Dell validating devices domain
The rest is automated including the Azure AD Join and enrolling with a MDM/EMM product (last one is optional).
Once enrolled with a MDM/EMM solution, applications and policies can be published to the device fully automatically.
Remember that the user who joins a Windows 10 device with Azure AD is always the administrator (with the exception that there is Auto Pilot profile is assigned which indicates that the user must be a normal user).
All other users who logs on to the device have normal user rights.
With every new order by hardware vendors like Microsoft, Dell and HP you can specify that you are using Windows Auto Pilot.
They will add the device ID’s to Azure for you or can deliver a file with all new device ID’s that you can import to the Azure Tenant yourself. That’s also possible to add them to your Azure Tenant, it requires some manual steps, as I show you in this blog. This means that every user that needs to make use of this feature needs at least a Azure AD Premium P1 license or a Microsoft Enterprise Mobility Security (EM S) E3 or E5 license if you also want to manage the Windows 10 device with Microsoft Intune, like in this blog.
With Windows Auto Pilot you control the Out-Of-Box Experience (OOBE).With traditional PC management you have tools like Microsoft SCCM with which you could deploy complete images and automate local domain join with custom scripts.With Windows 10 in combination with Modern Management, image deployments are no longer necessary.Every time a Windows 10 device starts up for the first time (or after a factory reset) it runs the OOBE setup.During this setup the devices will check if the Device ID of the device is known in any Azure Tenant.