In this video, learn how to troubleshoot Windows Autopilot problems, including discovering where issues commonly occur.
- [Instructor] There are a lot of moving parts that need to work together with Windows Autopilot. Let's review a number of areas for you to troubleshoot so that you can resolve any problems that may encounter related to deploying Windows 10 with Windows Autopilot. Before you can resolve an issue, you will need to identify in which part of the overall process the problem is occurring. We can break down the Windows Autopilot process into several logical, technical steps. First, the Windows 10 device will establish an internet connection. Then the device will connect to the Windows Autopilot deployment service to receive the deployment profile. For user-driven deployments, users will need to use their Azure AD credentials, as these validate authentication and will join the device to Azure AD. And finally, your MDM service needs to deliver any policies, settings, and apps to the device. Windows Autopilot requires internet access. You should therefore focus your troubleshooting on ensuring that specific network requirements are met, including firewall, port settings, and DNS name resolution; ensure that the correct version of Windows 10 is being used, only version 1703 or later are actually able to connect to the Windows Autopilot deployment service. All of your prerequisites need to be in place prior to deploying devices with Autopilot. You should focus your troubleshooting on ensuring that MDM auto enrollment is Azure AD is correctly configured; check that the MDM discovery URL is correctly configured, so that devices can find the MDM service; and ensure that Azure AD custom branding is in place. Let's take a quick look at these. I'll open my Azure AD admin center and under Manage, I'll review company branding, and here we can see we've already configured company branding. We have a background image, banner logo, and small icons already configured. If I check my mobility settings, which are the same as in Intune, we can also see that our MDM user scope has been configured to All and that our MDM discovery URL has been configured. We also need to ensure that this device hardware IDs have been successfully registered with the Windows Autopilot deployment service. You also need have configured a valid deployment profile and allocated this to the device or device group. In this area, you should therefore focus your troubleshooting on whether the device has received its deployment profile, if a deployment profile was assigned to the correct device, if the correct deployment profile type has been configured. For example, is the device a kiosk? And finally, are the assigned deployment profile settings correct. For example, if you're creating randomized device names, are you using the correct template? Azure AD is essential, as it authenticates the user before joining the device to Azure AD and enrolling the device into management. You should therefore focus your troubleshooting in this area on ensuring that the user has a valid and active account within Azure AD, ensure that the user has not exceeded the maximum number of devices allowed to be joined to Azure AD, whether corporate branding has been applied correctly, and checking, if you use a third-party MDM solution, that this has been correctly authorized in Azure AD. The final stage of the Windows Autopilot process is that the device will receive policies, settings, and apps from the MDM service. For this stage, you should focus your troubleshooting on the enrollment status page, as this is useful to identify MDM issues. For example, has the device frozen at a certain point when receiving apps or settings from MDM? You should also ensure that when using Intune that users have been assigned a valid Intune license. And finally, ensure that users have not exceeded their device enrollment limit, which can be set in MDM.
This course closely aligns to the first two domains of exam MD-101: Managing Modern Desktops: Deploy and update operating systems and Manage policies and profiles.
- Implementing Windows 10
- Provisioning packages
- Deploying Windows 10 using Windows Autopilot
- Upgrading to Windows 10
- Managing Windows Update for Business
- Managing device authentication
- Working with user profiles
- Managing Windows 10 using Microsoft Intune
- Managing policy precedence