Troubleshoot deployment
Before you can resolve an issue with Windows Autopilot, you need to identify in which part of the overall process the problem is occurring. The Windows Autopilot process can be broken down into logical stages:
- Network connectivity Establish an internet connection and connect to the Windows Autopilot service.
- Deployment profile and OOBE A deployment profile will be delivered to the device to manage the OOBE. The OOBE will complete using the settings within the deployment profile.
- Azure AD Has Azure AD been configured correctly? For user-driven deployments, users need to enter their Azure AD credentials to join the device to Azure AD.
- MDM enrollment issues After being auto-enrolled into the MDM service, any policies, settings, and apps will be delivered to the device.
The whole process should result in the device being set up, configured, and ready for the user to be productive.
For a summary of possible troubleshooting areas within these stages, review Table 1-13.
TABLE 1-13 Windows Autopilot process flow
| Process | Troubleshooting |
| Network connectivity | Ensure that the device can access the Windows Autopilot services: Windows Autopilot requires internet access. Ensure that specific network requirements are met, including firewall port settings and DNS name resolution. |
| Deployment profile and OOBE | There are settings in the deployment profile that configure the Out-Of-Box Experience. You should focus your troubleshooting on whether The device has received its deployment profile. A deployment profile has been assigned to the device. The correct deployment profile type has been assigned to the device; for example, is the device a kiosk? The assigned deployment profile settings are correct; for example, has the Administrator account creation been configured by accident? |
| Azure AD | Azure AD needs to be configured prior to deploying devices with Windows Autopilot. Focus your troubleshooting on the following things: Ensure that MDM auto-enrollment in Azure AD is correctly configured. Ensure that the MDM discovery URL is correctly configured, so devices can find the MDM service.Ensure that Azure AD custom branding is in place. Ensure that device hardware IDs have been successfully synchronized to the Windows Autopilot deployment service.Ensure that the user has a valid Azure AD account. Ensure that user has not exceeded the maximum number of devices allowed to be joined to Azure AD. If a third-party MDM solution is being used, make sure it has been correctly authorized in Azure AD. |
| MDM enrollment issues | In the final stage of the Windows Autopilot process, the device will be enrolled into Mobile Device Management. If MDM fails, then policies, settings, and apps will not be deployed to the device. You should focus your troubleshooting on the following things: The Enrollment Status Page is useful for troubleshooting MDM issues. Has the user been assigned an Enterprise Mobility + Security license? Ensure that users have not exceeded their device enrollment limits. |
Note Time
If you have ensured that the configuration is correct, then wait. Maybe go grab a coffee. Nearly all issues that I have experienced, such as the new device not being recognized by the Autopilot service, can be resolved by waiting 15 minutes and rebooting the device. Remember that Autopilot uses the cloud, and Azure AD group membership propagation or device ID synchronization can sometimes take a little longer to update.