Out of Box Windows Enrollment via Microsoft Entra ID Join

Organizations using Microsoft Entra ID and Windows 10 & above devices, can leverage the Out of Box Enrollment experience offered by Microsoft. In this method, the devices can be enrolled to Scalefusion right when they are unboxed by joining the devices with Microsoft Entra ID credentials.

Prerequisites

1. Configure Microsoft Entra ID set up in Scalefusion Dashboard.
2. Microsoft Entra ID premium license should be assigned to the Users enrolling their Windows 10 & above devices.

The steps below document the method to enroll a Windows 10 & above device fresh out of the box and hence you would need a new Windows 10 & above device to complete the enrollment.

Steps

1. Once you power on the device, the first step is to choose the region. Click Yes once you select the region.

   

2. In the screen below choose the keyboard layout and click Yes

   

3. Configure Secondary keyboard settings or choose Skip

   

4. In the Network section, if the device is connected to Ethernet then it will automatically start checking for updates, if it is not then connect to a Wifi and click Next

   

5. Now you will be prompted to Sign in with Microsoft. Here enter your Microsoft Entra ID email id and click Next.

   

6. When prompted enter your password for the account and click Next

   

  7. At this point, you will be shown the Terms of Use screen, explaining that the device will be managed by your organization. Click Accept to start enrolling the device to Scalefusion.

  8. Now you will be shown the privacy settings screen. Select the preferred options and click Accept

  9.  If your organization has setup Windows Hello then you would be asked to setup Windows Hello. Follow the onscreen instructions to set up a PIN.

10. Once the setup is complete, the screen below will be displayed. Click OKto start using your device. The device is now being managed by Scalefusion.

Question: Why is it advised to create a local Admin account once the enrollment is complete?

Answer: In OOBE setup, the only account added to the device is the account used to Sign Into the device during setup. So once this account is deleted, then there will be no accounts left on the device using which the device can be accessed. Hence, we advise to create a local Admin account that can be used to manage the device once the account is deleted.