Well, most school districts are at the end of the tunnel or seeing the light at the end of the tunnel as it relates to the end of the school year. This time of year is ALWAYS emotional; whether it be seeing students we’ve known through the years moving onto their next journey in life, looking forward to an epic summer vacation or gearing up for all the projects over the summer!

Yep, I’ve said it. This is the time of year that IT Departments hunker down, pull in all the old equipment and clean it up, order and process new equipment coming in, or taking on new projects to further their district goals and strategies. I’m working with SEVERAL districts across the US on their device management strategy.

Historically, the past few months (January – April) is the time of year where I have the conversation of re-imaging machines in order to get them ready for the next school year; this year was no different. However, one of the fundamental shifts in the conversation was to focus the conversation on provisioning rather than imaging. At this point, you may be asking yourself a couple of things: 1. What’s the difference? 2. We’ve always imaged our machines so why change a well defined process? 3. What’s in it for me?

For the shops who are familiar with imaging, the first part is creation of the “gold image”. In the “best” case scenario, they have one single image. However, most imaging shops have multiple gold images based off of machine / model or different user role applications (i.e. student image vs. teacher image). Those images are usually 2 to 4 GB in size (depending on the installed applications, they can be much larger). The next step in the process is to take that image and deploy it via media (i.e. USB, network, etc.). In the best case scenario, it can be multicasted on the network. However, that’s still gigabytes of data traversing the network. Once the image is deployed, each individual machine goes through the OOBE (Out of Box Experience) setup experience. As the graphic below depicts, the “traditional deployment method” can be a costly proposition including time, network and infrastructure to support the effort.

When Windows 10 was introduced, it was fundamentally different in many aspects. One of those aspects is the deployment method, or “modern deployment method”. Think of Windows 10 like your cell phone. You have one, right? When is the last time you re-imaged your cell phone? Unless it’s unlocked or jail broken, you just don’t do that. If things start acting up, you do a reset. You can elect to retain or wipe your personal data (i.e. contacts, pictures, etc.) but the phone OS is all local. Windows 10 is no different.

With Windows 10, you receive your device from your device re-seller (for a new device) or update it (depending on what version you’re currently on, there may be similar or different paths), answer a couple of questions such as language, keyboard layout and network and the device is provisioned. It may not even have the IT staff’s involvement. That’s it, seriously.

Allow me to open that provisioning “black box” to explain some terms mentioned in the image above; specifically “transform”. With Microsoft Set Up School PCs app, this allows a school IT Admin to create a Provisioning Package to answer questions such as:

• Which Azure Active Directory tenant do you want the device to join
• Which wireless network you’d like the device to use
• Is there an automated naming convention to use
• Which timezone
• Product Key
• Which applications to install during the OOBE / Provisioning process
• Is there a specific wallpaper or lock screen background to use

This app will give you the ability to create one or more USB drives to copy the provisioning package to. A basic provisioning package is approximately 93MB (without any applications included). When provisioning a device, as depicted in the graphic above, all the traffic is localized to the device (disk and USB I/O). This greatly reduces the time that an IT Department can get a device into a faculty / staff /student hand for teaching and learning. The ‘magic’ is that not only is this process provisioning the device but it also is enrolling it into Microsoft Intune. You now have a fully managed device!

Generally, the initial feedback / push-back I’ve received when speaking to customers is “…great Chris however I don’t want to walk around with a USB stick to provision every device.” Fair. Very fair statement! That’s why we switch gears and start to speak about a cloud driven process to pre-register devices called Windows AutoPilot. Devices can be completely configured with no IT intervention required.  Devices pre-registered with Windows AutoPilot are ensured the best set-up experience when the device is received by the end user.

So what does an organization need to do to use Windows AutoPilot?  There are three simple steps.  First, each new device needs to be registered with the Windows AutoPilot deployment service.  Then, a profile of settings needs to be assigned to each device, controlling how the device is configured prior to when Intune can complete the setup.  Once those steps are done, the device can be shipped to the user. For existing devices already enrolled in Intune, there is a setting enabled by default to Enable AutoPilot Reset (see image below).

To this point, there’s a a LOT written! However, did I mention that this is a one time thing? Once a device is provisioned, enrolled and Intune settings have been applied, the following school year becomes a matter of doing an AutoPilot Reset! In the example in the image below, I have a classroom cart of Windows devices which I’d like to target AutoPilot Reset on. This cart can have apps and settings which are specific to the class or grade level it’s assigned to. Thus, when the AutoPilot Reset is triggered, the device will remove all personalization (user data) and return to the login screen ready for use again!

I hope this has been insightful and will free up some of your time, network bandwidth and ultimately lower your costs of device distribution / usage.