Documentation

Contents

Agent Setup via Intune

The Autopilot Monitor agent is deployed to devices using a PowerShell bootstrapper script distributed as an Intune Platform Script. The script downloads, installs, and registers the agent automatically — no manual steps on the device are required.

Safe to assign broadly — already-enrolled devices are not affected

Before installing anything, the bootstrapper runs a series of pre-requisite checks. The agent is only installed when all checks pass. Devices that do not meet the criteria are skipped silently.

  • Fresh OS install: The OS installation date must be within the threshold (default: 120 minutes). Devices enrolled weeks or months ago fail this check immediately.

    If you have devices that were imaged earlier and sat in storage before deployment, adjust the threshold via the script parameter MaxOsAgeMinutes at the top of the script — e.g. set it to 2880 for 48 hours.

  • MDM enrollment not yet complete: If the device is already fully MDM-enrolled, the script exits without installing anything.
  • No existing agent: If a previous agent installation is detected (leftover from a prior run), the script skips re-installation.

The agent is temporary by design: once the Autopilot enrollment completes, the agent uninstalls itself and removes the scheduled task. It only exists on the device for the duration of the enrollment process.

  1. 1

    Download the bootstrapper script

    Download the PowerShell script that installs and configures the Autopilot Monitor agent:

    Install-AutopilotMonitor.ps1Alternate download via GitHub
  2. 2

    Create a Platform Script in Intune

    In the Microsoft Intune admin center, navigate to Devices → Scripts and remediations → Platform scripts and click + Add → Windows 10 and later.

    Recommended script settings:

    Name: Install Autopilot Monitor

    Script: Upload the downloaded .ps1 file

    Run this script using logged on credentials: No

    Enforce script signature check: No

    Run script in 64-bit PowerShell: Yes

  3. 3

    Assign to a device group

    Assign the script to the device group that covers your Autopilot-enrolled devices. The two most common choices are:

    • All devices — built-in Intune group, covers every managed device
    • A dynamic Azure AD group for Autopilot devices using the membership rule (device.devicePhysicalIds -any _ -startsWith "[ZTDId]") — targets only Autopilot-registered hardware

    The "All Autopilot devices" dynamic group is preferred if you want to limit telemetry to Autopilot-enrolled hardware only.

  4. Done

    Once the script runs on a device, the agent installs itself, creates a scheduled task under SYSTEM, and begins monitoring the Autopilot enrollment immediately. Sessions will appear in your dashboard within seconds of the agent starting.

Autopilot Monitor v1.0.0