View Blog

Nov 2019
21

How I scraped a device out of Autopilot (the hard way)

I have a few Azure + Intune tenants for testing. So I decided to take a laptop and move it from one tenant to another.

As you’ll recall from my book in Chapter 8, every device has a serial number and hardware ID. You manufacture this into a CSV file from a Powershell script. When I uploaded the CSV into my other tenant, I got this.

Okay. No problem. I’ll just… go to the original tenant where I know this device lives and find it and be on my merry way.

No. No. And no.

Let’s talk about what you should do, then I’ll explain what I had to do.

What you should do

The first thing to do is to look at the serial number in the CSV file from the machine you want to transfer over. In my case, the serial number was PC012345 (or something like that.) You can see that here.

What you’re supposed to do next is merely go to Intune | Device enrollment | Windows enrollment and see the list of Autopilot devices. There, you can search for the serial number.

Remember: My serial number was PC012345. But if you look below, there is no computer with that serial number. There’s PBW-something-something. But no PC0-something-something.

Note also that there is no other search possible; it’s serial number or nothing.

Ohhhkay. So maybe this is at least hanging out in Azure AD. Let’s check. Nope. No luck.

But I knew it was, in fact using Autopilot to get connected to my Fabrikam1000.com tenant. How do I know? Because I set up branding (also explained in Chapter 8 of my MDM book)! This is critical, so you know you’re not going crazy. Branding really helps you identify that your machine really is under your Autopilot control.

Then now in Azure AD, you can see the computer show up here.

But the darn computer still wasn’t in Windows Autopilot devices.

I was stumped.

I got some help from some fellow MVPs, the final “winner” being Sandy Zang, another Enterprise Mobility MVP.

Sandy suggested I click on every computer I have in Autopilot to see if something popped out. Because I didn’t have too, too many… I did just that, and found this.

Holy crap. What’s happening here?

What I needed to do...

Well somehow in Autopilot’s brain, my computer’s hardware ID is swapped with some other computer. I don’t claim to know how or why this happened. But at least I had a clue now!

So, okay.. Next would be to nuke that machine.. Which I attempted to, and this happened.

Then I remembered there’s another whole portal to check for Autopilot. In the Microsoft Store for Business. Those two records PBXXXX (not my computer) were indeed there. And, clicking on them and pressing delete made them vaporize !

I then went back to Intune and Autopilot and clicked Sync then Refresh.. and Bingo !! Phantom machines obliterated !

Kudos to Sandy for the thought. I wouldn’t have gotten there without the idea.

Comments (0)

No Comments!