Windows Autopilot has become one of the most powerful and efficient ways to deploy Windows devices across organizations. Whether you're managing 10 devices or 10,000, Autopilot simplifies provisioning by automating the entire setup—from first boot to enrollment into Microsoft Intune.
But before Autopilot can work its magic, there’s one essential step every admin must perform: capturing the hardware hash of the device. This hardware hash uniquely identifies the endpoint and allows Microsoft Intune to pair the device with an Autopilot deployment profile. Only after this pairing can the device benefit from zero-touch provisioning.
In this guide, I’ll walk you through a detailed explanation of the process you outlined earlier, breaking down every step so even someone new to Autopilot can follow it confidently. Let’s dive in!
Why the Hardware Hash Matters
The hardware hash (also known as the hardware ID, HWID, or device hash) contains critical information about a Windows device’s hardware configuration. This includes:
Device serial number
Hardware IDs
System UUID
TPM information
And other attributes used to uniquely identify a machine
This hash is then uploaded to Microsoft Intune or the Microsoft Store for Business (deprecated), where the device is registered under Windows Autopilot.
Once registered, the out-of-box experience (OOBE) is personalized:
Devices automatically join Azure AD
MDM enrollment happens silently
Policies, apps, and configurations deploy instantly
The user gets a fully ready workspace with minimal IT intervention
Collecting the Hardware Hash: Detailed 5-Step Process
Here’s the expanded walkthrough of each step, including the reasoning behind them and best practices.
Step 1: Create a folder for the hardware hash file
New-Item -Type Directory -Path "C:\HWID"
The first step ensures you have a dedicated location for storing the exported hardware hash. Creating a separate folder like C:\HWID helps keep Autopilot-related outputs clean and organized. This is especially helpful when collecting hashes from multiple devices or automating the process.
Tip: If you plan to run this on multiple devices, consider placing this folder on a USB drive. That way, you simply plug in the USB, run the commands, and collect the CSV automatically.
Step 2: Navigate to the folder
Set-Location -Path "C:\HWID"
Before generating the hash, it’s important to make sure PowerShell is pointed at the correct location. This ensures that any output files generated by the script are placed exactly where you expect them—no confusion, no misplaced CSVs.
Step 3: Set PowerShell execution policy
Set-ExecutionPolicy -ExecutionPolicy Bypass
By default, PowerShell restricts the execution of scripts to protect the system. However, to run the Get-WindowsAutopilotInfo script, you may need to loosen the execution policy temporarily.
Setting it to Bypass ensures:
PowerShell executes scripts without restriction
The change is temporary
No permanent security settings are altered
Note: Only modify execution policies if you trust the script and environment. Never use Bypass when running scripts from unknown sources.
Step 4: Install the required Autopilot script
Install-Script -Name Get-WindowsAutopilotInfo
This command installs the official Get-WindowsAutopilotInfo script from the PowerShell Gallery. This script is the industry-standard method for collecting Windows Autopilot hardware hashes.
What the script does:
Extracts the hardware ID
Formats it into a CSV
Provides an easy-to-upload file compatible with Intune
Pro Insight:
This script is maintained by Microsoft engineers and widely adopted across the IT community. Always ensure you’re using the latest version by running:
Update-Script -Name Get-WindowsAutopilotInfo
Step 5: Generate and export the hardware hash to CSV
Get-WindowsAutopilotInfo -OutputFile AutopilotHWID.csv
This is the most important step.
Running the command collects:
System Serial Number
Windows Product ID
Device Manufacturer and Model
Hardware Hash (encoded)
The output file (AutopilotHWID.csv) is automatically saved into your C:\HWID folder.
This CSV file is what you upload into Microsoft Intune to register the device for Autopilot.
Verification Tip:
Before uploading, you can open the CSV to ensure:
It contains data
The serial number is correct
No fields are empty
Pro Tips for Smooth Autopilot Enrollment
To ensure a frictionless experience, keep these best practices in mind:
Run PowerShell as Administrator
Without admin privileges, many of the commands—especially installation and hardware extraction—will fail. Always open PowerShell using:
Right-click → Run as Administrator
Ensure Internet Connectivity
The script installation step requires access to the PowerShell Gallery. If the device is offline, the script won’t install, and the process cannot proceed.
For Offline Devices: Use the Offline Script Method
If your environment doesn’t allow internet access:
Download the script on a different machine
Copy it using USB
Run it locally
This is especially common in secure corporate networks.
Storing Multiple Hardware Hashes
If you're preparing many devices for Autopilot:
Create unique folders per device
Name CSV files after their serial numbers
Automate naming using PowerShell variables
Uploading the Hardware Hash to Microsoft Intune
Once your CSV file is ready:
Log in to Microsoft Intune Admin Center
Navigate to
Devices → Windows → Windows enrollment → Devices
Click Import
Upload your AutopilotHWID.csv
Wait for processing (usually 1–5 minutes)
Assign an Autopilot deployment profile
After this, the device is fully ready for a zero-touch deployment. The next time it's reset or booted, Autopilot will take over automatically.
Final Thoughts
Capturing the hardware hash may seem like a small task, but it’s the foundation of every successful Autopilot deployment. Following the steps above ensures accuracy, efficiency, and smoother provisioning for end users. Once the device is registered, the rest of the deployment process becomes automated and far more manageable.
Windows Autopilot, combined with Intune, empowers IT teams to modernize device deployment, reduce manual effort, and deliver a seamless employee experience.
If you’re planning large-scale rollouts or want to streamline device management, mastering the hardware hash collection process is the perfect starting point.