Home Cloud M365 AutoPilot – Device Hash Capture

AutoPilot – Device Hash Capture

2713
0
windows_10_device_has_capture
Reading Time: 4 minutes

In this blog post we will cover the options of Windows 10 Device Hash Capture using the Get-WindowsAutoPilotInfo Script created by Michael Niehaus.

Before deploying a device using Windows Autopilot, the device must be registered with the Windows Autopilot deployment service. Ideally, this registration is performed by the OEM, reseller, or distributor from which the devices were purchased. However, the registration can also be done within your organization by collecting the hardware identity and uploading it manually. – You can find more on Adding Devices and Autopilot Here.

The Powershell Script can only be run from inside of Windows 10. There is currently no WinPE Support! Sad I Know.
When adding the devices into Intune, There are two known options, either use the provided script or ask your OEM/Reseller/Distributor to upload the data on purchase of the devices.

For this blog post we will focus on the Manual Method of Obtaining the Device Hash and the two options provided with the script – Exported to a Csv and Online Direct Upload.

Option 1 : Device Hash Capture to Csv File

For this example, We will be using a Windows 10 2020 Virtual Machine, Which has a clean install and has not been set up the Virtual Machine is still on the OOBE Stage as to save time on having to reset the machine. The USB Device will be simulated by mounting a vhdx file to the virtual machine which will have the Get-WindowsAutoPilotInfo downloaded onto. to start from the OOBE Screen we need to open a CMD Prompt using SHIFT + F10.

By default the ability to execute Powershell Scripts in blocked for security. We need to change this to be able to run the script using the following command:

Powershell.exe Set-ExecutionPolicy RemoteSigned -Force
Powershell.exe .\Get-WindowsAutoPilotInfo.ps1 -OutputFile DeviceCapture.Csv

The Csv File is generated and contains the serial number and the Device Hash.

Uploading your Device Hash to Microsoft Intune.

So we have out Device has file, Yes if you have multiple devices you can stack the results into a single Csv.
However we have our single windows 10 VM.

I Should note that for the Lab to work you will need an Office 365 Tennant and an Enterprise and Mobility E3 License.
From the Microsoft EndPoint Portal : Microsoft Endpoint Manager admin center
Select Devices.

Select “Device Enrolment”

From the “Windows Autopilot Deployment Program” – Select “Devices”

From the menu options select “Import”

Locate the Device Capture Csv File and Upload

The Device import can take up to 15 Minutes

Once the device import has completed the computer will show up as shown below.

Option 2 : Device Hash Capture and Online Upload

In this example we will use Online Upload Functionality in the Get-WindowsAutopilotInfo Script.
NOTE: For this example the Powershell Execution has all ready been configured to “RemoteSigned”

Powershell.exe Set-ExecutionPolicy RemoteSigned -Force

This time instead of using the -Output File Parameter we change it to -Online

Powershell.exe .\Get-WindowsAutoPilotInfo.ps1 -Online

Using this method will install the WindowsAutoPilotIntune Module

Once the module install has completed you will get an Microsoft Login Prompt

The First time you sign in you will get a prompt to allow access to PowerShell

Device Import Starts

This completes the device pre-staging into AutoPilot. You can then send the computer direct to the customer/end user for a Zero Touch Sign On and Setup – Which will be covered in a later blog post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here