What’s up, everyone!
Back in July I did a post on Windows Autopatch. Since then a couple of changes have taken place and I thought it was a good idea to see what they are. So here’s an update to the original “Use Windows Autopatch To Keep Your Cloud PCs Up-To-Data” post. Enjoy!
Check The Status Of Onboarded Devices
You can review the status of Windows Autopatch registered devices. Just open the Intune portal, click on Devices, under Windows Autopatch, Devices.
There’s a new tab here, named Not ready (preview). This tab is meant to help IT admins troubleshoot devices that successfully connect to the Windows Autopilot service, but have ran into a problem afterwards. Devices in this tab can have the status of Readiness failed or Inactive.
- Readiness failed; the device has a problem. You can click on the hostname to get more information about the issue, for instance an IT admin has installed an unsupported OS on this device.
- Inactive; a device will get the inactive status if it hasn’t checked in with the Autopatch service for more than 30 days.
App Based Authentication
In my first post I talked about the 3 service accounts that Microsoft uses to perform its duties. And these service accounts should be excluded from any conditional access policies. The Windows Autopatch team received feedback that companies do not want to reduce their security and that’s why they switched to app based authentication.
If you look at the screenshot above, you can see a critical message telling me I need to improve the security of my tenant. If you click on this message, you’ll head over to Tenant Management (from the Intune portal, Tenant Administration, Windows Autopatch, Tenant management.
Click on ‘Tenant access’. You’ll get a new screen on the righthand side of your screen:
This gives us a nice overview of the changes that will be made to our tenant. I’ll go ahead and check the box and click the submit changes button on the bottom of the screen. These changes we done in about one minute. The status should end up as Completed. You can refresh the page, all actions should be gone.
If you want to know more about the service accounts, check this URL.
Windows Autopatch Demo
Microsoft has created a Windows Autopatch demo environment for you to play around with. Ever wanted to setup Windows Autopatch, but didn’t have your own demo environment? Check this URL.
The demo has 4 scenarios;
- Enroll a tenant
- Register and manage devices
- Release management and support
Windows Autopatch Data Available In Other Regions
All Windows Autopilot related information was stored in the North America region. Data for EU, UK, Africa and Middle East will be stored in the EU region.
For more info, check this URL.