SOLVED Autopilot (auto upload hash during SCCM Task sequence)

[Richard]

I bet we would help a lot of people with this. THANK YOU IN ADVANCE EVERYONE

Does anyone have a good script that I can add during a task sequence that I can automatically upload the hash to autopilot devices?
We are using SCCM task sequence to wipe bloatware from Lenovo. Just install windows. And after that we autopilot.
We have to manually upload hash if the device haven't been used for while and not picked up by mdm
Guys I really appreciate your help guys it would be more than Perfect if someone can help us with this

Theoretically this could be done. we have a service account with proper permissions created in Azure AD which has the permission to add devices to intune
Today we use this script to manually add the devices before we load them with autopilot. But it would be AMAZING if some powershell wiz kid could help us with a script where it runs the whole process below including the credentials part.

Powershell Script:
set-executionpolicy bypass
Install-script Get-WindowsAutopilotInfo -Force
confirm with Y (3 times )
Get-WindowsAutopilotInfo -Online -GroupTag: ABC123 -assign
now a window appears where its asks us to type in the credentials of a user/service account with proper permissions
below an example of how we manually import the devices as described above

Importing a device hash directly into Intune

I resisted the urge to add a switch to the Get-WindowsAutopilotInfo script to add the device to Windows Autopilot using the Intune Graph API. But since people were doing it anyway in worse wa…

oofhours.com

 

[ikkhatri]

Hi, Yes there is. I use this method:

Enrol Devices to Autopilot (Unattended)

Enrol devices to Autopilot using a PowerShell script and App Registrations

euc365.com

Ensure you create an App Registration in Azure.

I have done a few things differently to the above guide such as: copying the sysprep script to C:\Windows\Temp and getting SCCM to run it using the SMSTSPostAction variable and removal of the CCM Client. I wasnt successful so used a different method.

Created a basic TS which installs the drivers, uploads the hardware hash, removes client and reboots to OOBE. If you need to hand these out to end-users, just press and hold the power button and it will shutdown. Then next time its turned on, they will still be presented with OOBE.

1: TS


2. Upload Hardware Hash Step: (Script is in the link shared above)
Ensure to change the Client ID, Client Secret and Tenant ID in the script.
Also login to Graph Explorer and ensure you have consent as per the link.


3. Prepare Config MGR Client for Capture Step:

4. Prepare Windows for Capture step

5. Finally, add a step to restart.
Confirm if it uploaded the hardware hash:

 

[jbackes]

Were you able to get the bloatware removed? I have been attempting to get that resolve for sometime now. I am trying to remove it in both Windows 10 & 11.

 

[ikkhatri]

Were you able to get the bloatware removed? I have been attempting to get that resolve for sometime now. I am trying to remove it in both Windows 10 & 11.

Hey mate,

I have tried with windows 10 and it works just fine and removes all the crap. Windows 11 I haven't tried yet.

 

[Jamie Heyward]

That script for importing the Hardware info looks great. I just can't get it to run and not sure where to look for errors. I haven't tried in a TS yet as I wanted to test on an existing machine first (that is not in Autopilot). Unfortunately as per my screenshot it doesn't seem to import:

 

[Jamie Heyward]

That script for importing the Hardware info looks great. I just can't get it to run and not sure where to look for errors. I haven't tried in a TS yet as I wanted to test on an existing machine first (that is not in Autopilot). Unfortunately as per my screenshot it doesn't seem to import:

All sorted now, user error :/