Now we have worked out how to get a Windows image from FOG server and that our lab is ready to test, we are going to work on the customization side of the project.

3.1 Label devices

Using label has 2 main objectives for us

  • Making sure devices is the property of the company and that we legally have right to get it off from the end user at any time
  • Assigning device to an end user and facilitating management of it.

3.2 Flashing Dell Bios

Latest BIOS at the moment is the 1.5.1

3.3 Changing some BIOS settings

I have enable here

  • USB Powershare (to provide usb charge for our mobile phone when connected on USB port)
  • Advanced Battery Charge

3.4 Deploying Chrome policies

Using ADMX and group policies helped us to deploy extensions as well as automatic settings.
Download the template from the official Google website and copy to your
 C:\Windows\PolicyDefinitions local folder

3.5 Windows Hello setup

Setup a pin to logon for each user was a great way to enable a quick logon even though end user still need password for connecting to OWA or remote applications.

3.6 Enrolling device to MDM (Intune)

We choose to keep end-user a standard user so they would not be able to install software and modify anything on their devices. By doing that we had to install the MDM as a local admin account and switch user as a part of the manual installation process.

Intune default URL

After a sync this appear in your Azure dashboard

You can also use the Autopilot script below to export it to the Azure portal

PowerShell -NoProfile -ExecutionPolicy Unrestricted -Command D:\Folder\Get-WindowsAutoPilotInfo.ps1 -ComputerName $env:computername -OutputFile D:\Folder\$env:computername.csv

Download the powershell below (copy it to the same folder as the bat file)

Once you have exported this across your devices you can head to the Azure portal and go the Windows Autopilot devices section and click on Import

3.7 Installing Desktop Apps via Chocolatey

In order to install all software by once before we capture the image I have used Chocolatey Powershell scripting

First part is to install Choco via Powershell (run as administrator)

Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('')) 

Then I have created the two files below

@echo off
powershell -NoProfile -ExecutionPolicy bypass -command ".'%~dp0install.ps1'"

choco install boxstarter -y
choco install googlechrome -y
choco install adobereader -y
choco install teamviewer -y
choco install treesizefree -y
choco install 7zip -y
choco install dellcommandupdate -y
choco install vlc -y
choco install jre8
choco install notepadplusplus.install

3.8 Install Windows 10 Apps

Reinstall Windows 10 Store
Get-AppxPackage -AllUsers| Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}

Reset Windows 10 Store

Uninstall the store
Get-AppxPackage windowsstore | Remove-AppxPackage

I had installed the camera app, Office lens, Power Bi as well as Company portal to provide a company catalog of apps.

3.9 Custom StartLayout

3.10 Cosmetic touches


Working in the fashion industry is a lot about appearance so we have decided to get some sticker branded to be put at the back of the 2 in 1 devices.

Boot loader custom image

A great & easy way to customize the boot loader is to use HackBGRT
You will have to make sure bitlocker is disable and your BIOS is UEFI type.

Copy the folder you have downloaded into a usb drive with your own picture.

You can change a couple of option in the config file and execute the setup.


Copy any non-default Fonts that are used by the Marketing departments

Leave a Reply

Your email address will not be published. Required fields are marked *