When I joined the IT team at a corporate headquarters, one of my first tasks was learning the reimaging process. We had a long counter lined with 12 to 18 laptops at a time, and the process went something like this:
- Go to Intune, delete the device record, enrollment record, and Azure AD record
- Walk to the laptop, boot from a Windows 11 USB installer, perform a clean install
- Wait. Perform all Windows Updates — drivers too — while the device is unmanaged
- Walk back to the laptop, run a PowerShell script to capture the hardware hash, which exports to a CSV on a USB drive
- Walk back to your desk, manually upload the CSV to Intune to recreate the enrollment record
- Walk back to the laptop, initiate Autopilot pre-provisioning
- Wait for provisioning to complete
- Reseal the laptop, put it on the shelf
Start to finish: roughly 6 hours per batch, assuming no hiccups. And there were always hiccups.
Something Felt Off
A few things didn't sit right with me from the start.
Why were we deleting the device record and starting completely from scratch? Why were we installing an old version of Windows 11 from a USB, only to spend hours downloading updates to get it current again? Why were we making three or four trips back and forth between the desk and the counter for every single batch?
And most importantly — Windows has built-in features specifically designed for this use case. Autopilot Reset and Fresh Start exist precisely so you don't have to blow everything away and start over. Why weren't we using them?
So I asked.
The answer I got from the engineers: "Because it doesn't work."
Okay. When was the last time you tried?
"About three years ago. Now we just do it manually."
I Just... Tried It
No lengthy investigation. No ticket. I grabbed a test device, initiated an Autopilot Reset, and waited.
It worked.
Autopilot Reset wiped the device, preserved the Windows version and existing updates, kept the Intune enrollment record intact, and left the laptop clean and ready for the next user — all without touching Intune, uploading a CSV, or reinstalling Windows from scratch.
Then I tried Fresh Start as well, for cases where a deeper clean was warranted. That worked too.
The reason the engineers had written it off three years ago? Likely a policy misconfiguration or a known Autopilot bug from that era that had long since been resolved. Nobody had ever gone back to verify. The broken process had just become the process.
The New Workflow
We settled on Autopilot Reset as the standard for reimaging, with Fresh Start available as a fallback for more stubborn devices.
The new process:
- Initiate Autopilot Reset on the device
- Wait for the wipe and reset to complete
- Pre-provision via Autopilot
- Reseal and shelf
That's it.
Because the device was already enrolled in Intune and already up to date before the reset, we skipped the USB install, skipped the hours of Windows Updates, skipped the hash capture and CSV upload, and eliminated most of the back-and-forth.
6 hours down to 2. For a batch of 12 to 18 laptops, that's a significant chunk of time back in everyone's day.
Writing It Up
After validating the new workflow, I wrote it up as a formal KB article and worked with the team to train other staff on the updated process. Autopilot Reset became the new SOP for device reimaging across the organization.
The Lesson
This wasn't a complex fix. It didn't require deep technical knowledge or a clever workaround. It just required someone to ask why — and then actually try the thing that everyone had assumed was broken.
Assumptions have an expiration date. Autopilot and Intune have both changed significantly over the past three years. Something that was broken or unreliable in 2021 might work perfectly fine today.
If your team has a process that exists because "we tried the right way once and it didn't work" — it might be worth trying again.
Have you inherited a broken process that turned out to have a simple fix? I'd love to hear about it in the comments.
Top comments (0)