Autopilot is a collection of cloud-based technologies which leverages Microsoft Intune to automate the set up and pre-configuration of new Windows devices, getting them ready for productive use without the need for the device on-premises or touched by IT.
You can also use Windows Autopilot to reset, repurpose and recover Windows devices. To do so, you may need to return the device to the initial installation state of Windows if it wasn’t previously setup with Autopilot.
Eligibility for Autopilot is UW employees, via your personal UW NetID.
When a computer is setup with UW Autopilot, what is the expected end result?
The following should be true at completion:
- a Windows 10 computer that is ready for use
- computer is joined to NETID Active Directory (specifically, to the Autopilot OU) and is Azure AD joined
- This means sign in to the computer will be via email@example.com
- The user which performs Autopilot will be a local admin
- The Managed Windows VPN client will be installed to provide for the initial sign in
- Husky OnNet VPN client will be installed for continued VPN use
- Microsoft 365 Apps (what used to be called Office ProPlus) will be installed
- Skype for Business
- Some basic settings applied via a group policy object:
- A primary DNS suffix of clients.uw.edu
- A variety of security settings to meet minimum UW security expectations
- Bitlocker is enabled
- Windows Firewall is enabled
- Windows Update for Business (current branch) is enabled
- Microsoft Defender is enabled for antivirus and malware protection
- LAPS is enabled to protect the built-in local administrator password
If this computer should be managed by departmental IT, it can be moved to a delegated OU after Autopilot creation. All of the group policy settings in the sub-list above are subject to change when the Autopilot setup computer is moved to a delegated OU.