Out of Box Windows Enrollment via Azure AD Join
Organizations using Azure AD and Windows 10 devices, can leverage the Out of Box Enrollment experience offered by Windows 10 devices. In this method, the devices can be enrolled to Scalefusion right when they are unboxed by joining the devices with Azure AD credentials.
Prerequisites
- Configure Azure AD based Enrollment in Scalefusion Dashboard
- Azure AD premium license should be assigned to the Users enrolling their Windows 10 devices.
The steps below document the method to enroll a Windows 10 device fresh out of the box and hence you would need a new Windows 10 device to complete the enrollment.
Steps
- Once you power on the device, the first step is to choose the region. Click Yes once you select the region.
- In the screen below choose the keyboard layout and click Yes
- Configure Secondary keyboard settings or choose Skip
- In the Network section, if the device is connected to Ethernet then it will automatically start checking for updates, if it is not then connect to a Wifi and click Next
- Now you will be prompted to Sign in with Microsoft. Here enter your Azure AD email id and click Next
- When prompted enter your password for the account and click Next
At this point, you will be shown the Terms of Use screen, explaining that the device will be managed by your organization. Click Accept to start enrolling the device to Scalefusion.

- Now you will be shown the privacy settings screen. Select the preferred options and click Accept

- If your organization has setup Windows Hello then you would be asked to setup Windows Hello. Follow the onscreen instructions to set up a PIN.
- Once the setup is complete, the screen below will be displayed. Click OK to start using your device. The device is now being managed by Scalefusion.
Question: Why is it advised to create a local Admin account once the enrollment is complete?
Answer: In OOBE setup, the only account added to the device is the account used to Sign In to the device during setup. So once this account is deleted, then there will be no accounts left on the PC using which the device can be accessed. Hence we advise to create a local Admin account that can be used to manage the PC once the account is deleted.