Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Ensure that you have your device in Autopilot as outlined here: Integrating with AutoPilot
  2. Create a custom field with the internal name of windows_reimage as seen below. The field should be Boolean and have a default value of "false".

  3. Create smart group that looks for windows_reimage to be True as seen below. 



  4. Add this Fileset to your server. You can unzip it and then drag the Fileset into the Fileset window. Note that this Fileset uses the section of code below that can be edited to change "doWipeMethod" to "doWipeProtectedMethod" or to use any other method as outlined here but be sure to add "Method" to the one you want to use: https://docs.microsoft.com/en-us/windows/client-management/mdm/remotewipe-csp 

    Code Block
    languagepowershell
    # This part wipes the system
    # https://docs.microsoft.com/en-us/windows/client-management/mdm/remotewipe-csp
    # methodname can be doWipeMethod or doWipeProtected but the later needs Win 10 1703 or newer
    $namespaceName = "root\cimv2\mdm\dmmap"
    $className = "MDM_RemoteWipe"
    $methodName = "doWipeMethod"
    
    $session = New-CimSession
    
    $params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection
    $param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In")
    $params.Add($param)
    
    $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'"
    $session.InvokeMethod($namespaceName, $instance, $methodName, $params)


    AutoPilot Wipe Fileset

    .

  5. Select the Fileset and click the Scripts button in the Native Admin. Right click on the Reset.ps1 script and pick Properties. You must change the first launch argument Environment Variable for that script to be the API token you want to use. You can get this from the Native Admin from Manage Administrators → Select an admin → Application Tokens. This token is used by the script to set the custom field for windows_reimage to false. If you don't update this then your device will be stuck in a loop of wiping once you enable it.
  6. Associate the Fileset with the Smart Group that you created.



  7. To wipe a device you will set the windows_reimage custom field to True. This will cause the device to appear in the Smart Group, and will cause the Fileset to be applied. The Fileset will set windows_reimage to be False while it runs, will enable Recovery Environment, and then will initiate a wipe. 
  8. Because the fileset sets windows_reimage to False the device leaves the smart group that would cause the AuotPilot Wipe Fileset to apply to it so it won't be caught in a re-image loop.

...