Using Multiple Autopilot Profiles

As Microsoft have just released Hybrid AD Join through Autopilot i thought i would write this blog post on using multiple autopilot profiles. You have probably worked out by now that you must use a device group when deploying an autopilot profile and have been using the following syntax: (device.devicePhysicalIDs -any _ -contains “[ZTDId]”). This is great if you are just deploying the one autopilot profile, However if you want to deploy multiple profiles to i.e. Some User-Driven and Some Self Deploying (Kiosk) or maybe some Azure AD Joined and some Hybrid AD Joined then you need to be able to target different device groups. Since the ZTDID syntax adds all autopilot devices into a single group then we cant use this method.

The Process to follow is to use the “OrderID” tag when importing the devices into the Autopilot service. The tag can be anything of your choice i.e. Kiosk. Lets say you have a scenario in which you are importing 10 devices and 5 of them are designated for users and 5 for Kiosk. I will show you how to split these devices through use of Dynamic Device groups.

Steps:

• The first step is to gather the Hardware hash of each device which you can do through use of a powershell script https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo/1.3

• Once you have the CSV file you need to edit the file and add a comma at the end of the hash followed by the tag of your choice i.e. ,Kiosk

• The next step is to import the CSV file into the Intune Console
• Navigate to the Intune Console https://aka.ms/intuneconsole
• Device Enrollment
• Windows Enrollment
• Devices

Now we are ready to create a dynamic device group which looks for the OrderID tag “Kiosk”