Microsoft Surface Deployment Accelerator

by | Jun 27, 2023 | Intune, Surface | 0 comments

Last time I was reading documentation about Microsoft Surface devices and found something interesting with name Microsoft Surface Deployment Accelerator.

What this tool can do? It is a set of script created by Microsoft to create fully automated of Windows installation. You can configure which version of Windows will be installed. Or if you want to install cumulative updates. Or Office 365. Or if you wan to create ISO file or use the Pen drive directly… Everything depending on the parameters which you specify.

Just thinking if that will be also sufficient on my case, because when I’m using Autopilot with Windows Enterprise – I’m also getting the clean image. Rest apps will be installed during ESP or after first logon of end-user. This solution is allowing end-users to work faster on the device, because drivers / Office will be already installed.

You don’t need to have ADK installed, because this script it will install for you, but if you already have installed, script will use it.

On the first step you need to download the repository to your computer from microsoft / SurfaceDeploymentAccelerator repo and expand the archive so some location.

Second step is downloading the ISO for Windows which you want to install. You can use the ISO from Media Creation Tool or like on my case – from Visual Studio Portal.

Third requirement is to have proper settings for PowerShell execution policy. If you don’t have possibility to change execution policy for the whole system, change it for process using command

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force

Next, go to this folder and execute command:

.\CreateSurfaceWindowsImage.ps1 -ISO "C:\Workspace\ISO\Win1022H2.iso" -OSSKU Enterprise -DestinationFolder "C:\Workspace\SDA_Images" -Device SurfacePro7Plus -CreateUSB $false -CreateISO $true -Office365 $false -ServicingStack $false -CumulativeUpdate $false -CumulativeDotNetUpdate $false -AdobeFlashUpdate $false

This command will:

  1. Get ISO from specified by me locaton
  2. Use Enterprise version of Windows from that ISO
  3. Save final ISO file to location specified by me
  4. Create Image for Surface Pro 7+
  5. Don’t create USB Thumb Drive
  6. Will create ISO instead this
  7. And finally, will not inject the Office 365 package.
  8. Last three parameters are not working on this script version. They are related to this update. If you want to use that parameters with $true value, go to next section of this post: Important information.

After some time – script will finish work and we can “burn” iso using for example, Rufus.

When the Pen drive will be prepared – everything what should be done from the IT side – just put in on the device, run the boot from the Pen drive and.. wait for the final results – I mean wait for the information that you can reboot this device.

Before reboot files will be copied, After reboot all drivers will be applied, updates if required also – depending of the parameters on script which you selected.

And finally, if device is in Autopilot database – you will see information that you can logon to the organization with your account.

From my perspective, this solution looks nice, because you have applied drivers before user will logon. User don’t need to download all drivers via Windows Update after logon.

Also, you can apply the Office 365 installation, so next software is not needed to install by the end-user. Cumulative updates? It’s another step less from the end-user work.

Important information!

By the way – there is an issue on the script which was caused by disabling IE on the system.

To view more details about this bug visit: website. I already created pull request to fix that issue.

In meantime before this script will be fixed, you can fix that script manually.

Find line:

Invoke-WebRequest -Uri '' -Method Post -Body $body | Select-Object -ExpandProperty Content

And change to:

Invoke-WebRequest -Uri '' -Method Post -Body $body -UseBasicParsing | Select-Object -ExpandProperty Content

Next find line:

Invoke-WebRequest -Uri '' -Method Post -Body $body | Select-Object -ExpandProperty Content

And change to:

Invoke-WebRequest -Uri '' -Method Post -Body $body -UseBasicParsing | Select-Object -ExpandProperty Content
Jakub Piesik

Jakub Piesik

Microsoft 365 Consultant

I’m writing not only about Intune and Windows 365. I’m writing about everything what I leared previously and want to share with you!

#security #microsoft365 #intune #windows365 #powershell #automation 🙂