Windows Dynamic Deployment - Paiet/Tech-Journal-for-Everything GitHub Wiki

  • Dynamic deployment
    • The goal of dynamic provisioning is to:
      • Take a new PC out of the box
      • Turn it on
      • Transform it into a productive organization device
      • Minimal time and effort
  • Evaluate and select an appropriate deployment options
    • Subscription activation
      • Change the SKU from Pro to Enterprise
      • No keys
      • No reboots
      • Requirements
        • Windows 10 (Pro or Enterprise) version 1703 or later installed and activated
        • Azure Active Directory (Azure AD) available for identity management
        • Devices must be Azure AD-joined or Active Directory joined with Azure AD Connect
      • Benefits
        • Licenses for Windows 10 Enterprise are checked based on Azure AD credentials
        • User logon triggers a silent edition upgrade, with no reboot required
        • Support for mobile worker/BYOD activation
        • Transition away from on-prem KMS and MAK keys
      • Process
        • Licensed user signs in using Azure AD credentials
        • OS turns from Pro to Enterprise, unlocking features
        • When user's subscription expires or is transfered
          • Reverts to Windows 10 Pro
          • Up to 90 day grace period
    • AAD / MDM
      • Organization member provides their work or school user ID and password
      • Device can then be
        • Automatically joined to Azure Active Directory
        • Enrolled in a mobile device management (MDM)
        • No additional user interaction
        • MDM solution can finish configuring the device as needed

Windows Dynamic Deployment Pt 2

  • Provisioning packages
    • Self-contained package
    • Contains configuration, settings, and apps that need to be applied to a machine
    • Deployed to new PCs through a variety of means
Install Windows Configuration Designer
Create minimal provisioning package
Use New-IsoFile (download from gallery)
    https://gallery.technet.microsoft.com/scriptcenter/New-ISOFile-function-a8deeffd#content
Using provision02
    Start VM, stop on first OOBE screen (language selection)
    Mount aadjoin.iso (created ^)
    Press Windows key 5 times
    Install package
    After reboot, go to Start > Settings > Accounts > Access work or school
    Show connected to Azure AD