mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-15 02:13:43 +00:00
Several changes including deployment ring updates
This commit is contained in:
Andre Della Monica
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Register your devices
|
||||
description: This article details how to register devices in Autopatch
|
||||
ms.date: 08/04/2022
|
||||
ms.date: 08/05/2022
|
||||
ms.prod: w11
|
||||
ms.technology: windows
|
||||
ms.topic: how-to
|
||||
@ -18,7 +18,7 @@ Before Microsoft can manage your devices in Windows Autopatch, you must have dev
|
||||
|
||||
## Before you begin
|
||||
|
||||
Windows Autopatch can take over software update management of supported devices as soon as an IT admin decides to have their tenant managed by the service. The Windows Autopatch software update management scope includes:
|
||||
Windows Autopatch can take over software update management control of devices that meet software-based pre-requisittes as soon as an IT admin decides to have their tenant managed by the service. The Windows Autopatch software update management scope includes the following software update workloads:
|
||||
|
||||
- [Windows quality updates](../operate/windows-autopatch-wqu-overview.md)
|
||||
- [Windows feature updates](../operate/windows-autopatch-fu-overview.md)
|
||||
@ -31,7 +31,7 @@ Windows Autopatch can take over software update management of supported devices
|
||||
You must choose what devices to manage with Windows Autopatch by either adding them through direct membership or by nesting other Azure AD dynamic/assigned groups into the **Windows Autopatch Device Registration** Azure AD assigned group. Windows Autopatch automatically runs its discover devices function every hour to discover new devices added to this group. Once new devices are discovered, Windows Autopatch attempts to register these devices.
|
||||
|
||||
> [!NOTE]
|
||||
> Devices that are intended to be managed by the Windows Autopatch service **must** be added into the **Windows Autopatch Device Registration** Azure AD assigned group. Devices can only be added to this group if they have an Azure AD device ID. Windows Autopatch scans the Azure AD group hourly to discover newly added devices to be registered. You can also use the **Discover devices** button in either the Ready or Not ready tab to register devices on demand.
|
||||
> Devices that are intended to be managed by the Windows Autopatch service **must** be added into the **Windows Autopatch Device Registration** Azure AD assigned group. Devices can only be added to this group if they have an Azure AD device ID. Windows Autopatch scans the Azure AD group hourly to discover newly added devices to be registered. You can also use the **Discover devices** button in either the **Ready** or **Not ready** tab to register devices on demand.
|
||||
|
||||
#### Supported scenarios when nesting other Azure AD groups
|
||||
|
||||
@ -48,9 +48,6 @@ Azure AD groups synced up from:
|
||||
> [!IMPORTANT]
|
||||
> The **Windows Autopatch Device Registration** Azure AD group only supports one level of Azure AD nested groups.
|
||||
|
||||
> [!TIP]
|
||||
> You can also use the **Discover Devices** button in either the Ready or Not ready tab to discover devices from the **Windows Autopatch Device Registration** Azure AD group on demand.
|
||||
|
||||
### Clean up dual state of Hybrid Azure AD joined and Azure registered devices in your Azure AD tenant
|
||||
|
||||
An [Azure AD dual state](/azure/active-directory/devices/hybrid-azuread-join-plan#handling-devices-with-azure-ad-registered-state) occurs when a device is initially connected to Azure AD as an [Azure AD Registered](/azure/active-directory/devices/concept-azure-ad-register) device. However, when you enable Hybrid Azure AD join, the same device is connected twice to Azure AD but as a [Hybrid Azure AD device](/azure/active-directory/devices/concept-azure-ad-join-hybrid).
|
||||
@ -66,7 +63,7 @@ It's recommended to detect and clean up stale devices in Azure AD before registe
|
||||
|
||||
To be eligible for Windows Autopatch management, devices must meet a minimum set of required software-based prerequisites:
|
||||
|
||||
- Windows 10 (1809+)/11 Enterprise and Professional edition versions (only x64 architecture).
|
||||
- Windows 10 (1809+)/11 Enterprise or Professional editions (only x64 architecture).
|
||||
- Either [Hybrid Azure AD-Joined](/azure/active-directory/devices/concept-azure-ad-join-hybrid) or [Azure AD-joined only](/azure/active-directory/devices/concept-azure-ad-join-hybrid) (personal devices aren't supported).
|
||||
- Managed by Microsoft Endpoint Manager.
|
||||
- [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune) and/or [Configuration Manager Co-management](/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites#configuration-manager-co-management-requirements).
|
||||
@ -105,33 +102,39 @@ For more information, see [Azure AD built-in roles](/azure/active-directory/role
|
||||
|
||||
## Details about the device registration process
|
||||
|
||||
Registering your devices in Windows Autopatch does the following:
|
||||
Registering your devices with Windows Autopatch does the following:
|
||||
|
||||
1. Makes a record of devices in the service.
|
||||
2. Assign devices into the deployment ring groups and other groups required for software updates management.
|
||||
2. Assign devices to the [deployment rings](../operate/windows-autopatch-update-management.md) and other groups required for software updates management.
|
||||
|
||||
See [Device Registration Overview](../deploy/windows-autopatch-device-registration-overview.md) for more details.
|
||||
|
||||
## Steps to register devices
|
||||
|
||||
Any device (either physical or virtual) that contains an Azure AD device ID can be added into the **Windows Autopatch Device Registration** Azure AD group to be registered with Windows Autopatch.
|
||||
Any device (either physical or virtual) that contains an Azure AD device ID can be added into the **Windows Autopatch Device Registration** Azure AD group through either direct membership or by being part of another Azure AD group (either dynamic or assigned) that's nested to this group, so it can be registered with Windows Autopatch. The only exception is new Windows 365 Cloud PCs, as these virtual devices must be registered with Windows Autopatch from the Windows 365 provisioning policy. See [Windows Autopatch on WIndows 365 Enterprise Workloads](#windows-autopatch-on-windows-365-enterprise-workloads) for details.
|
||||
Since existing Windows 365 Cloud PCs already have an existing Azure AD device ID, these devices can be added into the **Windows Autopatch Device Registration** Azure group through either direct membership or by being part of another Azure AD group (either dynamic or assigned) that's nested to this group.
|
||||
|
||||
**To register physical devices into Windows Autopatch:**
|
||||
**To register devices with Windows Autopatch:**
|
||||
|
||||
1. Go to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com/).
|
||||
2. Select **Windows Autopatch** from the left navigation menu.
|
||||
3. Select **Devices**.
|
||||
4. Select the **Ready** tab, then select the **Windows Autopatch Device Registration** hyperlink. The Azure Active Directory group blade opens.
|
||||
5. Add either devices through direct membership, or other Azure Active Directory dynamic or assigned groups as nested groups in the **Windows Autopatch Device Registration** group.
|
||||
4. Select either the **Ready** or the **Not ready** tab, then click on the **Windows Autopatch Device Registration** hyperlink. The Azure Active Directory group blade opens.
|
||||
5. Add either devices through direct membership, or other Azure AD dynamic or assigned groups as nested groups in the **Windows Autopatch Device Registration** group.
|
||||
|
||||
> [!NOTE]
|
||||
> The **Windows Autopatch Device Registration** hyperlink is in the center of the Ready tab when there's no devices registered with the Windows Autopatch service. Once you have one or more devices registered with the Windows Autopatch service, the **Windows Autopatch Device registration** hyperlink is at the top of both Ready and Not ready tabs.
|
||||
|
||||
Once devices or Azure AD groups containing devices are added to the **Windows Autopatch Device Registration** group, Windows Autopatch discovers these devices, and runs software-based prerequisite checks to try to register them with its service.
|
||||
Once devices or other Azure AD groups (either dynamic or assigned) containing devices are added to the **Windows Autopatch Device Registration** group, Windows Autopatch's device discovery hourly function discovers these devices, and runs software-based prerequisite checks to try to register them with its service.
|
||||
|
||||
> [!TIP]
|
||||
> You can also use the **Discover Devices** button in either the **Ready** or **Not ready** tab to discover devices from the **Windows Autopatch Device Registration** Azure AD group on demand.
|
||||
|
||||
### Windows Autopatch on Windows 365 Enterprise Workloads
|
||||
|
||||
With Windows 365 Enterprise, IT admins are given the option to register devices with the Windows Autopatch service as part of the Windows 365 provisioning policy creation. This option provides a seamless experience for admins and users to ensure your Cloud PCs are always up to date. When IT admins decide to manage their Windows 365 Cloud PCs with Windows Autopatch, the Windows 365 provisioning policy creation process calls Windows Autopatch device registration APIs to register devices on behalf of the IT admin.
|
||||
Windows 365 Enterprise gives IT admins the option to register devices with the Windows Autopatch service as part of the Windows 365 provisioning policy creation. This option provides a seamless experience for admins and users to ensure your Cloud PCs are always up to date. When IT admins decide to manage their Windows 365 Cloud PCs with Windows Autopatch, the Windows 365 provisioning policy creation process calls Windows Autopatch device registration APIs to register devices on behalf of the IT admin.
|
||||
|
||||
**To deploy Windows Autopatch on a Windows 365 Provisioning Policy:**
|
||||
**To register new Windows 365 Cloud PC devices with Windows Autopatch from the Windows 365 Provisioning Policy:**
|
||||
|
||||
1. Go to the [Microsoft Endpoint Manager](https://endpoint.microsoft.com/) admin center.
|
||||
1. In the left pane, select **Devices**.
|
||||
@ -144,11 +147,7 @@ With Windows 365 Enterprise, IT admins are given the option to register devices
|
||||
1. Assign your policy accordingly and select **Next**.
|
||||
1. Select **Create**. Now your newly provisioned Windows 365 Enterprise Cloud PCs will automatically be enrolled and managed by Windows Autopatch.
|
||||
|
||||
For general guidance, see [Create a Windows 365 Provisioning Policy](/windows-365/enterprise/create-provisioning-policy).
|
||||
|
||||
#### Deploy Autopatch on Windows 365 for existing Cloud PC
|
||||
|
||||
All your existing Windows 365 Enterprise workloads can be registered into Windows Autopatch by leveraging the same method for any other physical or virtual device. See [steps to register devices](#steps-to-register-devices) for more details.
|
||||
See [Create a Windows 365 Provisioning Policy](/windows-365/enterprise/create-provisioning-policy) for more information.
|
||||
|
||||
### Contact support for device registration-related incidents
|
||||
|
||||
|
||||
Reference in New Issue
Block a user