top of page
  • Writer's pictureshishir kushawaha

Autopilot: PowerShell GUI to upload hardware hash with group tags

Updated: Apr 7, 2023

In this post, we will discuss the process of importing hardware hash to the Intune portal, which can be a challenging task, especially if the hash is not imported by the vendor itself. In such cases, the hash needs to be imported manually using PowerShell command let, which can be time-consuming, particularly when dealing with multiple devices. It involves running commands, creating a CSV file, and importing it, which can take a lot of time.

Although command let scripts are available to automate the process of importing the hardware hash, it can still be challenging for those who are not familiar with PowerShell scripting. Additionally, remembering the specific command let scripts required for different tasks can be difficult.

To simplify the process of importing the hardware hash and adding it to a specific group tag, a PowerShell-based graphical user interface (GUI) can be used. For example, if group tags are defined based on countries, a list of countries can be provided in the drop-down menu. When a country is selected, the corresponding group tag will be automatically associated with the device. The GUI will have two options, namely submit, cancel and help. Once the submit button is clicked, the information is collected and processed on Intune portal.

You can download the script from GitHub.

Overview of the script

When you download the script from GitHub, you will receive a compressed folder. Upon extracting it, you will find a folder structure with several files and folders. The root folder will contain a PowerShell script file named "AutopilotHashUpload.ps1". This script is responsible for importing the hardware hash to the Intune portal. You will also find one batch file with the same name. This file will be used to call the PowerShell script.

Folder structure

In addition to the script file, there are two subfolders present in the main folder named "_csv" and "_logo". The "_csv" folder contains a file named "grouptag.csv". This file contains the group tag details that need to be displayed in the GUI. The details include the region, country, and the corresponding group tag. These details will be processed by the script to show in the GUI. You need to fill in all the details in this file.

grouptaglist.csv file structure

The "_logo" folder is used to store the logo image file of the organization. The logo file needs to be copied to this folder, and it should be renamed to "banner.png". This logo image will be displayed in the GUI along with the organization name. You need to replace the "<orgname>" in the GUI title with the name of your organization. Below is the ectract of powershell script where you need to modify the orgname and logo file.

$formtitle="<orgname> Autopilot Console v1.0"
$img = [System.Drawing.Image]::Fromfile($(get-item "$sharedpath\_logo\banner.png"))

Steps to run the script:

There are multiple ways to run the script. One option is to copy the download content to a shared path and run it from there. However, if the share path is not shared with everyone, you need to provide credentials to map share path to drive. Another option is to keep the content at the USB root and run it by plugging the USB into the device. It is much simpler option to run the script.

  1. Reset the system.

  2. Once you get the language or keyboard layout selection screen, press Shift+F10 to launch the Command Prompt.

  3. In the Command Prompt, navigate to the drive where the contents of the script were copied to (either mounted or copied to a USB drive).

  4. Type "autopilothashupload.bat" and press Enter.

  5. The script will start running and a GUI window will be displayed on the screen.

You can also integrate this script in task sequence and run it from software center to capture hardware hash and upload of a device. The same GUI will be shown during task sequence deployment. You can use serviceui.exe to launch the GUI.

PowerShell Windows Form (GUI)

Windows Form GUI

The form has a title which includes the name of your company, such as "<orgname> Autopilot Console v1.0", where you need to replace "<orgname>" with the name of your organization. You can set the logo as well which is mentioned earlier. The form includes options for selecting the region and country where the device is located. There are also buttons created for submitting, cancelling, and accessing help. In addition, there is a text area created to display messages related to the hardware hash import process.

Working on Windows Form (GUI)

  1. Once the GUI form will be displayed on the screen, IT team needs to select the region from the drop-down list.

  2. Once the region is selected, the corresponding countries will be displayed in the country drop-down list.

  3. Select the country from the drop-down list and the script will search the entire "grouptaglist.csv" file to find the appropriate tag for the selected country.

  4. Once the correct tag is displayed in the field, click on the "Submit" button to start the process of capturing and uploading the hardware hash to the Intune portal with the appropriate tag.

  5. The script will process the information and display the progress in the text area field of the GUI form.

  6. The script will display a message according to the selection.

Script section for uploading hardware hash

The code sample provided below is to install the autopilot script and upload hardware hash with tag.

Find-Script -Name Get-WindowsAutoPilotInfo
Install-Script -Name Get-WindowsAutoPilotInfo -Force
Set-ExecutionPolicy -ExecutionPolicy bypass -Force
Get-WindowsAutoPilotInfo.ps1 -Online -GroupTag $tag -tenantid $tenantid

Processing of script

  1. The heart of the code is the Get-WindowsAutoPilotInfo.ps1 script, which is executed in the final line of the code. This script is responsible for collecting the hardware hash from the Windows device and uploading it to the Intune portal.

  2. The script uses the -Online switch to upload the hash to the Intune portal directly without the need for exporting it to a CSV file. It also uses the -GroupTag parameter to add the device to a specific group in the Intune portal. The -tenantid parameter specifies the tenant where the device will be added.

Things to note:

Before uploading the hardware hash, make sure that the device is connected to the internet. The script requires an internet connection to upload the hash to the Intune portal.
Ensure that the "grouptaglist.csv" file, which contains the region, country, and tag details, is properly filled. The script will search this file to retrieve the tag information for the device being uploaded.
The $tenantid variable needs to be defined before running the script. This variable contains the tenant ID of the organization's Intune portal, and it's required to upload the hash successfully.

This approach can simplify the process of importing hardware hash into the Intune portal, and by using a GUI, it can be easier for those who are not familiar with PowerShell scripting. IT saves time and allows for more efficient device management. By utilizing PowerShell GUI, you can simplify the process of importing the device identity, and by adding the device to a group tag.

5,096 views3 comments

Recent Posts

See All


ramy youssef
ramy youssef
5 days ago

IS not working for me


Paul Thomas
Paul Thomas
Feb 06

Great scripts :)

Is their any kind of authentication required for the PC to upload the HASH to Intune/Entra?

I can't see any credentials in the script.

Apr 19
Replying to

I have the same question.

bottom of page