Trishula Provisioning Guide:
Section titled “Trishula Provisioning Guide:”-
Standard Make & Model: X1 Carbon
-
Alternate Make & Model: NA
-
Default naming schema: TRI-(SN)
-
Domain: AzureAD (M365 Deployment)
-
VPN: N/A
-
Immy.bot Configuration: Configured, Ready to Deploy to skip Out-Of-Box-Experience+Software and localuser configuration. Ref: KB00038353
Completion Criteria:
Section titled “Completion Criteria:”-
The Device is joined to Trishula’s Azure Tenant
-
Device has been renamed TRI-SerialNumber
-
User signed in with M365 Admin Creds
-
Umbrella module configured with OrgInfo.json
-
Users Bitlocker key has been backed up to the AzureAD account
-
User’s Office apps, Outlook, Teams, and OneDrive are signed in
-
OneDrive Backup is enabled for Desktop, Documents, and Pictures
-
Default Apps Set: Mail: Outlook, Browser: Chrome:, PDF: Adobe Reader
-
Apps and Utilities loaded onto the device: per client WI
-
N-Able Windows Agent Take Control tested
-
Device and drivers have been updated (Windows Update, Lenovo Vantage/System Update)
-
Perform Mic and Camera check with a Teams test call, with users permission
-
Perform quality check against the manager’s request and the provisioning Work instruction
Software:
Section titled “Software:”-
SentinelOne
-
Agent Key: eyJ1cmwiOiAiaHR0cHM6Ly91c2VhMS1zd3ByZDUuc2VudGluZWxvbmUubmV0IiwgInNpdGVfa2V5IjogImdfYmM2Y2RkMjYwMTIzYWU3YSJ9
-
N-Central Agent
-
Microsoft Office Apps for Business
-
Cisco Umbrella+OrgInfo.JSON file
-
Google Chrome: https://www.google.com/chrome/
-
Acrobat DC if requested/approved (credentials in PWState)
Setup Steps:
Section titled “Setup Steps:”- Create “localuser” account with the credentials within 1Password.
EntraID/AzureAD Reigstration and User-Add
-
Navigate to Settings
-
Navigate to Work or School settings
- Select “Sign-In” to work or school
-
Once the Microsoft sign in panel appears, select the blue “EntraID/AzureAD Corporate Sign in” link
-
Sign in with the user’s Microsoft credentials
- Agree to join the organization
-
Navigate to the start menu and select switch user
-
Sign in with the users Microsoft 365 e-Mail and password
-
The user will likely be required to setup a pin, faceID, or fingerprint.
-
Users can forgo biometrics but must have a pin. usually 6 digits.
Once the user is signed in:
Section titled “Once the user is signed in:”-
Setup the user profile
-
Sign into Outlook, pin it to the taskbar
- When presented with this screen, uncheck the box that “Allows this organization to manage my device” as it tends to cause authentication issues with TPM.
- Setup Teams, perform a test call to ensure the camera and mic work and that no network authentication message pops-up during the users first meeting.
- Setup OneDrive from taskbar shortcut
-
Enable Backup for Desktop, Documents, and Picture Backup within OneDrive
-
Set App defaults within Settings
-
Uninstall bloatware
-
Clean up the taskbar and Start menu bloat
-
Remove Widgets, CoPilot, Shrink the Search menu
-
Pinned apps: File Explorer, Google Chrome, Outlook, Teams, Fishbowl
-
Set system sleep times 15-30-30-1Hr.