Create Autopilot Profile for HoloLens 2 Devices

In this post I will show you how to create an Autopilot profile for HoloLens 2 devices. At the time of writing this article, HoloLens support within Endpoint Manager is fairly limited. Even at the point of Windows Autopilot profile creation. One good way of looking at this is that it means its difficult to get this bit wrong.

The first recommendation would be to create a target group, for the Windows Autopilot profile we will create. The recommendation would be to define this group in such a way, that the profile can be automatically assigned, based on the query we supply.

Before we create an Autopilot profile for Hololens 2 devices, I recommend reading the requirements for Windows Autopilot for HoloLens 2. Also note that starting 11/20/2020, Autopilot configuration for HoloLens in Microsoft Endpoint Manager is transitioning to Public Preview. Customers no longer need to enroll in the private preview and all tenants will be able to setup Autopilot in the MEM admin center.

Create Autopilot Profile for HoloLens 2 Devices

Login to Azure Active Directory and click on Groups from the left menu.

Create Autopilot Profile for HoloLens 2 Devices
Create Autopilot Profile for HoloLens 2 Devices

Choose to create a New Group.

Create Autopilot Profile for HoloLens 2 Devices
Create Autopilot Profile for HoloLens 2 Devices

The Group type should be Security, enter a meaningful Group Name and description. And change the membership type to Dynamic Device, then click on the newly displayed Add Dynamic Query link.

Autopilot HoloLens Enrollment
Autopilot HoloLens Enrollment

Under Dynamic Membership Rules, click Edit towards the lower right hand side.

Dynamic Membership Rules
Dynamic Membership Rules

In the Rule Syntax blade that pops out, enter the following query exactly as written. Double check that the speech marks have not been altered if copying and pasting.
(device.devicePhysicalIds -any (_ -eq “[OrderID]:HoloLens”))

Dynamic Membership Rules
Dynamic Membership Rules

Click OK, then Save the Query.

Create Autopilot Profile for HoloLens 2 Devices
Create Autopilot Profile for HoloLens 2 Devices

Click Create for the Security Group to be created.

Create Windows Autopilot Hololens Security Group
Create Windows Autopilot Hololens Security Group

With the group successfully created, switch over to the Endpoint Manager console.

Endpoint Manager console
Endpoint Manager console

In the Microsoft Endpoint Manager admin center, from the left Menu click on Devices.

Endpoint Manager console Devices
Endpoint Manager console Devices

Under Device Enrollment, select Enroll Devices.

Device Enrollment - Enroll Devices
Device Enrollment – Enroll Devices

Within, choose Deployment Profiles under the Windows Autopilot Deployment Program section.

Windows Autopilot Deployment Program
Windows Autopilot Deployment Program

Click Create Profile and from the drop down, select HoloLens.

Create HoloLens Profile
Create HoloLens Profile

Complete the Profile Wizard as required. Start by giving the profile a meaningful name and description, click next.

Create HoloLens Profile
Create HoloLens Profile

In the next step, you will be asked to define the Out of Box Experience (OOBE), here, a lot of the configuration options are unavailable/predefined. At the time of writing you literally have the option of selecting the Keyboard Language and choosing whether or not to use a device naming template.

Select Automatically configure keyboard to Yes. Set Apply device name template to Yes.

For examples sake, we will define a naming scheme, as shown below. Providing you don’t use a naming scheme that would give your device a hostname of over 15 characters, and you have no syntax errors, it’s difficult to get this bit wrong. Click Next.

Define HoloLens Profile
Define HoloLens Profile

In this example, HoloLens devices being enrolled using this Autopilot Profile will join AAD with the name JAMESV-9387 (4 random characters).

Under Assignments, Select the Security Group to include.

HoloLens Profile Assignments
HoloLens Profile Assignments

In this example, we will use the Security Group we made at the start of this process, that is specific for HoloLens devices. (Autopilot-HoloLens Enrolled Devices) – Click Select once you’ve chosen your group, and then Next.

Autopilot-HoloLens Enrolled Devices
Autopilot-HoloLens Enrolled Devices

Under Review + Create, double check everything looks ok and click Create.

Create Autopilot Profile for HoloLens 2 Devices
Create Autopilot Profile for HoloLens 2 Devices

The newly created Profile should then be visible, and show as Assigned: Yes. This completes the steps to create Autopilot Profile for HoloLens 2 Devices.

Create Autopilot Profile for HoloLens 2 Devices
Create Autopilot Profile for HoloLens 2 Devices

Future articles will show how we can Apply this profile, and Deploy a HoloLens device using Autopilot.

2 Comments

  1. Avatar photo Jorge Cuellar says:

    Great Article, go the same syntax error as Carolina. Here is the fix for it:
    for Hololen2: (device.deviceManufacturer -eq “Microsoft Corporation”) and (device.deviceModel -eq “HoloLens 2”)
    For Hololens Ver 1: (device.deviceManufacturer -eq “Microsoft Corporation”) and (device.deviceModel -eq “HoloLens”)

    Have Fun!

  2. Avatar photo Carolina Cadenas says:

    This is a great article however, when saving the Rule Syntax I get an error. Is there any reference to help with this? Many Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *