update0

windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md

@@ -35,15 +35,19 @@ These are the things you'll need to complete this lab:
 * Installation media for Windows 10 Professional or Enterprise (ISO file), version 1703 or later.
     - If you do not already have an ISO to use, a link is provided to download an [evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise).
 * Internet access
-    - If you are behind a firewall, see the detailed [networking requirements](windows-autopilot-requirements-network.md).
+    - If you are behind a firewall, see the detailed [networking requirements](windows-autopilot-requirements-network.md). Otherwise, just ensure that you have a connection to the Internet.
 * Hyper-V or a physical device running Windows 10.
-    - The guide assumes that you will use a Hyper-V VM. To use a physical device, skip the steps to install and configure Hyper-V.
+    - The guide assumes that you will use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V.
 * A Premium Intune account
-    - This guide will describe how to obtain a free 30-day trial account that can be used to complete the lab.
+    - This guide will describe how to obtain a free 30-day trial premium account that can be used to complete the lab.
 
 ## Create a virtual machine
 
-First, we must enable Hyper-V on a computer running Windows 10 or Windows Server (2012 R2 or later) device. If you already have Hyper-V enabled, skip to the [create a demo VM](#create-a-demo-vm) step. If you are not sure that your device supports Hyper-V, or you have problems installing Hyper-V, see [appendix A](#appendix-a-verify-support-for-hyper-v) below for details on verifying that Hyper-V can be successfully installed.
+If you don't already have Hyper-V, we must first enable this on a computer running Windows 10 or Windows Server (2012 R2 or later). 
+
+>If you already have Hyper-V enabled, skip to the [create a demo VM](#create-a-demo-vm) step. 
+
+If you are not sure that your device supports Hyper-V, or you have problems installing Hyper-V, see [appendix A](#appendix-a-verify-support-for-hyper-v) below for details on verifying that Hyper-V can be successfully installed.
 
 ### Enable Hyper-V
 
@@ -53,7 +57,7 @@ To enable Hyper-V, open an elevated Windows PowerShell prompt and run the follow
 Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All
 ```
 
-This command works on all operating systems that support Hyper-V, but on Windows Server operating systems you must type an additional command to add the Hyper-V Windows PowerShell module and the Hyper-V Manager console. This command will also install Hyper-V if it isn't already installed, so if desired you can just type the following command on Windows Server instead of using the Enable-WindowsOptionalFeature command:
+This command works on all operating systems that support Hyper-V, but on Windows Server operating systems you must type an additional command (below) to add the Hyper-V Windows PowerShell module and the Hyper-V Manager console. The following command will also install Hyper-V if it isn't already installed, so if you're using Windows Server, you can just type the following command instead of using the Enable-WindowsOptionalFeature command:
 
 ```powershell
 Install-WindowsFeature -Name Hyper-V -IncludeManagementTools
@@ -71,9 +75,13 @@ When you are prompted to restart the computer, choose **Yes**. The computer migh
 
 After installation is complete, open Hyper-V Manager by typing **virtmgmt.msc** at an elevated command prompt, or by typing **Hyper-V** in the Start menu search box.
 
+To read more about Hyper-V, see [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/virtualization/hyper-v-on-windows/about/) and [Hyper-V on Windows Server](https://docs.microsoft.com/windows-server/virtualization/hyper-v/hyper-v-on-windows-server).
+
 ### Creating a demo VM
 
-Now that Hyper-V is enabled, we need to create a VM running Windows 10. We can create the VM using the Hyper-V Manager console, but it is simpler to use Windows PowerShell. To use Windows Powershell we just need to know two things:
+Now that Hyper-V is enabled, we need to create a VM running Windows 10. We can [create a VM](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/create-virtual-machine) and [virtual network](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/connect-to-network) using Hyper-V Manager, but it is simpler to use Windows PowerShell. 
+
+To use Windows Powershell we just need to know two things:
 
 1. The location of the Windows 10 ISO file.
    - In the example, we assume the location is **c:\iso\win10-eval.iso**. 
@@ -86,9 +94,10 @@ You can download an ISO file for an evaluation version of the latest release of
 - When asked to select a platform, choose **64 bit**. 
 
 After you download this file, the name will be extremely long (ex: 17763.107.101029-1455.rs5_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso). 
-- So that it is easier to type and remember, rename the file to **win10-eval.iso**. 
-- Create a directory on your computer named **c:\iso** and move the **win10-eval.iso** file there, so the path to the file is **c:\iso\win10-eval.iso**.
-- If you wish to use a different name and location for the file, you must modify the Windows PowerShell commands below to use your custom name and directory.
+
+1. So that it is easier to type and remember, rename the file to **win10-eval.iso**. 
+2. Create a directory on your computer named **c:\iso** and move the **win10-eval.iso** file there, so the path to the file is **c:\iso\win10-eval.iso**.
+3. If you wish to use a different name and location for the file, you must modify the Windows PowerShell commands below to use your custom name and directory.
 
 #### Network adapter name
 
@@ -107,7 +116,7 @@ For example, if the command above displays Ethernet but you wish to use Ethernet
 All VM data will be created under the current path in your PowerShell prompt. Consider navigating into a new folder before running the following commands.
 
 >[!IMPORTANT]
->**VM switch**: a VM switch is how Hyper-V connects VMs to a network. <br>If you have previously enabled Hyper-V and your Internet-connected network interface is already bound to a VM switch, then the PowerShell commands below will fail. In this case, you can either delete the existing VM switch (so that the commands below can create one), or you can reuse this VM switch by skipping the first command below and either modifying the second command to replace the switch name **AutopilotExternal** with the name of your switch, or by renaming your existing switch to "AutopilotExternal."
+>**VM switch**: a VM switch is how Hyper-V connects VMs to a network. <br><br>If you have previously enabled Hyper-V and your Internet-connected network interface is already bound to a VM switch, then the PowerShell commands below will fail. In this case, you can either delete the existing VM switch (so that the commands below can create one), or you can reuse this VM switch by skipping the first command below and either modifying the second command to replace the switch name **AutopilotExternal** with the name of your switch, or by renaming your existing switch to "AutopilotExternal."<br><br>If you have never created an external VM switch before, then just run the commands below.
 
 ```powershell
 New-VMSwitch -Name AutopilotExternal -AllowManagementOS $true -NetAdapterName (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name 
@@ -116,7 +125,7 @@ Add-VMDvdDrive -Path c:\iso\win10-eval.iso -VMName WindowsAutopilot
 Start-VM -VMName WindowsAutopilot
 ```
 
-After entering these commands, connect to the VM that you just created and wait for a prompt to press a key and boot from the DVD.  
+After entering these commands, connect to the VM that you just created and wait for a prompt to press a key and boot from the DVD.  You can connect to the VM by double-clicking it in Hyper-V Manager.
 
 See the sample output below. In this sample, the VM is created under the **c:\autopilot** directory and the vmconnect.exe command is used (which is only available on Windows Server). If you installed Hyper-V on Windows 10, use Hyper-V Manager to connect to your VM.
 
@@ -175,7 +184,7 @@ Ensure the VM booted from the installation ISO, click **Next** then click **Inst
 
    ![Windows setup](images/winsetup7.png) 
 
-Once the installation is complete, sign in and verify that you are at the Windows 10 desktop, then create your first Hyper-V checkpoint. Checkpoints are used to restore the VM to a previous state. You will create multiple checkpoints throughout this process, which can be used later to go through the process again.
+Once the installation is complete, sign in and verify that you are at the Windows 10 desktop, then create your first Hyper-V checkpoint. Checkpoints are used to restore the VM to a previous state. You will create multiple checkpoints throughout this lab, which can be used later to go through the process again.
 
    ![Windows setup](images/winsetup8.png) 
 
@@ -241,20 +250,22 @@ Mode                LastWriteTime         Length Name
 PS C:\HWID>
 </pre>
 
-Verify that there is an **AutopilotHWID.csv** file in the **c:\HWID** directory that is about 8 KB in size.  This file contains the device or VM’s complete 4K HH.  
+Verify that there is an **AutopilotHWID.csv** file in the **c:\HWID** directory that is about 8 KB in size.  This file contains the complete 4K HH.  
 
->Note: Although the .csv extension might be associated with Microsoft Excel, you cannot view the file properly by double-clicking it. To correctly parse the comma delimiters and view the file in Excel, you must use the **Data** > **From Text/CSV** function in Excel to import the appropriate data columns. You don't need to view the file in Excel unless you are curious. The file format will be validated when it is imported into Autopilot.
+**Note**: Although the .csv extension might be associated with Microsoft Excel, you cannot view the file properly by double-clicking it. To correctly parse the comma delimiters and view the file in Excel, you must use the **Data** > **From Text/CSV** function in Excel to import the appropriate data columns. You don't need to view the file in Excel unless you are curious. The file format will be validated when it is imported into Autopilot. An example of the data in this file is shown below.
+
+![Serial number and hardware hash](images/hwid.png)
 
 You will need to upload this data into Intune to register your device for Autopilot, so it needs to be transferred to the computer you will use to access the Azure portal.  If you are using a physical device instead of a VM, you can copy the file to a USB stick.  If you’re using a VM, you can right-click the AutopilotHWID.csv file and copy it, then right-click and paste the file to your desktop (outside the VM). 
 
 If you have trouble copying and pasting the file, just view the contents in Notepad on the VM and copy the text into Notepad outside the VM. Do not use another text editor to do this.
 
 >[!NOTE]
->When copying and pasting to/from VMs, avoid doing other things with your mouse between copying and pasting as this can empty the clipboard and require that you start over. It is especially important that  you don't try to copy anything else before completing the paste operation.
+>When copying and pasting to or from VMs, avoid clicking other things with your mouse cursor between the copy and paste process as this can empty or overwrite the clipboard and require that you start over. Go directly from copy to paste.
 
 ## Reset Virtual Machine back to Out-Of-Box-Experience (OOBE)
 
-With the hardware ID captured, prepare your Virtual Machine for Windows Autopilot deployment by resetting it back to OOBE.
+With the hardware ID captured in a file, prepare your Virtual Machine for Windows Autopilot deployment by resetting it back to OOBE.
 
 On the Virtual Machine, go to **Settings > Update & Security > Recovery** and click on **Get started** under **Reset this PC**.
 Select **Remove everything** and **Just remove my files**. Finally, click on **Reset**.
@@ -318,7 +329,7 @@ Your VM (or device) can be registered either via Intune or Microsoft Store for B
     >[!NOTE]
     >If menu items like **Windows enrollment** are not active for you, then look to the far-right blade in the UI.  You might need to provide Intune configuration privileges in a challenge window that appeared.
 
-2. Under **Add Windows Autopilot devices** in the far right pane, browse to the **AutopilotHWID.csv** file you previously created and copied to your computer.  The file should contain the serial number and 4K HH of your VM (or device).  It’s okay if other fields (Windows Product ID) are left blank.
+2. Under **Add Windows Autopilot devices** in the far right pane, browse to the **AutopilotHWID.csv** file you previously copied to your local computer.  The file should contain the serial number and 4K HH of your VM (or device).  It’s okay if other fields (Windows Product ID) are left blank.
 
     ![HWID CSV](images/hwid-csv.png)
 
@@ -335,15 +346,17 @@ Your VM (or device) can be registered either via Intune or Microsoft Store for B
 >[!IMPORTANT]
 >If you've already registered your VM (or device) using Intune, then skip this step.
 
-See the following video for an overview of the process:
+Optional: see the following video for an overview of the process.
+
+&nbsp;
 
 > [!video https://www.youtube.com/embed/IpLIZU_j7Z0]
 
-First, you need a MSfB account.  You may use the same one you created above for Intune, or follow [these instructions](https://docs.microsoft.com/en-us/microsoft-store/windows-store-for-business-overview) to create a new one.
+First, you need a MSfB account.  You can use the same one you created above for Intune, or follow [these instructions](https://docs.microsoft.com/en-us/microsoft-store/windows-store-for-business-overview) to create a new one.
 
 Next, sign in to [Microsoft Store for Business](https://businessstore.microsoft.com/en-us/store) using your test account by clicking **Sign in** in the upper-right-corner of the main page.
 
-Select **Manage** from the top menu, then click the **Windows Autopilot Deployment Program** link under the **Devices** card.
+Select **Manage** from the top menu, then click the **Windows Autopilot Deployment Program** link under the **Devices** card. See the following example:
 
 ![Microsoft Store for Business](images/msfb.png)
 
@@ -356,7 +369,9 @@ Click the **Add devices** link to upload your CSV file. A message will appear in
 >[!IMPORTANT]
 >Autopilot profiles can be created and assigned to your registered VM or device either through Intune or MSfB.  Both processes are shown here, but only <U>pick one for purposes of this lab</U>:
 
-   [Create profiles using Intune](#create-a-windows-autopilot-deployment-profile-using-intune) or [Create profiles using MSfB](#create-a-windows-autopilot-deployment-profile-using-msfb)
+Pick one:
+- [Create profiles using Intune](#create-a-windows-autopilot-deployment-profile-using-intune)
+- [Create profiles using MSfB](#create-a-windows-autopilot-deployment-profile-using-msfb)
 
 ### Create a Windows Autopilot deployment profile using Intune
 
@@ -407,22 +422,53 @@ Click on **OK** and then click on **Create**.
 
 -----I stopped here-----
 
-Profiles can only be assigned to Groups, so first you must create a group that contains the devices to which the profile should be applied.  More detailed instructions can be found here and here on creating groups, as optional reading.
+Profiles can only be assigned to Groups, so first you must create a group that contains the devices to which the profile should be applied. This guide will provide simple instructions to assign a profile, for more detailed instructions, see [Create an Autopilot device group](https://docs.microsoft.com/intune/enrollment-autopilot#create-an-autopilot-device-group) and [Assign an Autopilot deployment profile to a device group](https://docs.microsoft.com/en-us/intune/enrollment-autopilot#assign-an-autopilot-deployment-profile-to-a-device-group), as optional reading.
 
-To create a Group, open the Azure Portal and select Azure Active Directory > Groups > All groups:
+To create a Group, open the Azure Portal and select **Azure Active Directory** > **Groups** > **All groups**:
 
+![All groups](images/all-groups.png)
+
+Select New group from the Groups blade to open the new groups UI.  Select the “Security” group type, name the group, and select the “Assigned” membership type:
+
+Before clicking **Create**, expand the **Members** panel, click your device's serial number (it will then appear under **Selected members**) and then click **Select** to add that device to this group.
+
+![New group](images/new-group.png)
+
+Now click **Create** to finish creating the new group.
+
+Click on **All groups** and click **Refresh** to verify that your new group has been successfully created.
+
+With a group created containing your device, you can now go back and assign your profile to that group. Navigate back to the Intune page in the Azure portal (one way is to type **Intune** in the top banner search bar and select **Intune** from the results).
+
+From Intune, select **Device enrollment** > **Windows enrollment** > **Deployment Profiles** to open the profile blade.  Click on the name of the profile you previously created (Autopilot Lab profile) to open the details blade for that profile:
+
+![Lab profile](images/deployment-profiles2.png)
+
+Under **Manage**, click **Assignments**, and then with the **Include** tab highlighted, expand the **Select groups** blade and click **AP Lab Group 1** (the group will appear under **Selected members**).
+
+![Include group](images/include-group.png)
+
+Click **Select** and then click **Save**.
+
+![Include group](images/include-group2.png)
+
+It’s also possible to assign specific users to a profile, but we will not cover this scenario in the lab. For more detailed information, see [Enroll Windows devices in Intune by using Windows Autopilot](https://docs.microsoft.com/intune/enrollment-autopilot).
 
 ### Create a Windows Autopilot deployment profile using MSfB
 
-Something here
+If you have already created and assigned a profile via Intune by using the steps immediately above, then skip this section.
 
-### Assign a Windows Autopilot deployment profile
+A [video](https://www.youtube.com/watch?v=IpLIZU_j7Z0) is available that covers the steps required to create and assign profiles in MSfB. These steps are also summarized below.
 
-With the deployment profile created, go back to **Devices** under **Windows Autopilot Deployment Program (Preview)** and select your Virtual Machine. Click on **Assign profile** and in the **Assign Profile** blade select **Autopilot Intune Demo** under the **Autopilot profile**. Click on **Assign**.
+First, sign in to the [Microsoft Store for Business](https://businessstore.microsoft.com/manage/dashboard) using the Intune account you initially created for this lab.
 
-![Assign Autopilot Profile in Microsoft Intune](images/autopilot-intune-profile-assign.jpg)
+Click **Manage** from the top menu, then click **Devices** from the left navigation tree.
 
-Wait a few minutes for all changes to apply.
+![MSfB manage](images/msfb-manage.png)
+
+Click the **Windows Autopilot Deployment Program** link in the **Devices** tile.
+
+---stopped here----
 
 ## See Windows Autopilot in action