Date: Tue, 23 Mar 2021 18:14:16 -0700
Subject: [PATCH 28/29] Various corrections to layout
---
.../demonstrate-deployment-on-vm.md | 121 +++++++++---------
1 file changed, 64 insertions(+), 57 deletions(-)
diff --git a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
index 53c1ba2994..e82d036a69 100644
--- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
+++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
@@ -31,7 +31,7 @@ In this topic you'll learn how to set-up a Windows Autopilot deployment for a VM
> [!NOTE]
> Although there are [multiple platforms](add-devices.md#registering-devices) available to enable Autopilot, this lab primarily uses Intune.
-
+>
> Hyper-V and a VM are not required for this lab. You can also use a physical device. However, the instructions assume that you are using a VM. To use a physical device, skip the instructions to install Hyper-V and create a VM. All references to 'device' in the guide refer to the client device, either physical or virtual.
The following video provides an overview of the process:
@@ -53,7 +53,7 @@ These are the things you'll need to complete this lab:
A summary of the sections and procedures in the lab is provided below. Follow each section in the order it is presented, skipping the sections that do not apply to you. Optional procedures are provided in the appendix.
-> If you already have Hyper-V and a Windows 10 VM, you can skip directly to the [Capture the hardware ID](#capture-the-hardware-id) step. The VM must be running Windows 10, version 1903 or a later version.
+If you already have Hyper-V and a Windows 10 VM, you can skip directly to the [Capture the hardware ID](#capture-the-hardware-id) step. The VM must be running Windows 10, version 1903 or a later version.
[Verify support for Hyper-V](#verify-support-for-hyper-v)
[Enable Hyper-V](#enable-hyper-v)
@@ -113,7 +113,7 @@ Install-WindowsFeature -Name Hyper-V -IncludeManagementTools
When you are prompted to restart the computer, choose **Yes**. The computer might restart more than once.
-> Alternatively, you can install Hyper-V using the Control Panel in Windows under **Turn Windows features on or off** for a client operating system, or using Server Manager's **Add Roles and Features Wizard** on a server operating system, as shown below:
+Alternatively, you can install Hyper-V using the Control Panel in Windows under **Turn Windows features on or off** for a client operating system, or using Server Manager's **Add Roles and Features Wizard** on a server operating system, as shown below:
@@ -132,21 +132,27 @@ Now that Hyper-V is enabled, we need to create a VM running Windows 10. We can [
To use Windows PowerShell, we just need to know two things:
1. The location of the Windows 10 ISO file.
- - In the example, we assume the location is **c:\iso\win10-eval.iso**.
+
+ In the example, we assume the location is **c:\iso\win10-eval.iso**.
+
2. The name of the network interface that connects to the Internet.
- - In the example, we use a Windows PowerShell command to determine this automatically.
+
+ In the example, we use a Windows PowerShell command to determine this automatically.
After we have set the ISO file location and determined the name of the appropriate network interface, we can install Windows 10.
### Set ISO file location
-You can download an ISO file for an evaluation version of the latest release of Windows 10 Enterprise [here](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise).
-- When asked to select a platform, choose **64 bit**.
+You can download an ISO file for an evaluation version of the latest release of Windows 10 Enterprise from [Evaluation Center](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise).
+
+When asked to select a platform, choose **64 bit**.
After you download this file, the name will be extremely long (ex: 19042.508.200927-1902.20h2_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso).
1. So that it is easier to type and remember, rename the file to **win10-eval.iso**.
+
2. Create a directory on your computer named **c:\iso** and move the **win10-eval.iso** file there, so the path to the file is **c:\iso\win10-eval.iso**.
+
3. If you wish to use a different name and location for the file, you must modify the Windows PowerShell commands below to use your custom name and directory.
### Determine network adapter name
@@ -239,7 +245,8 @@ After the VM restarts, during OOBE, it's fine to select **Set up for personal us
Once the installation is complete, sign in and verify that you are at the Windows 10 desktop, then create your first Hyper-V checkpoint. Checkpoints are used to restore the VM to a previous state.
- 
+ > [!div class="mx-imgBorder"]
+ > 
To create a checkpoint, open an elevated Windows PowerShell prompt on the computer running Hyper-V (not on the VM) and run the following:
@@ -267,62 +274,62 @@ Follow these steps to run the PowerShell script:
Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv
```
-When you are prompted to install the NuGet package, choose **Yes**.
+1. When you are prompted to install the NuGet package, choose **Yes**.
-See the sample output below. A 'dir' command is issued at the end to show the file that was created.
+ See the sample output below. A **dir** command is issued at the end to show the file that was created.
-
-PS C:\> md c:\HWID
+ ```console
+ PS C:\> md c:\HWID
+
+ Directory: C:\
+
+
+ Mode LastWriteTime Length Name
+ ---- ------------- ------ ----
+ d----- 11/13/2020 3:00 PM HWID
+
+
+ PS C:\Windows\system32> Set-Location c:\HWID
+ PS C:\HWID> Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force
+ PS C:\HWID> Install-Script -Name Get-WindowsAutopilotInfo -Force
+
+ NuGet provider is required to continue
+ PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet
+ provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
+ 'C:\Users\user1\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running
+ 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and
+ import the NuGet provider now?
+ [Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y
+ PS C:\HWID> $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts"
+ PS C:\HWID> Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv
+ Gathered details for device with serial number: 1804-7078-6805-7405-0796-0675-17
+ PS C:\HWID> dir
+
+
+ Directory: C:\HWID
+
+
+ Mode LastWriteTime Length Name
+ ---- ------------- ------ ----
+ -a---- 11/13/2020 3:01 PM 8184 AutopilotHWID.csv
+
+
+ PS C:\HWID>
+ ```
+
+1. Verify that there is an **AutopilotHWID.csv** file in the **c:\HWID** directory that is about 8 KB in size. This file contains the complete 4K HH.
- Directory: C:\
+ > [!NOTE]
+ > Although the .csv extension might be associated with Microsoft Excel, you cannot view the file properly by double-clicking it. To correctly parse the comma delimiters and view the file in Excel, you must use the **Data** > **From Text/CSV** function in Excel to import the appropriate data columns. You don't need to view the file in Excel unless you are curious. The file format will be validated when it is imported into Autopilot. An example of the data in this file is shown below.
+ 
-Mode LastWriteTime Length Name
----- ------------- ------ ----
-d----- 11/13/2020 3:00 PM HWID
+ You will need to upload this data into Intune to register your device for Autopilot, so the next step is to transfer this file to the computer you will use to access the Azure portal. If you are using a physical device instead of a VM, you can copy the file to a USB stick. If you’re using a VM, you can right-click the AutopilotHWID.csv file and copy it, then right-click and paste the file to your desktop (outside the VM).
+ If you have trouble copying and pasting the file, just view the contents in Notepad on the VM and copy the text into Notepad outside the VM. Do not use another text editor to do this.
-PS C:\Windows\system32> Set-Location c:\HWID
-PS C:\HWID> Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force
-PS C:\HWID> Install-Script -Name Get-WindowsAutopilotInfo -Force
-
-NuGet provider is required to continue
-PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet
- provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
-'C:\Users\user1\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running
- 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and
-import the NuGet provider now?
-[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y
-PS C:\HWID> $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts"
-PS C:\HWID> Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv
-Gathered details for device with serial number: 1804-7078-6805-7405-0796-0675-17
-PS C:\HWID> dir
-
-
- Directory: C:\HWID
-
-
-Mode LastWriteTime Length Name
----- ------------- ------ ----
--a---- 11/13/2020 3:01 PM 8184 AutopilotHWID.csv
-
-
-PS C:\HWID>
-
-
-Verify that there is an **AutopilotHWID.csv** file in the **c:\HWID** directory that is about 8 KB in size. This file contains the complete 4K HH.
-
-> [!NOTE]
-> Although the .csv extension might be associated with Microsoft Excel, you cannot view the file properly by double-clicking it. To correctly parse the comma delimiters and view the file in Excel, you must use the **Data** > **From Text/CSV** function in Excel to import the appropriate data columns. You don't need to view the file in Excel unless you are curious. The file format will be validated when it is imported into Autopilot. An example of the data in this file is shown below.
-
-
-
-You will need to upload this data into Intune to register your device for Autopilot, so the next step is to transfer this file to the computer you will use to access the Azure portal. If you are using a physical device instead of a VM, you can copy the file to a USB stick. If you’re using a VM, you can right-click the AutopilotHWID.csv file and copy it, then right-click and paste the file to your desktop (outside the VM).
-
-If you have trouble copying and pasting the file, just view the contents in Notepad on the VM and copy the text into Notepad outside the VM. Do not use another text editor to do this.
-
-> [!NOTE]
-> When copying and pasting to or from VMs, avoid clicking other things with your mouse cursor between the copy and paste process as this can empty or overwrite the clipboard and require that you start over. Go directly from copy to paste.
+ > [!NOTE]
+ > When copying and pasting to or from VMs, avoid clicking other things with your mouse cursor between the copy and paste process as this can empty or overwrite the clipboard and require that you start over. Go directly from copy to paste.
## Reset the VM back to Out-Of-Box-Experience (OOBE)
From 7c1dda4f1cd21e98f7161b93be537b8a4e8b272e Mon Sep 17 00:00:00 2001
From: Gary Moore
Date: Tue, 23 Mar 2021 20:01:40 -0700
Subject: [PATCH 29/29] Fixes to layout and markup
---
.../demonstrate-deployment-on-vm.md | 103 ++++++++++++------
1 file changed, 68 insertions(+), 35 deletions(-)
diff --git a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
index e82d036a69..d6bd2950fc 100644
--- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
+++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
@@ -453,14 +453,17 @@ Pick one:
The Autopilot deployment profile wizard will ask for a device group, so we must create one first. To create a device group:
1. In the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), choose **Groups** > **New group**.
+
2. In the **Group** blade:
1. For **Group type**, choose **Security**.
2. Type a **Group name** and **Group description** (ex: Autopilot Lab).
3. Azure AD roles can be assigned to the group: **No**
4. For **Membership type**, choose **Assigned**.
+
3. Click **Members** and add the Autopilot VM to the group. See the following example:
- 
+ > [!div class="mx-imgBorder"]
+ > 
4. Click **Create**.
@@ -468,11 +471,13 @@ The Autopilot deployment profile wizard will ask for a device group, so we must
To create a Windows Autopilot profile, scroll back to the left hand pane and click **Devices**, then under **Enroll devices | Windows enrollment** select **Deployment Profiles**.
-
+> [!div class="mx-imgBorder"]
+> 
Click on **Create profile** and then select **Windows PC**.
-
+> [!div class="mx-imgBorder"]
+> 
On the **Create profile** blade, use the following values:
@@ -511,6 +516,7 @@ Click **Next** to continue with the **Assignments** settings:
Click on **OK** and then click on **Create**.
+> [!NOTE]
> If you want to add an app to your profile via Intune, the OPTIONAL steps for doing so can be found in [Appendix B: Adding apps to your profile](#appendix-b-adding-apps-to-your-profile).
### Create a Windows Autopilot deployment profile using MSfB
@@ -531,15 +537,18 @@ To CREATE the profile:
Select your device from the **Devices** list:
-
+> [!div class="mx-imgBorder"]
+> 
On the Autopilot deployment dropdown menu, select **Create new profile**:
-
+> [!div class="mx-imgBorder"]
+> 
Name the profile, choose your desired settings, and then click **Create**:
-
+> [!div class="mx-imgBorder"]
+> 
The new profile is added to the Autopilot deployment list.
@@ -547,11 +556,13 @@ To ASSIGN the profile:
To assign (or reassign) the profile to a device, select the checkboxes next to the device you registered for this lab, then select the profile you want to assign from the **Autopilot deployment** dropdown menu as shown:
-
+> [!div class="mx-imgBorder"]
+> 
Confirm the profile was successfully assigned to the intended device by checking the contents of the **Profile** column:
-
+> [!div class="mx-imgBorder"]
+> 
> [!IMPORTANT]
> The new profile will only be applied if the device has not been started, and gone through OOBE. Settings from a different profile can't be applied when another profile has been applied. Windows would need to be reinstalled on the device for the second profile to be applied to the device.
@@ -560,7 +571,8 @@ Confirm the profile was successfully assigned to the intended device by checking
If you shut down your VM after the last reset, it's time to start it back up again, so it can progress through the Autopilot OOBE experience but do not attempt to start your device again until the **PROFILE STATUS** for your device in Intune has changed from **Not assigned** to **Assigning** and finally **Assigned**:
-
+> [!div class="mx-imgBorder"]
+> 
Also, make sure to wait at least 30 minutes from the time you've [configured company branding](#configure-company-branding), otherwise these changes might not show up.
@@ -575,7 +587,8 @@ Also, make sure to wait at least 30 minutes from the time you've [configured com
Soon after reaching the desktop, the device should show up in Intune as an **enabled** Autopilot device. Go into the Intune Azure portal, and select **Devices > All devices**, then **Refresh** the data to verify that your device has changed from disabled to enabled, and the name of the device is updated.
-
+> [!div class="mx-imgBorder"]
+> 
Once you select a language and a keyboard layout, your company branded sign-in screen should appear. Provide your Azure Active Directory credentials and you're all done.
@@ -592,18 +605,20 @@ To use the device (or VM) for other purposes after completion of this lab, you w
You need to delete (or retire, or factory reset) the device from Intune before deregistering the device from Autopilot. To delete the device from Intune (not Azure Active Directory), log into the MEM admin center, then navigate to **Intune > Devices > All Devices**. Select the device you want to delete, then click the Delete button along the top menu.
-
+> [!div class="mx-imgBorder"]
+> 
This will remove the device from Intune management, and it will disappear from **Intune > Devices > All devices**. But this does not yet deregister the device from Autopilot, so the device should still appear under **Intune > Device Enrollment > Windows Enrollment > Windows Autopilot Deployment Program > Devices**.
The **Intune > Devices > All Devices** list and the **Intune > Device Enrollment > Windows Enrollment > Windows Autopilot Deployment Program > Devices** list mean different things and are two completely separate datastores. The former (All devices) is the list of devices currently enrolled into Intune.
> [!NOTE]
-> A device will only appear in the All devices list once it has booted. The latter (Windows Autopilot Deployment Program > Devices) is the list of devices currently registered from that Intune account into the Autopilot program - which may or may not be enrolled to Intune.
+> A device will only appear in the All devices list once it has booted. The latter (**Windows Autopilot Deployment Program** > **Devices**) is the list of devices currently registered from that Intune account into the Autopilot program - which may or may not be enrolled to Intune.
To remove the device from the Autopilot program, select the device and click **Delete**. You will get a popup dialog box to confirm deletion.
-
+> [!div class="mx-imgBorder"]
+> 
At this point, your device has been unenrolled from Intune and also deregistered from Autopilot. After several minutes, click the **Sync** button, followed by the **Refresh** button to confirm the device is no longer listed in the Autopilot program:
@@ -617,7 +632,7 @@ Starting with Windows 8, the host computer's microprocessor must support second
To verify your computer supports SLAT, open an administrator command prompt, type **systeminfo**, press ENTER, scroll down, and review the section displayed at the bottom of the output, next to Hyper-V Requirements. See the following example:
-
+```console
C:>systeminfo
...
@@ -625,15 +640,16 @@ Hyper-V Requirements: VM Monitor Mode Extensions: Yes
Virtualization Enabled In Firmware: Yes
Second Level Address Translation: Yes
Data Execution Prevention Available: Yes
-
+```
In this example, the computer supports SLAT and Hyper-V.
+> [!NOTE]
> If one or more requirements are evaluated as **No** then the computer does not support installing Hyper-V. However, if only the virtualization setting is incompatible, you might be able to enable virtualization in the BIOS and change the **Virtualization Enabled In Firmware** setting from **No** to **Yes**. The location of this setting will depend on the manufacturer and BIOS version, but is typically found associated with the BIOS security settings.
You can also identify Hyper-V support using [tools](https://blogs.msdn.microsoft.com/taylorb/2008/06/19/hyper-v-will-my-computer-run-hyper-v-detecting-intel-vt-and-amd-v/) provided by the processor manufacturer, the [msinfo32](https://technet.microsoft.com/library/cc731397.aspx) tool, or you can download the [Coreinfo](https://technet.microsoft.com/sysinternals/cc835722) utility and run it, as shown in the following example:
-
+```console
C:>coreinfo -v
Coreinfo v3.31 - Dump information on system CPU and memory topology
@@ -646,7 +662,7 @@ Microcode signature: 0000001B
HYPERVISOR - Hypervisor is present
VMX * Supports Intel hardware-assisted virtualization
EPT * Supports Intel extended page tables (SLAT)
-
+```
> [!NOTE]
> A 64-bit operating system is required to run Hyper-V.
@@ -669,7 +685,8 @@ Download the Notepad++ msi package [here](https://www.hass.de/content/notepad-ms
Run the IntuneWinAppUtil tool, supplying answers to the three questions, for example:
-
+> [!div class="mx-imgBorder"]
+> 
After the tool finishes running, you should have an .intunewin file in the Output folder, which you can now upload into Intune using the following steps.
@@ -687,7 +704,8 @@ Under **App Type**, select **Windows app (Win32)**:
On the **App package file** blade, browse to the **npp.7.6.3.installer.x64.intunewin** file in your output folder, open it, then click **OK**:
-
+> [!div class="mx-imgBorder"]
+> 
On the **App Information Configure** blade, provide a friendly name, description, and publisher, such as:
@@ -695,8 +713,10 @@ On the **App Information Configure** blade, provide a friendly name, description
On the **Program Configuration** blade, supply the install and uninstall commands:
+```console
Install: msiexec /i "npp.7.6.3.installer.x64.msi" /q
Uninstall: msiexec /x "{F188A506-C3C6-4411-BE3A-DA5BF1EA6737}" /q
+```
> [!NOTE]
> Likely, you do not have to write the install and uninstall commands yourself because the [IntuneWinAppUtil.exe command-line tool](https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool) automatically generated them when it converted the .msi file into a .intunewin file.
@@ -709,11 +729,13 @@ Click **OK** to save your input and activate the **Requirements** blade.
On the **Requirements Configuration** blade, specify the **OS architecture** and the **Minimum OS version**:
-
+> [!div class="mx-imgBorder"]
+> 
Next, configure the **Detection rules**. For our purposes, we will select manual format:
-
+> [!div class="mx-imgBorder"]
+> 
Click **Add** to define the rule properties. For **Rule type**, select **MSI**, which will automatically import the right MSI product code into the rule:
@@ -723,7 +745,8 @@ Click **OK** twice to save, as you back out to the main **Add app** blade again
**Return codes**: For our purposes, leave the return codes at their default values:
-
+> [!div class="mx-imgBorder"]
+> 
Click **OK** to exit.
@@ -733,11 +756,13 @@ Click the **Add** button to finalize and save your app package.
Once the indicator message says the addition has completed.
-
+> [!div class="mx-imgBorder"]
+> 
You will be able to find your app in your app list:
-
+> [!div class="mx-imgBorder"]
+> 
#### Assign the app to your Intune profile
@@ -746,19 +771,22 @@ You will be able to find your app in your app list:
In the **Intune > Client Apps > Apps** pane, select the app package you already created to reveal its properties blade. Then click **Assignments** from the menu:
-
+> [!div class="mx-imgBorder"]
+> 
Select **Add Group** to open the **Add group** pane that is related to the app.
-For our purposes, select **Required** from the **Assignment type** dropdown menu:
+For our purposes, select **Required** from the **Assignment type** dropdown menu.
+> [!NOTE]
> **Available for enrolled devices** means users install the app from the Company Portal app or Company Portal website.
Select **Included Groups** and assign the groups you previously created that will use this app:
-
+> [!div class="mx-imgBorder"]
+> 
In the **Select groups** pane, click the **Select** button.
@@ -768,7 +796,8 @@ In the **Add group** pane, select **OK**.
In the app **Assignments** pane, select **Save**.
-
+> [!div class="mx-imgBorder"]
+> 
At this point, you have completed steps to add a Win32 app to Intune.
@@ -790,15 +819,17 @@ Under **App Type**, select **Office 365 Suite > Windows 10**:
Under the **Configure App Suite** pane, select the Office apps you want to install. For the purposes of this labe we have only selected Excel:
-
+> [!div class="mx-imgBorder"]
+> 
Click **OK**.
In the **App Suite Information** pane, enter a unique suite name, and a suitable description.
-> Enter the name of the app suite as it is displayed in the company portal. Make sure that all suite names that you use are unique. If the same app suite name exists twice, only one of the apps is displayed to users in the company portal.
+Enter the name of the app suite as it is displayed in the company portal. Make sure that all suite names that you use are unique. If the same app suite name exists twice, only one of the apps is displayed to users in the company portal.
-
+> [!div class="mx-imgBorder"]
+> 
Click **OK**.
@@ -815,19 +846,21 @@ Click **OK** and then click **Add**.
In the **Intune > Client Apps > Apps** pane, select the Office package you already created to reveal its properties blade. Then click **Assignments** from the menu:
-
+> [!div class="mx-imgBorder"]
+> 
Select **Add Group** to open the **Add group** pane that is related to the app.
-For our purposes, select **Required** from the **Assignment type** dropdown menu:
+For our purposes, select **Required** from the **Assignment type** dropdown menu.
-> **Available for enrolled devices** means users install the app from the Company Portal app or Company Portal website.
+**Available for enrolled devices** means users install the app from the Company Portal app or Company Portal website.
Select **Included Groups** and assign the groups you previously created that will use this app:
-
+> [!div class="mx-imgBorder"]
+> 
In the **Select groups** pane, click the **Select** button.