Requirements - Windows Tutorial

- [Instructor] Let's take a look at the requirements for Windows Autopilot. There are several requirements you need to put in place before using Windows Autopilot. These include purchasing specific licenses, insuring network capabilities and managing configuration settings. Let's take a look at these in more detail. Windows Autopilot uses functionality provided by the Windows 10 operating system except Windows 10 Home, the Azure Active Directory Identity Management Service and Microsoft Intune for mobile device management. Though you can use another mobile device management solution if you prefer. The Windows Autopilot deployment service is a cloud-based service which relies on internet technologies to work. The basic network requirements include internet access, DNS name resolution and access on firewall ports, 80 for http, port 443 for https and port 123 for UDP and NTP. Depending on your network topology you may also need to configure the following additional requirements. Proxy server settings, firewall access to the Windows Autopilot service, bandwidth configurations including quality of service. You also need to consider network access to optional features including delivery optimization, Windows Update and diagnostics data using Windows Analytics. Before you can use Windows Autopilot you must perform the following tasks in Azure AD. You need to configure Azure AD automatic enrollment, this allows devices to be automatically enrolled into an MDM service, and configure Azure AD custom branding. This is required to display an organization's specific log-on page during the Autopilot device deployment phase. Let's drop onto our demo environment to see how to configure the prerequisites required for Windows Autopilot. I've signed into my Microsoft 365 Enterprise subscription as a tenant admin. On the Microsoft 365 admin center, on the left-hand side, I'll click show all, scroll down for the admin centers and select Azure Active Directory. Azure AD portal appears. On the left-hand side I'll click Azure Active Directory. Under manage I'll scroll down and I'll select Mobility. And then select Microsoft Intune. On the Configure page under MDM user scope I'll select all. And them under MAM user scope I'll also select all. Whilst I'm here I'll replicate the terms of use URL from MDM to MAM and then click save. The settings were updated and I can close this blade. I then want to click the Company Branding item under manage and then click configure. I'll now select the various images that I want to use for my company branding. This is the imagery that my users will see when they first boot their PC. I'll select a banner logo. A username hint. I could modify the background color and finally I'll select a square logo. For all the images that you use make sure they comply with the image size recommendations. I'll then click save. And then I can close the blade. We can see that the default branding is now in place. You can also configure the automatic enrollment settings directly in Intune. Let's take a look. Back to the Microsoft 365 admin center, I'll scroll down. Select all admin centers and then select Intune. This will launch the Microsoft 365 Device Management page. I'll select Device Enrollment and then Windows Enrollment on the left-hand side. Here we can see under general, Automatic Enrollment. And we can see on the configure page that MDM and MAM user scope has been configured. Once you've completed the initial setup tasks you're ready to use Windows Autopilot. You'll then need to configure your devices and deployment profiles. This includes device registration, which is where the Windows Autopilot service recognizes devices during deployment, and profile configuration, which is used to manage the settings required for devices. These two configuration tasks will be covered in detail in later videos. Unless you intend to use the self-deploying mode for kiosk machines, which requires a trusted platform module or TMP 2.0 chip, there are no other specific hardware requirements for using Windows Autopilot. So long as the device is capable of running a supported version of Windows 10 then it will be suitable for Autopilot deployment. The final requirement is to access a portal to allow administrators to manage Windows Autopilot. There are several portals available depending on your subscription. If you have purchased a Microsoft 365 Business subscription then you can use the dedicated Microsoft 365 admin portal. For Microsoft 365 Education or Enterprise you can use the Microsoft 365 Device Management portal. Or if you have a stand-alone Microsoft Intune subscription you'll need to use the Azure admin portal. You can also use the Microsoft Store for Business but you can only manage devices and device profiles here. And finally if you have a Microsoft partner they can manage Windows Autopilot for you.