Preparing for AutoPilot Deployment: Powershell script to provision and deploy our systems
In today's blog post, we're diving into the world of PowerShell scripting for Autopilot provisioning. When it comes to deploying systems efficiently, there's always more than one way to tackle the task. Here, we'll explore the PowerShell script I've crafted to streamline our Autopilot deployment process.
What Does Our Script Do?
Our PowerShell script is designed to handle several key tasks in the Autopilot provisioning journey:
Set App Details: The script sets the necessary details to the Azure Active Directory (AAD) App we've registered, granting access for the system to join our Intune environment seamlessly.
Set Group Tag: Next, it sets the group tag on the device to “P14”. This tag ensures that the device is joined to the dynamic group assigned the deployment profile, facilitating targeted provisioning.
Inject Autopilot Information: The script retrieves and injects the Windows Autopilot information from the system into our Intune environment. This step is crucial for accurately registering and configuring the device within our deployment framework.
Windows Update: Finally, the script runs through the Windows update process on the system, ensuring that it's up-to-date and equipped with the latest security patches and enhancements.
By automating these tasks through PowerShell scripting, we're able to expedite the Autopilot provisioning process, reduce manual intervention, and maintain consistency across deployments.
Script Below:
#Variables $TenantID = "XXXXXXXXXXXX"
$AppID = "XXXXXXXXXXXX"
$AppSecret = "XXXXXXXXXXXX"
$GroupTag = "P14"
#RegisterDevice
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Confirm:$falseSet-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSignedInstall-Script Get-WindowsAutoPilotInfo -ForceGet-WindowsAutoPilotInfo -GroupTag $GroupTag -Online -TenantId $TenantID -AppID $AppID -AppSecret $AppSecret
#Windows Update
Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned
Write-Host "Installing PSWindowsUpdate module..."
if (-not (Get-Module -Name PSWindowsUpdate -ErrorAction SilentlyContinue)) {
Install-Module PSWindowsUpdate -Force -Confirm:$false
}
Write-Host "Getting available Windows updates..."
Get-WindowsUpdate -Verbose -acceptall
Write-Host "Installing Windows updates..."
Install-WindowsUpdate -Verbose -acceptall