Middlebury

Difference between revisions of "Zero-Touch Deployment for PCs"

Line 1: Line 1:
  
=== '''What is Zero-Touch?''' ===
+
=== <span style="font-size:large;">'''What is Zero-Touch?'''</span> ===
  
 
Zero-Touch deployment is a new method for provisioning College-issued, primary-user&nbsp;PC computers. This method of deployment replaces&nbsp;the need for an ITS staff member&nbsp;to prepare computers before they are deployed to the client. With Zero-Touch, a computer can be delivered directly to a client without ever needing to be physically handled by ITS.
 
Zero-Touch deployment is a new method for provisioning College-issued, primary-user&nbsp;PC computers. This method of deployment replaces&nbsp;the need for an ITS staff member&nbsp;to prepare computers before they are deployed to the client. With Zero-Touch, a computer can be delivered directly to a client without ever needing to be physically handled by ITS.
  
=== '''How does it work?''' ===
+
=== <span style="font-size:large;">'''How does it work?'''</span> ===
  
 
Microsoft has a pair of programs,&nbsp;Autopilot and Intune, which allow&nbsp;organizations to register devices to automatically receive software and policies over the internet.&nbsp;When a registered computer is turned on for the first time, it checks Microsoft's Autopilot servers to determine any intial settings to apply. Middlebury machines then provide a streamlined Out of Box Experience (OOBE) and prompt&nbsp;for Middlebury user credentials.&nbsp;
 
Microsoft has a pair of programs,&nbsp;Autopilot and Intune, which allow&nbsp;organizations to register devices to automatically receive software and policies over the internet.&nbsp;When a registered computer is turned on for the first time, it checks Microsoft's Autopilot servers to determine any intial settings to apply. Middlebury machines then provide a streamlined Out of Box Experience (OOBE) and prompt&nbsp;for Middlebury user credentials.&nbsp;
Line 10: Line 10:
 
These credentials are used to join the device to our authentication domain (Azure Active Directory) as well as enroll it in Intune, our Mobile Device Management (MDM) service. Intune will install required software (such as Antivirus) and enforce essential policies (such as drive encryption). It will also install the "Company Portal", providing a streamlined interface for optional software you may want installed (such as Firefox, Zoom, or Office 365).
 
These credentials are used to join the device to our authentication domain (Azure Active Directory) as well as enroll it in Intune, our Mobile Device Management (MDM) service. Intune will install required software (such as Antivirus) and enforce essential policies (such as drive encryption). It will also install the "Company Portal", providing a streamlined interface for optional software you may want installed (such as Firefox, Zoom, or Office 365).
  
=== '''Deployment Steps:''' ===
+
=== <span style="font-size:large;">'''Deployment Steps:'''</span> ===
  
 
In process...
 
In process...
  
 
[[Category:Public Search]] [[Category:Helpdesk Documentation]]
 
[[Category:Public Search]] [[Category:Helpdesk Documentation]]

Revision as of 16:29, 30 April 2020

What is Zero-Touch?

Zero-Touch deployment is a new method for provisioning College-issued, primary-user PC computers. This method of deployment replaces the need for an ITS staff member to prepare computers before they are deployed to the client. With Zero-Touch, a computer can be delivered directly to a client without ever needing to be physically handled by ITS.

How does it work?

Microsoft has a pair of programs, Autopilot and Intune, which allow organizations to register devices to automatically receive software and policies over the internet. When a registered computer is turned on for the first time, it checks Microsoft's Autopilot servers to determine any intial settings to apply. Middlebury machines then provide a streamlined Out of Box Experience (OOBE) and prompt for Middlebury user credentials. 

These credentials are used to join the device to our authentication domain (Azure Active Directory) as well as enroll it in Intune, our Mobile Device Management (MDM) service. Intune will install required software (such as Antivirus) and enforce essential policies (such as drive encryption). It will also install the "Company Portal", providing a streamlined interface for optional software you may want installed (such as Firefox, Zoom, or Office 365).

Deployment Steps:

In process...