06/08/2021
HomeMicrosoftIntune/Windows 10 Autopilot Firewall exceptions

Intune/Windows 10 Autopilot Firewall exceptions

By  Microsoft  0 Comments

All the URLs required to be put in Firewall Exception for Autopilot project. Please ask your network Team to allow below URLs for Autopilot. They are all Port 80 and Port 443 over TCP connection unless specified with URL in the list below. e.g. WIP requires port 444.

Must haveaka.ms*
go.microsoft.com
Device Authenticationlogin.live.com
dmd.metaservices.microsoft.com [used to retrieve device metadata]
Windows Autopilotztd.dds.microsoft.com
cs.dds.microsoft.com
TPM Attestation for Whiteglove*.microsoftaik.azure.net
ekop.intel.com/ekcertservice [If device firmware is from Intel] ekcert.spserv.microsoft.com/EKCertificate/GetEKCertificate/v1 [If device firmware is from Qualcomm]
ftpm.amd.com/pki/aia [If device firmware is from AMD]
Windows Activation/Licensingactivation.sls.microsoft.com
validation.sls.microsoft.com
activation-v2.sls.microsoft.com
validation-v2.sls.microsoft.com
licensing.mp.microsoft.com
licensing.md.mp.microsoft.com
CRL and OCSP checks for CAcrl.microsoft.com/pki/crl/products/MicProSecSerCA_2007-12-04.crl
crl.microsoft.com/pki/crl/*
*microsoft.com/pkiops/*
ocsp.digicert.com/*
Windows Update/Delivery Optimizationctldl.windowsupdate.com
cs9.wac.phicdn.net
*.windowsupdate.com
*.update.microsoft.com
*hwcdn.net
*.delivery.mp.microsoft.com
tsfe.trafficshaping.dsp.mp.microsoft.com
*.prod.do.dsp.mp.microsoft.com
*geo-prod.do.dsp.mp.microsoft.com*
*.dl.delivery.mp.microsoft.com
*.emdl.ws.microsoft.com adl.windows.com
Microsoft Store for Business*displaycatalog.mp.microsoft.com d
isplaycatalog.md.mp.microsoft.com
purchase.mp.microsoft.com
purchase.md.mp.microsoft.com
storecatalogrevocation.storequality.microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
.md.mp.microsoft.com
pti.store.microsoft.com
markets.books.microsoft.com
storeedgefd.dsx.mp.microsoft.com
livetileedge.dsx.mp.microsoft.com
share.microsoft.com
*.microsoft.com.akadns.net
clientconfig.passport.net windowsphone.com
*.microsoft.com
*.s-microsoft.com
manage.devcenter.microsoft.com
NTP time.windows.com [over UDP port 123]
Network Connection Status Indicatorwww.msftconnecttest.com*
Diagnostics Data*.events.data.microsoft.com
*.telemetry.microsoft.com
watson.*.microsoft.com
*.vortex-win.data.microsoft.com/collect/v1
cs11.wpc.v0cdn.net
cs1137.wpc.gammacdn.net
settings.data.microsoft.com
settings-win.data.microsoft.com
*.blob.core.windows.net
Windows Notification Services*.wns.windows.com
Office Apps/Office Updates*.c-msedge.net
*.e-msedge.net
*.s-msedge.net
nexusrules.officeapps.live.com
ocos-office365-s2s.msedge.net
officeclient.microsoft.com
outlook.office365.com
client-office365-tas.msedge.net
www.office.com
onecollector.cloudapp.aria
v10.events.data.microsoft.com/onecollector/1.0/
self.events.data.microsoft.com to-do.microsoft.com
g.live.com/1rewlive5skydrive/*
msagfx.live.com
oneclient.sfx.ms
logincdn.msauth.net
blobs.officehome.msocdn.com
officehomeblobs.blob.core.windows.net
self.events.data.microsoft.com
outlookmobile-office365-tas.msedge.net
config.teams.microsoft.com
Defenderwdcp.microsoft.com
definitionupdates.microsoft.com
*.smartscreen.microsoft.com
*.smartscreen-prod.microsoft.com
checkappexec.microsoft.com
Microsoft Account Access endpoints*.login.microsoftonline.com
*.login.microsoft.com
login.windows.net
account.live.com
signup.live.com
login.msa.akadns6.net
us.configsvc1.live.com.akadns.net
Required for Cortanawww.bing.com*
I-ring.msedge.net
s-ring.msedge.net
MS Edgeiecvlist.microsoft.com
msedge.api.cdp.microsoft.com
Azure Cloud relatedwd-prod-fe.cloudapp.azure.com
accountalt.azureedge.net
secure.aadcdn.microsoftonline-p.com
ris-prod-atm.trafficmanager.net
validation-v2.sls.trafficmanager.net
Intune relatedportal.manage.microsoft.com
r.manage.microsoft.com
m.manage.microsoft.com
*.manage.microsoft.com
*.officeconfig.msocdn.com
config.office.com
graph.windows.net
enterpriseregistration.windows.net
fef.msuc03.manage.microsoft.com
wip.mam.manage.microsoft.com [requires port 444]
mam.manage.microsoft.com
facebookShare on Facebook
TwitterTweet
FollowFollow us
Tags:, , , , , ,

Related Posts

About Author

Zee

Zahin is a Modern Workplace Solutions Architect specialises in End User Compute. He specialises in SCCM, Intune, Azure AD, M365, Windows 10 and other Windows platforms.

Add a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.