I'm looking for advice on how to manage computers that have been domain-joined and are now being sold off or given away. In the past, we created a script and task sequence that users could run from Software Center, which would remove the BIOS password, change the registry version, and reinstall the operating system to Windows Home/Pro using the OEM key. However, this method seems to be failing with Windows 11 machines. Is there a straightforward solution we might have overlooked, or are we back to having to USB-boot and manually handle everything?
4 Answers
You could use a USB key that has an answers file. Booting from that would automate the process and you can walk away. It should install Windows 11 by itself in about 20 minutes, giving you a fresh profile. If it's an HP, check the BIOS for a Windows OEM key too!
I'd suggest wiping the drive and removing it from Intune and the domain. If you can, provide a restore disk to reset to factory settings. Just make sure you clear any BIOS passwords as well. We usually wipe drives and install Zorin OS or ChromeOS Flex on old desktops or laptops before recycling them. We also have an agreement in place for employees who take these devices, stating we don’t provide support and that they need to handle Windows drivers themselves if required.
Have you thought about just removing the devices from Intune and resetting Windows? It sounds like a simpler path than going the USB route. Just a thought!
If you're doing an InTune wipe, remember that the new owner can probably figure out the BIOS password. Some companies have rules that say if a computer isn’t being destroyed, you might have to shred the storage drive. So, the software image isn’t as crucial as securing the data before the release.
We'd prefer to do this without any user input, which is where we're stuck with Windows 11. It seems like nothing works unless users are involved.