Computer Onboarding

Overview

Computer onboarding is designed to be automated, secure, and as simple as possible for the person performing the onboarding.

As a general rule, computer configuration (such as screen timeout, bitlocker encryption, etc) should be scripted and part of the base install script. Manual configuration should never be applied unless absolutely necessary. If the customer is in Syncro, these scripts can be added as part of the onboarding process when Syncro is installed.

Third party apps can be installed through Syncro’s third party app policy, or scripted using Chocolatey (e.g. choco install appname) or Winget (e.g. winget install appname)

General Process

What follows is a high-level view of the onboarding process on a brand new, Out of Box (OOB) workstation

1. Create a local user account using start ms-cxh:localonly
2. Connect the computer to the internet and run Windows Updates until complete
3. Install Syncro and rename the device in the Syncro portal
4. Under the Syncro asset, go to Actions and select Sync Asset Data
5. Wait for third party apps to finish installing
6. Once the third party apps are finished installing, run Performance Test if installed and verify that the passmark values are within 10% of the expected value
7. Install any non-automated apps, (e.g. Acronis, SentinelOne). These can be found under the Installer Script/Installers path of the customer in SharePoint, with any license keys being in Installer Script/Keys.
8. If the workstation has a specified policy in the endpoint protection (e.g. Sentinel One) according to the system layout diagram, head to the portal and apply it.
9. Once installed, delete any old scripts/installers/key.txt files.