EPM and Windows Autopilot

As technology advances so must we advance with it.

My organization recently started down the path of Windows Autopilot for device enrollment into EntraID.

Its been an interesting journey so far and we are only still in the development phase and internal closed testing. I’ve noticed a few things that might just be configurational issues with how we have Autopilot currently configured.

One key thing that I’ve noticed recently was the EPM Token Elevation isn’t currently being elevated on my test system. After some googling there appears to be some enhanced lockdown and least privileged access that Autopilot does, which also affects the token elevation.

I am curious what others have seen or noticed when going down this route and leveraging both systems.

Page 1 / 1

We have been using autopilot for modern managed Windows 11 devices. What we have run into primarily is the syncing of EntraID groups locally to the BT client. Until that sync finishes, users are not filtering into their proper workstyles and then land in the Catch-All workstyle. Once that sync completes, users then filter correctly.

I haven’t noticed any group syncing issues yet, but we are still testing early in our deployment of Autopilot. As part of that deployment, I gave my VM the quick start template and enabled everything just to see how far off that would be from where we want it to be and to test EPM/Autopilot interaction. I haven’t really noticed anything major with the OOB setup or any alarming red flags yet.

How long of a delay have you noticed with the syncing of the groups @Josh Bristow?

Reply

Badge Earners

Reply

Badge Earners

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded