Get Windows AutoPilot device information of Microsoft Intune managed devices

This week I’m going to show an example of how to collect the Windows AutoPilot device information of existing Microsoft Intune managed (Windows 10) devices. That could be useful, for example, when an organization wants one similar deployment experience for all devices. For now and in the future. In that case it can be very useful to gather the device information and upload that information. That will provide future deployments of those existing devices with the same company branded deployment experience as new devices. Also, another reason for this post is the simple fact that I’ve received this request multiple times now.

This example will use an Azure storage account that will be used to store the Windows AutoPilot device information and it will use the Get-WindowsAutoPilotInfo script to collect the information. In this post I’ll show high over the steps to create the Azure storage account, followed by an overview of the PowerShell script to collect the information and write the information to the storage account. I’ll end this post with the Microsoft Intune configuration and a quick peak at the results. After that simply collect the information and upload it via Microsoft Intune or the Microsoft Store for Business (or the Partner portal).

Create storage account

The first step is to create a storage account in Azure. The following four steps walk through the high over steps to create a storage account including a file share. That file share will be used to store the Windows AutoPilot device information.

1 Open the Azure portal and navigate to Storage accounts;
2 Add a storage account of the Storage (general purpose v1) kind and make sure that Secure transfer required is enabled (remember the storage account name);
3 Navigate to Files and add a file share (remember the file share name);
4 Navigate to Access keys and view the available keys (remember the key) ;

Note: Be aware that not every ISP allows access from port 445 to Azure (for an overview see:

Create PowerShell script

The second step is to create a PowerShell script to upload the Windows AutoPilot device information to the file share in the just created storage account.

Script variables

This PowerShell script is created for usage within Microsoft Intune. Currently the PowerShell script functionality within Microsoft Intune can’t work with input variables, which means that the values of the different variables have to be available in the script. That means that in the variables block on top of the script (see script snippet section) the following values should be adjusted.

  1. <StorageAccountKey>: This should be the access key of the created storage account (step 4);
  2. <StorageAccountName>: This should be the name of the created storage account (step 2);
  3. <ShareName>: This should be the name of the share of the created storage account (step 3).

Script actions

The PowerShell script contains a few actions that it should perform to complete the required activities. It contains the following actions that can be found in the different try-catch blocks (see script snippet section).

  1. Create a drive with the created Azure storage account;
  2. Download the available script from PowerShell Gallery;
  3. Set the location to the location of the downloaded script;
  4. Install the downloaded script;
  5. Run the installed script and use the created drive for the output;
  6. Remove the downloaded script and the created drive.

Script snippet

The PowerShell script is shown below.

Note: Be aware that downloading PowerShell Gallery items requires PowerShellGet and that PowerShellGet requires the NuGet provider to work with the PowerShell Gallery (for more information see:

Configure PowerShell script

The third step is to configure the PowerShell script in Microsoft Intune. To upload the script, follow the next five steps. After uploading the script, simply assign the script to the required users and/or devices.

1 Open the Azure portal and navigate to Intune > Device configuration > PowerShell scripts;
2 On the Device configuration – PowerShell scripts blade, click Add script to open the Script Settings blade;
3 GWAI_AddPowerShellScriptOn the Add PowerShell script blade, provide the following information and click Settings to open the Script Settings blade;

  • Name: Provide a valid name for the PowerShell script policy;
  • Description: (Optional) Provide a description for the PowerShell script policy;
  • Script location: Browse to the PowerShell script.

Note: The script must be less than 10 KB (ASCII) or 5 KB (Unicode).

4 GWAI_ScriptSettingsOn the Script Settings blade, provide the following configuration and click OK to return to the PowerShell script blade;

  • Run the script using the logged on credentials: No;
  • Enforce script signature check: No;

Note: Configure Run the script using the logged on credentials to No means that the PowerShell script will run in SYSTEM context;

5 Back on the Add PowerShell script blade, click Create.

End result

Now let’s end this post by looking at the results. The share in the created storage accounts will start filling with CSV-files of the different Windows 10 devices that are managed by Microsoft Intune. That means that it will start to look like something as shown below.


As the required device information is available now, within the file share of the storage account, it can be downloaded and imported via for example Microsoft Intune. Of course it’s possible to use PowerShell to merge these CSV-files into one big CSV-file. This is relatively easy by simply using something like Get-Content and always grab the second line of the CSV-files.

17 thoughts on “Get Windows AutoPilot device information of Microsoft Intune managed devices”

  1. The eventual goal is to eliminate the need for something like this: If you’ve already got a device enrolled in Intune, we can automatically add it to AutoPilot. Stay tuned.

  2. Hi, I’ve tried to import the CSV file into Intune and returned an error saying the device is already member of AAD and couldn’t be imported into the AutoPilot :\

  3. Hi Eduardo,
    Can you provide some more details, like if you already previously added that device to AutoPilot?
    I just successfully uploaded device information of a device that already existed in AAD.
    Regards, Peter

  4. Hi Peter,
    I haven’t added that device to autopilot before but I have registered and joined it to Azure AD manually.

    Under Device Enrollment – Windows Enrollment, I click on Manage Windows Autopilot Devices, select import, choose the csv file – that parts works but the import process comes back with the following error:

    Internal error
    814 – ZtdDeviceAlreadyAadRegistered


  5. Hi Eduardo,
    I just heard that the behavior recently changed for importing AutoPilot devices. At this moment the import will fail when the device is already available in Azure AD.
    Regards, Peter

  6. that is good, so I know the error is not related to my tenant or something that I’ve missed.

    It is a shame this change in behavior. I came across your article because of this statement “That will provide future deployments of those existing devices with the same company branded deployment experience as new devices. ” but at least your article is great showing us how to export the necessary information from existing machines. 🙂


  7. As the warning states about using port 445, is there an alternative port to utilize?

  8. Peter,
    I am able to get this to run manually if I run my PS session as an admin (elevated rights) so I know the script works. However, when I push this to my Intune machines it fails since all teammates are users on their machines and not admins. I have this running in system context but that does not seem to help. Any ideas on a resolution?

    Mike M.

  9. Hi Michael,
    Running a script as admin is not the same as running a script as SYSTEM, which is what Intune does. Having said that, keep in mind that you can now also easily targeted already Intune managed devices without separately importing those devices.
    Regards, Peter

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.