invest any resources in Autopilot hybrid. 

Bottom line from my perspective five years into it: Autopilot is the way to deploy Windows devices in a modern way but it’s still painful at times (especially with hybrid - the failure rate is quite high). 

Sent from Gmail Mobile

--

[Heaton, Joseph@Wildlife]

Along with this, and I know this isn’t the system center channel, but most of the same people are here as there..

 

My department has moved forward going to Tanium, for pretty much everything that the sales folks promised. So, obviously all the security side of things, but also software deployment, patching, etc. My ConfigMgr colleague who handles the desktop side of things is testing monthly patching this month through Tanium. ISO has decided to use Applocker to prevent anyone from installing anything anywhere. The idea is that any software the end user would need, would have an install package built in Tanium, and published to their Software Center, and the end user would simply install from there. They have a number of pre-built packages for big name stuff that, supposedly, will be auto-updated from the software vendor for us, but all the other software titles would have to be maintained manually.  I will eventually be required to add all my servers to Tanium and handle patching that way, as well.  So, with patching and application deployment being done in Tanium, and my coworker building the imaging process into Intune/Autopilot, the thought is that we can shut down the on-premises ConfigMgr.  I was hoping that someone here could do a sanity check on that idea.

 

From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of CR Hiestand
Sent: Wednesday, November 1, 2023 9:22 AM
To: ntsys...@googlegroups.com
Subject: Re: [ntsysadmin] Intune/Autopilot

 

WARNING: This message is from an external source. Verify the sender and exercise caution when clicking links or opening attachments.

 

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CA%2BDi7PuqLNVAMF6GtrmpmGv5kuWZNCDChZuR-nZ89SyxVkcQ5A%40mail.gmail.com.

[CR Hiestand]

Sounds reasonable to me. Tanium is a very common option to handle what you’re describing, including the bare metal image. 

Tanium hired the face of Autopilot from MS a few years ago. 

https://oofhours.com/

Sent from Gmail Mobile

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/SJ0PR09MB668606934805A236AB4EF493AAA5A%40SJ0PR09MB6686.namprd09.prod.outlook.com.

[Dane christian Neilson]

MT103/202 DIRECT WIRE TRANSFER
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER

Thanks.


NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.

DM ME ON WHATSAPP
+14234753476