This blogpost is about creating a Windows 10 AutoPilot deployment profile based on a Azure AD joined scenario via Microsoft 365 or Microsoft Intune.
Creating the profile
Go to https://devicemanagement.microsoft.com/ and log on.
Go to Devices and to Windows:

After that click on “Windows Enrollment”:

We first need to setup automatic enrollment. Click on automatic enrollment:

You need the configure the MDM user scope. You can select a group or enable it for all users. I have test tenant so I have enabled it for all users:

Windows Hello for Business and the Enrollment Status Page are optional to configure:

We first need to create a dynamic group. Go to https://portal.azure.com/ and go to Azure Active Directory:

Go to groups:

Click on New group:

Name the group and click on add dynamic query:

The dynamic query must be stated like this:

This is the query:
(device.devicePhysicalIDs -any (_ -contains "[ZTDId]"))
This query is needed to have Autopilot devices targetted which where uploaded via CSV upload. If you want to know how to do so click on this link:
https://www.nielskok.tech/microsoft365/windows-10-autopilot-info-upload-script/
For testing purpose to include Virtual Machines I have used the query:
(device.deviceModel -contains "Virtual")

Now it is time to create the AutoPilot profile, click on Deployment Profiles:

Click on “Create Profile”

Name the policy and select the “Convert all targeted devices to Autopilot”:

Select the following options in the profile:
In addition, You can choose to allow White Glove OOBE, I enabled it by default.

At assignments select the dynamic group created earlier:

At review and create check your settings and click on create!
If you have done everything right and uploaded your devices to Microsoft 365 you should see this when you boot your AutoPilot device for the first time:

You enter your company credentials and your device will be enrolled.
[…] If you are looking to deploy Windows 10 AutoPilot you are going to have to make a choice. Are you going to use an Hybrid AD Join or a Azure AD Join deployment? I am going to give you my thoughts on a Windows 10 Autopilot Hybrid AD Join vs Azure AD join. Furthermore I am going to elaborate on which deployment I am going to use in which situation.In addition, these are my build guides for Hybrid AD Join & Azure AD Join:Hybrid AD Join Build GuideAzure AD Join Build Guide […]
[…] Autopilot. I have written a guide about this. You can check the guides here:Hybrid Azure AD JoinedAzure AD joinedAs I said earlier I have pushed the Azure Information Protection Client via Intune on to the device. […]
[…] to create an Autopilot manually? Check out these posts:Azure AD Joined profileHybrid AD Joined […]