Autopilot and Delegated OUs

Last updated: November 16, 2023
Audience: IT Staff / Technical

Autopilot is a way to provision new computers. For more info, please read Autopilot at the UW.

Adding an Autopilot computer to your OU

Computers setup via Autopilot are provisioned to OU=Autopilot,DC=netid,DC=washington,DC=edu. Only UW-IT staff have permissions to manage this OU and it is not considered part of delegated OUs.

Delegated OU admins can move any computer in the Autopilot OU to their delegated OU–the permissions to do so are already present.

Delegated OU admins should only move those computers which have a relationship to your unit. If you make a mistake, you’ll need to get UW-IT assistance in fixing it.

Once you’ve moved an AD computer object, group policy applied via the Autopilot OU will not be replaced until a subsequent user sign-in with line of sight connectivity to a NETID domain controller. If your computer is off the UW network, you’ll need to get it connected via a VPN prior to user sign-in.

Guidelines and Expectations

  • Once a computer is moved to your OU, UW-IT expects that you will provide support for the computer. UW-IT will no longer provide the documented minimal support if the computer was in the Autopilot OU.
  • You should take extreme care in renaming any computer built with Autopilot. Because it is AD joined, Entra ID joined, and Intune enrolled there are a lot of systems which may have problems if you do not execute the computer rename the right way. Name changes should only be performed from the Windows 10 1903 or better, initiated locally from the computer itself, when it has line of sight connectivity to a NETID domain controller. Failed computer renames may result in loss of authentication and access to the computer, so if in doubt and the computer is remote, don’t attempt a rename.
  • If you need to retire a computer built with Autopilot, you should not re-use the name.
  • If you need to rebuild the computer, be aware that it is *still* enrolled for Autopilot–it can go through Autopilot as many times as needed.
  • Be aware that we may need to add or change these expectations at any time to accommodate continual improvement in the Autopilot and Intune services.