Sam Newman, Managing Director of OGEL IT LTD explains how innovative solutions help maintain business as usual, even with workers at home
A common challenge for our customers recently has been how to provision new or replace faulty devices for staff working from home with no access to office locations to build and deploy devices on the network.
The answer to this conundrum according to Microsoft is Autopilot; a collection of technologies to facilitate the configuration of devices sent direct from manufacturer to end user with only an active internet connection and an Azure AD user account for that out-of-box experience (OOBE). In our case this has been partly true, we’ve been looking closely at Autopilot for the last few years waiting for the solution to mature to a level we feel comfortable with. “So is it ready?” I hear you ask, well depending on your requirements the answer is now more frequently a ‘yes’ rather than ‘no’ or ‘not quite’.
Organisations with no Active Directory, strict security requirements and who haven’t invested in SCCM it can be an excellent fit. All you need is an Office 365 tenant with suitable license to manage the devices with Intune; Microsoft 365 Business, Microsoft 365 E3/5 or Enterprise Mobile & Security E3/5 to get started. It’s a cost-effective solution to provide organisations with a platform to enrol devices direct from manufacturer whilst maintaining configuration and control without the need to develop a gold image and deploy it to every device before sending to the end user.
For those organisation whom it’s been a step to far due to the aforementioned areas there are options to leverage Autopilot as an initial stepping stone to providing a full corporate managed device using your on premises Active Directory and SCCM infrastructure whilst providing the end user with that nice OOBE they are looking for. Oh, and the added bonus that they can rebuild their own device if they experience a fault from home at any time!
Microsoft have recently added the Hybrid Azure AD join functionality to Autopilot which does support on premises Active Directory joins, but it doesn’t retain the self-service windows OOBE, it requires intervention from administrators and on premises network connectivity to complete the process. We have found it is possible to replicate the desired user experience by leveraging Autopilot to handle some initial configuration of the devices after which we can establish a VPN connection to complete the domain join, registration with the desired software/endpoint management platforms and any other tasks usually completed within an office with network connectivity.
OGEL’s innovative solutions
Our innovative solutions use a combination of Microsoft Autopilot and Fortinet FortiClient to enable our customers to ship devices direct to staff who turn the device on, the configuration process automatically starts and runs through until the users prompted to login. Users are notified of what’s happening throughout the process until they complete their logon using their standard credentials. At this point a secure VPN connection is established and the device performs some final configuration to ensure the device operates as any other corporate device they are used to. Just as if your friendly deskside engineer has handed it over with all the software you need installed and ready to go!
If you’re looking for some advice and guidance on how you could leverage AutoPilot within your organisation, you’re interested in seeing a demo or you want to discuss how we overcame some of the short comings of AutoPilot to meet our customers needs the please get in touch.
Please note: this is a commercial profile.
