Set up Windows Notebook again

    1. Make BIOS settings in the device (490):
    2. Security
    3. Virtualization
    4. Kernel PMA Protection -> Off
    5. Secureboot -> On

    1. start-up
    2. Network Boot -> PXE Boot

    1. Config
    2. Thunderbolt 3
    • Security Level -> No Security
    • Thunderbolt Device -> enabled

    1. Make BIOS settings in the device (480):
    2. Config -> Thunderbolt -> Security Level : No Security
    3. Config -> Network -> MAC Address ... : Enabled
    4. Startup -> Uefi only

    1. Refuel via WDS

    If the Windows deployment service does not already exist in "Active Directory Pre-deployed", insert the customized script into the Windows Powershell ISE and run it

    Rename PC

    Delete DELETE ME in AD

    1. WSUS

    Move from "unassigned" to "clients

    1. Install Windows Updates on the device
    2. Activate bitlocker on the device

    1. If User Admin gets rights
    2. Select device in AD tab managed by user

    10. Refuel via PDQ

    • In PDQ Deploy R.Click on the package and Deploy Once
    • Enter computer name
    • If necessary, select further packages under Choose Packages
    • Deploy Now
    • Under All Deployments you can see all status

    11. Update the Sophos Client on the device

    1. Check Lenovo System Update for new updates and update if necessary
    Published