Windows Autopilot v2
Checkout my other blogs about Windows Autopilot
Back in May 22, 2024 Microsoft announced Windows Autopilot v2 and officially named it Windows Autopilot Device Preparation. Some details for those that want to understand if it fits your particular situation / use case:
Windows Autopilot v2, is a significant evolution of Microsoft’s device provisioning platform. It introduces a re-architected approach to streamline and modernize Windows device deployment, especially for cloud-first environments using Microsoft Intune and Entra ID (formerly Azure AD).
Here’s a breakdown of what’s new and different in Autopilot v2:
Key Improvements Over Autopilot v1
| Feature | Autopilot v1 | Autopilot v2 |
|---|---|---|
| Device Registration | Requires hardware hash upload | No registration needed; uses serial number |
| Join Type | Azure AD Join & Hybrid Join | Only Microsoft Entra ID Join |
| Deployment Profiles | Separate Deployment + ESP profiles | Single unified Device Preparation profile |
| App Installation | All targeted apps install during OOBE | Only up to 10 selected apps install during OOBE |
| PowerShell Scripts | Limited support | Full support during provisioning |
| Monitoring | Basic ESP tracking | Near real-time deployment reporting in Intune |
| Self-Deploying / Pre-Provisioning | Supported | Not supported (yet) |
| Hybrid Join | Supported | Not supported |
| OOBE Experience | Streamlined, fewer screens | Some default Windows setup screens appear before policy applies |
New Capabilities in Autopilot v2
- No Hardware Hash Needed: Devices are identified using serial numbers, simplifying onboarding.
- Enrollment-Time Grouping: Devices are dynamically added to a static group during OOBE, enabling faster app and policy delivery.
- Selective App Deployment: Admins can choose up to 10 critical apps to install during setup; others install post-login.
- PowerShell Script Execution: Scripts can run during provisioning, allowing advanced configurations before user login.
- Improved Reporting: Real-time status of deployments, app/script success, and provisioning duration is available in Intune.
Requirements
- Windows 11: Version 22H2 or later with KB5035942.
- Microsoft Entra ID: Only Entra Join is supported.
- Device must not be pre-registered in Autopilot (v1) to avoid profile conflicts.
Limitations (as of this writing!)
- No support for:
- Hybrid Join
- Self-deploying mode
- Pre-provisioning (White Glove)
- Some OOBE screens reappear (e.g., EULA, privacy settings) since the device isn’t recognized as Autopilot-managed until after login
Autopilot v2 (Device Preparation) Rollout Timeline
| Date | Milestone | Details |
|---|---|---|
| May 22, 2024 | Official Announcement | Microsoft publicly announced Autopilot v2 (Device Preparation) as the next-gen provisioning experiencecall4cloud. |
| March 2025 | Public Preview Begins | Public preview for Windows 365 Frontline Cloud PCs using Autopilot Device Preparation was releasedwindowsforum. |
| June 2025 | Feature Expansion | Support for Enterprise App Catalog (EAM) apps during provisioning addedmicrosoft. |
| September 2025 | Feature Delay Notice | Microsoft delayed automatic installation of monthly security updates during provisioning to ensure qualitymicrosoft. |
| November 2025 (Planned) | General Availability (GA) | GA for Windows 365 Frontline shared devices using Autopilot Device Preparation is scheduledhandsontek. |
What This Means for You
- Now: You can test Autopilot v2 in public preview for supported scenarios (e.g., Windows 365 Frontline).
- Soon: Full GA is expected by November 2025, especially for shared device scenarios.
- Later: Microsoft plans to add pre-provisioning and self-deploying modes, which are not yet available.microsoft
- not everyone should migrate to Autopilot v2 (Device Preparation) just yet.
Who Should Consider Migrating to Autopilot v2
- Cloud-Only Organizations
- Using Microsoft Entra ID Join exclusively.
- No dependency on on-premises Active Directory or Hybrid Join.
- Modern Management with Intune
- Fully invested in Microsoft Intune for device and app management.
- Want to simplify provisioning and reduce reliance on hardware hashes.
- Greenfield Deployments
- Rolling out new devices that aren’t already registered in Autopilot v1.
- Want to take advantage of faster provisioning and real-time reporting.
- PowerShell-Heavy Configurations
- Need to run custom scripts during provisioning (v2 supports this natively).
Who Should Not Migrate Yet
- Organizations Using Hybrid Join
- Autopilot v2 does not support Hybrid Azure AD Join.
- If you rely on GPOs or on-prem domain join, stick with v1.
- Existing Autopilot v1 Workflows
- If you’ve already invested in pre-provisioning (White Glove) or self-deploying mode, these are not yet supported in v2.
- Devices Already Registered in Autopilot v1
- Devices with existing Autopilot profiles must be removed before using v2.
- This can be disruptive if not planned carefully.
- Strict OOBE Customization Requirements
- v2 currently shows more default Windows setup screens (e.g., privacy settings, EULA) before policies apply.