deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #409 from MicrosoftDocs/master

Browse Source 
publish to live
This commit is contained in:
Dani Halfin 2019-06-11 13:14:57 -07:00 committed by GitHub
commit 1b79ba408c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
windows/deployment/windows-autopilot/index.md
View File

@ -29,45 +29,45 @@ This guide is intended for use by an IT-specialist, system architect, or busines
## In this guide
<table border="0">
<tr><td>[What's new](windows-autopilot-whats-new.md)<td>Windows Autopilot is always being updated with new features! Check this topic to read about the latests capabilities.
<tr><td><a href="windows-autopilot-whats-new.md">What's new</a> <td>Windows Autopilot is always being updated with new features! Check this topic to read about the latests capabilities.
</table>
### Understanding Windows Autopilot
<table>
<tr><td>[Overview of Windows Autopilot](windows-autopilot.md)<td>A review of Windows Autopilot is provided with a video walkthrough. Benefits and general requirements are discussed.
<tr><td>[Requirements](windows-autopilot-requirements.md)<td>Detailed software, network, licensiing, and configuration requirments are provided.
<tr><td>[Scenarios and Capabilities](windows-autopilot-scenarios.md)<td>A summary of Windows Autopilot deployment scenarios and capabilities.
<tr><td>[Get started](demonstrate-deployment-on-vm.md)<td>Interested in trying out Autopilot? See this step-by-step walkthrough to test Windows Autopilot on a virtual machine or physical device with a free 30-day trial premium Intune account.
<tr><td><a href="windows-autopilot.md">Overview of Windows Autopilot</a><td>A review of Windows Autopilot is provided with a video walkthrough. Benefits and general requirements are discussed.
<tr><td><a href="windows-autopilot-requirements.md">Requirements</a><td>Detailed software, network, licensiing, and configuration requirments are provided.
<tr><td><a href="windows-autopilot-scenarios.md">Scenarios and Capabilities</a><td>A summary of Windows Autopilot deployment scenarios and capabilities.
<tr><td><a href="demonstrate-deployment-on-vm.md">Get started</a><td>Interested in trying out Autopilot? See this step-by-step walkthrough to test Windows Autopilot on a virtual machine or physical device with a free 30-day trial premium Intune account.
</table>
### Deployment scenarios
<table>
<tr><td>[User-driven mode](user-driven.md)<td>Requirements and validation steps for deploying a new Azure Active Directory (AAD) joined or hybrid AAD-joined Windows 10 device are provided.
<tr><td>[Self-deploying mode](self-deploying.md)<td>Requirements and validation steps for deploying a new Windows 10 device device with little to no user interaction are provided.
<tr><td>[Windows Autopilot Reset](windows-autopilot-reset.md)<td>Using Windows Autopilot Reset, a device can be restored to its original settings, taking it back to a business-ready state. Both local and remote reset scenarios are discussed.
<tr><td>[Windows Autopilot for white glove deployment](white-glove.md)<td>Requirements and procedures are described that enable additional policies and apps to be delivered to a Windows Autopilot device.
<tr><td>[Support for existing devices](existing-devices.md)<td>This topic describes how Windows Autopilot can be used to convert Windows 7 or Windows 8.1 domain-joined computers to AAD-joined computers running Windows 10.
<tr><td><a href="user-driven.md">User-driven mode</a><td>Requirements and validation steps for deploying a new Azure Active Directory (AAD) joined or hybrid AAD-joined Windows 10 device are provided.
<tr><td><a href="self-deploying.md">Self-deploying mode</a><td>Requirements and validation steps for deploying a new Windows 10 device device with little to no user interaction are provided.
<tr><td><a href="windows-autopilot-reset.md">Windows Autopilot Reset</a><td>Using Windows Autopilot Reset, a device can be restored to its original settings, taking it back to a business-ready state. Both local and remote reset scenarios are discussed.
<tr><td><a href="white-glove.md">Windows Autopilot for white glove deployment</a><td>Requirements and procedures are described that enable additional policies and apps to be delivered to a Windows Autopilot device.
<tr><td><a href="existing-devices.md">Support for existing devices</a><td>This topic describes how Windows Autopilot can be used to convert Windows 7 or Windows 8.1 domain-joined computers to AAD-joined computers running Windows 10.
</table>
### Using Windows Autopilot
<table>
<tr><td>[Registering devices](add-devices.md)<td>The process of registering a device with the Windows Autopilot deployment service is described.
<tr><td>[Configuring device profiles](profiles.md)<td>The device profile settings that specifie its behavior when it is deployed are described.
<tr><td>[Enrollment status page](enrollment-status.md)<td>Settings that are available on the Enrollment Status Page are described.
<tr><td>[Bitlocker encryptions](bitlocker.md)<td> Available options for configuring BitLocker on Windows Autopilot devices are described.
<tr><td>[Troubleshooting Windows Autopilot](troubleshooting.md)<td>Diagnotic event information and troubleshooting procedures are provided.
<tr><td>[Known issues](known-issues.md)<td>A list of current known issues and solutions is provided.
<tr><td><a href="add-devices.md">Registering devices</a><td>The process of registering a device with the Windows Autopilot deployment service is described.
<tr><td><a href="profiles.md">Configuring device profiles</a><td>The device profile settings that specifie its behavior when it is deployed are described.
<tr><td><a href="enrollment-status.md">Enrollment status page</a><td>Settings that are available on the Enrollment Status Page are described.
<tr><td><a href="bitlocker.md">Bitlocker encryption</a><td> Available options for configuring BitLocker on Windows Autopilot devices are described.
<tr><td><a href="troubleshooting.md">Troubleshooting Windows Autopilot</a><td>Diagnotic event information and troubleshooting procedures are provided.
<tr><td><a href="known-issues.md">Known issues</a><td>A list of current known issues and solutions is provided.
</table>
### Support topics
<table>
<tr><td>[FAQ](autopilot-faq.md)<td>Frequently asked questions on several topics are provided.
<tr><td>[Support contacts](autopilot-support.md)<td>Support information is provided.
<tr><td>[Registration authorization](registration-auth.md)<td>This article discusses how a CSP partner or OEM can obtain customer authorization to register Windows Autopilot devices.
<tr><td><a href="autopilot-faq.md">FAQ</a><td>Frequently asked questions on several topics are provided.
<tr><td><a href="autopilot-support.md">Support contacts</a><td>Support information is provided.
<tr><td><a href="registration-auth.md">Registration authorization</a><td>This article discusses how a CSP partner or OEM can obtain customer authorization to register Windows Autopilot devices.
</table>
## Related topics

30
windows/deployment/windows-autopilot/windows-autopilot-requirements.md
View File

@ -45,36 +45,36 @@ Windows Autopilot depends on a variety of internet-based services. Access to the
In environments that have more restrictive Internet access, or for those that require authentication before internet access can be obtained, additional configuration may be required to whitelist access to the required services. For additional details about each of these services and their specific requirements, review the following details:
<table><th>Service<th>Information
<tr><td>**Windows Autopilot Deployment Service and Windows Activation**<td>After a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 builds 18204 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com. <br>
<tr><td><b>Windows Autopilot Deployment Service and Windows Activation<b><td>After a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 builds 18204 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com. <br>
For all supported Windows 10 releases, Windows Autopilot also uses Windows Activation services. See [Windows activation or validation fails with error code 0x8004FE33](https://support.microsoft.com/help/921471/windows-activation-or-validation-fails-with-error-code-0x8004fe33) for details about problems that might occur when you connect to the Internet through a proxy server.
<tr><td>**Azure Active Directory**<td>User credentials are validated by Azure Active Directory, and the device can also be joined to Azure Active Directory. See [Office 365 IP Address and URL Web service](https://docs.microsoft.com/en-us/office365/enterprise/office-365-ip-web-service) for more information.
<tr><td>**Intune**<td>Once authenticated, Azure Active Directory will trigger enrollment of the device into the Intune MDM service. See the following link for details about network communication requirements: [Intune network configuration requirements and bandwidth](https://docs.microsoft.com/intune/network-bandwidth-use#network-communication-requirements).
<tr><td>**Windows Update**<td>During the OOBE process, as well as after the Windows 10 OS is fully configured, the Windows Update service is leveraged to retrieve needed updates. If there are problems connecting to Windows Update, see [How to solve connection problems concerning Windows Update or Microsoft Update](https://support.microsoft.com/help/818018/how-to-solve-connection-problems-concerning-windows-update-or-microsof).<br>
For all supported Windows 10 releases, Windows Autopilot also uses Windows Activation services. See <a href="https://support.microsoft.com/help/921471/windows-activation-or-validation-fails-with-error-code-0x8004fe33">Windows activation or validation fails with error code 0x8004FE33</a> for details about problems that might occur when you connect to the Internet through a proxy server.
<tr><td><b>Azure Active Directory<b><td>User credentials are validated by Azure Active Directory, and the device can also be joined to Azure Active Directory. See <a href="https://docs.microsoft.com/en-us/office365/enterprise/office-365-ip-web-service">Office 365 IP Address and URL Web service</a> for more information.
<tr><td><b>Intune<b><td>Once authenticated, Azure Active Directory will trigger enrollment of the device into the Intune MDM service. See the following link for details about network communication requirements: <a href="https://docs.microsoft.com/intune/network-bandwidth-use#network-communication-requirements">Intune network configuration requirements and bandwidth</a>.
<tr><td><b>Windows Update<b><td>During the OOBE process, as well as after the Windows 10 OS is fully configured, the Windows Update service is leveraged to retrieve needed updates. If there are problems connecting to Windows Update, see <a href="https://support.microsoft.com/help/818018/how-to-solve-connection-problems-concerning-windows-update-or-microsof">How to solve connection problems concerning Windows Update or Microsoft Update</a>.<br>
If Windows Update is inaccessible, the AutoPilot process will still continue but critical updates will not be available.
<tr><td>**Delivery Optimization**<td>When downloading Windows Updates, Microsoft Store apps and app updates, Office Updates and Intune Win32 Apps, the [Delivery Optimization](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization) service is contacted to enable peer-to-peer sharing of content so that only a few devices need to download it from the internet.<br>
<tr><td><b>Delivery Optimization<b><td>When downloading Windows Updates, Microsoft Store apps and app updates, Office Updates and Intune Win32 Apps, the <a href="https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization">Delivery Optimization</a> service is contacted to enable peer-to-peer sharing of content so that only a few devices need to download it from the internet.<br>
If the Delivery Optimization Service is inaccessible, the AutoPilot process will still continue with Delivery Optimization downloads from the cloud (without peer-to-peer).
<tr><td>**Network Time Protocol (NTP) Sync**<td>When a Windows device starts up, it will talk to a network time server to ensure that the time on the device is accurate. Ensure that UDP port 123 to time.windows.com is accessible.
<tr><td>**Domain Name Services (DNS)**<td>To resolve DNS names for all services, the device communicates with a DNS server, typically provided via DHCP.  This DNS server must be able to resolve internet names.
<tr><td>**Diagnostics data**<td>To enable Windows Analytics and related diagnostics capabilities, see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization).<br>
<tr><td><b>Network Time Protocol (NTP) Sync<b><td>When a Windows device starts up, it will talk to a network time server to ensure that the time on the device is accurate. Ensure that UDP port 123 to time.windows.com is accessible.
<tr><td><b>Domain Name Services (DNS)<b><td>To resolve DNS names for all services, the device communicates with a DNS server, typically provided via DHCP.  This DNS server must be able to resolve internet names.
<tr><td><b>Diagnostics data<b><td>To enable Windows Analytics and related diagnostics capabilities, see <a href="https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization">Configure Windows diagnostic data in your organization</a>.<br>
If diagnostic data cannot be sent, the Autopilot process will still continue, but services that depend on diagnostic data, such as Windows Analytics, will not work.
<tr><td>**Network Connection Status Indicator (NCSI)**<td>Windows must be able to tell that the device is able to access the internet. For more information, see [Network Connection Status Indicator (NCSI)](https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1709-endpoints#network-connection-status-indicator-ncsi).
<tr><td><b>Network Connection Status Indicator (NCSI)<b><td>Windows must be able to tell that the device is able to access the internet. For more information, see <a href="https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1709-endpoints#network-connection-status-indicator-ncsi">Network Connection Status Indicator (NCSI)</a>.
[www.msftconnecttest.com](http://www.msftconnecttest.com) must be resolvable via DNS and accessible via HTTP.
<tr><td>**Windows Notification Services (WNS)**<td>This service is used to enable Windows to receive notifications from apps and services. See [Microsoft Store](https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1809-endpoints#microsoft-store) for more information.<br>
<a href="http://www.msftconnecttest.com">www.msftconnecttest.com</a> must be resolvable via DNS and accessible via HTTP.
<tr><td><b>Windows Notification Services (WNS)<b><td>This service is used to enable Windows to receive notifications from apps and services. See <a href="https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1809-endpoints#microsoft-store">Microsoft Store</a> for more information.<br>
If the WNS services are not available, the Autopilot process will still continue without notifications.
<tr><td>**Microsoft Store, Microsoft Store for Business**<td>Apps in the Microsoft Store can be pushed to the device, triggered via Intune (MDM).  App updates and additional apps may also be needed when the user first logs in. For more information, see [Prerequisites for Microsoft Store for Business and Education](https://docs.microsoft.com/microsoft-store/prerequisites-microsoft-store-for-business)(also includes Azure AD and Windows Notification Services).<br>
<tr><td><b>Microsoft Store, Microsoft Store for Business<b><td>Apps in the Microsoft Store can be pushed to the device, triggered via Intune (MDM).  App updates and additional apps may also be needed when the user first logs in. For more information, see <a href="https://docs.microsoft.com/microsoft-store/prerequisites-microsoft-store-for-business">Prerequisites for Microsoft Store for Business and Education</a> (also includes Azure AD and Windows Notification Services).<br>
If the Microsoft Store is not accessible, the AutoPilot process will still continue without Microsoft Store apps.
<tr><td>**Office 365**<td>As part of the Intune device configuration, installation of Office 365 ProPlus may be required. For more information, see [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2)(includes all Office services, DNS names, IP addresses; includes Azure AD and other services that may overlap with those listed above).
<tr><td>**Certificate revocation lists (CRLs)**<td>Some of these services will also need to check certificate revocation lists (CRLs) for certificates used in the services.  A full list of these is documented at [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2#bkmk_crl) and [Office 365 Certificate Chains](https://aka.ms/o365chains).
<tr><td><b>Office 365<b><td>As part of the Intune device configuration, installation of Office 365 ProPlus may be required. For more information, see <a href="https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2">Office 365 URLs and IP address ranges</a> (includes all Office services, DNS names, IP addresses; includes Azure AD and other services that may overlap with those listed above).
<tr><td><b>Certificate revocation lists (CRLs)<b><td>Some of these services will also need to check certificate revocation lists (CRLs) for certificates used in the services.  A full list of these is documented at <a href="https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2#bkmk_crl">Office 365 URLs and IP address ranges</a> and <a href="https://aka.ms/o365chains">Office 365 Certificate Chains</a>.
</table>
## Licensing requirements

1
windows/deployment/windows-autopilot/windows-autopilot-whats-new.md
View File

@ -27,6 +27,7 @@ ms.topic: article
[Windows Autopilot for white glove deployment](white-glove.md) is new in Windows 10, version 1903. See the following video:
<br>
> [!VIDEO https://www.youtube.com/embed/nE5XSOBV0rI]
Also new in this version of Windows: