Importing "Offline" Hardware Hash into Microsoft Intune for Windows Autopilot

Windows Autopilot provides a seamless deployment experience for new devices in an organization. For devices that are not connected to the internet during deployment, you can manually extract and import the hardware hash into Microsoft Intune. This blog outlines the offline process using PowerShell.

---

Prerequisites

1. Windows PowerShell: Ensure the latest version of Windows PowerShell is installed.
2. Admin Permissions: Run PowerShell as an administrator.
3. Network Access: Required only for uploading the hardware hash file to Microsoft Intune.
4. Export Folder: Create a folder to store the exported CSV file, e.g., C:\Devices.

---

Steps to Export and Import Offline Hardware Hash

1. Install the Script
   The Get-WindowsAutopilotInfo script is used to capture the hardware hash. Install it using the following command:

   Install-Script -Name Get-WindowsAutopilotInfo

2. Set the Execution Policy
   To run scripts that are not digitally signed, change the execution policy temporarily:

   Set-ExecutionPolicy Unrestricted

3. Export the Hardware Hash
   Use the script to export the hardware hash to a CSV file:

   Get-WindowsAutopilotInfo.ps1 -OutputFile C:\Devices\Device1.csv

   • What It Does:
     • Captures hardware details (hardware hash, serial number, etc.).
     • Saves the output to the specified file (C:\Devices\Device1.csv).

4. Upload the CSV File to Intune

   • Log in to the Microsoft Endpoint Manager admin center.
   • Navigate to Devices > Windows > Windows enrollment > Devices.
   • Select Import and upload the CSV file containing the hardware hash.

5. Assign Deployment Profile
   After the import is successful:

   • Navigate to Deployment profiles under Windows enrollment.
   • Assign the desired profile to the imported devices.

6. Restore Execution Policy
   For security purposes, reset the execution policy:

   Set-ExecutionPolicy Restricted