Automating a new computer setup

Is there a way I can automate a new computer setup? Basically, I would like to install the agent on a new computer and have it Install Microsoft Office Suite, Dropbox, Chrome, Adobe Reader, change the power settings to High Performance, disable sleep, etc, etc. Maybe even uninstall the default apps such as Xbox, Cortana, Microsoft News, etc?

One offs and small deployments:
Once the agent is installed you can automate the rest, with policies which will apply various settings (see policies for these), and also apply your “onboarding scripts” either one time or on a scheduled basis. Almost all setup can be done this way after the agent is installed. (Don’t every make an image with an agent installed, they will all have the same ID). Check out the community scripts to see what you can do, and chocolatey is the default app deployment tool for syncro.

If you are rolling out lots of computers onsite use immybot it’s worth it, and can take hours of work down to minutes.

Complete Hands Off:
If you want to automate a complete hands off rollout, you would use intune and aquire hardware from HP, Lenovo, Dell that would be registered with the azure domain. Devices can be drop shipped, and will autoconfigure on startup, download configuration and then apply any user configuration at logon.

1 Like

Thanks for the great information. Most of my customers are small 3-10 workstations so I would consider these one offs/small deployments. I am a Lenovo reseller and buy my computers from Synnex. How would I use Intune to link up these machines?

The Microsoft Tech you want to look into is called Autopilot. Synnex/Lenovo should be able to tell you how to get it set up to allow them to add the device to your clients account. Once you have autopilot setup you give the Tennant info when you order the computer, and they pre-register the device in Autopilot.

When the devices get online Windows automatically checks in with Microsoft for an autopilot config and if its registered it follows w/e config is in Autopilot. Autopilot can bootstrap the device into w/e MDM you want, though if you’re working in the Microsoft 365 world Intune just makes sense. So Autopilot Bootstraps and does w/e initial config you have configured and then registers the device in Intune for the rest of the config.

I came here looking for a way to do the exact same thing. Were you able to come up with a script to help automate some of this?

Yep this can be done with any combination of third-party patching and setup scripts within your asset policy.

I have a script that does

  1. Documentation
  2. Create System Restore Point named Onboarding
  3. Create Local Admin account (hidden or not from user logon screen, Enabled, No password expire date, Sets specific password as entered or a randomized password if it is blank)
  4. Create local folder
  5. Get User List and save to C:\Local
  6. Set Power Settings to Monitor Off at 10 min. Sleep and HDD off never.
  7. Set CST as Time Zone
  8. Set NumLock ON at Windows login screen
  9. Disabled Windows 10 Suggested Apps
  10. Disabled Windows 10 auto-login post restart
  11. Disable Windows Tracking Telementry
  12. Set Syncro services to start in Safe Mode
  13. Disable fast boot
  14. Disable News & Interests
  15. Disable Edge creator recommendations
  16. Removed Bloatware Apps Less Office

That runs on every machine at onboarding and any time there is a policy change assuming it hasn’t been ran in the last 30 days. These are things I want consistently set on every computer that we manage.

Wow that impressive. I started to make a script a month or so ago to do some the exact same thing i.e. time zone set, num lock, and remove some bloatware apps but I never got it to work fully. Would you be willing to share your script? It would a huge favor!

@ john.nelson, can you share that script?

I would also be interested in this script please and thanks! :astonished:

john.nelson - :clap: I too would be interested in this mighty ole script of yours if you don’t mind sharing. - Thanks. -