Latitudes Docs

New User & Device Setup

Complete onboarding process for new Housing Connector users and devices. Covers both new user + device setup and device replacement.

Audience: LTC Technicians

Two modes

This guide covers two scenarios. Steps 2 and 2(cont.) are shared. Step 1 is new-user only. Steps 3 and 4 differ between modes — both variants are documented below.

  • New User + Device — Full setup: create all accounts, configure device, and ship. (90–120 min)
  • Device Replacement — Existing user, new device only — account setup is skipped. (60–90 min pre-ship + 30–45 min post-delivery)

Quick Start

New User + Device — what you need: New HP laptop or MacBook, O365 admin access, SyncroMSP, Salesforce, Zoom, Passportal, RMM access

  1. Create accounts: Set up user in SyncroMSP, Salesforce, Zoom SSO, Passportal, O365 with MFA.
  2. Configure device offline: Set up as ltcadmin, update firmware and Windows.
  3. Rename, RMM & verify apps: Rename device, install RMM, verify auto-deployed apps (Chrome, Adobe Reader, Zoom, Slack, Office).
  4. Join Entra and finalize: Join device to Entra, configure Office apps, set up OneDrive backup, ship device.

Device Replacement — what you need: New HP laptop or MacBook, RMM access

  1. (Skip account creation)
  2. Configure device offline: Set up as ltcadmin, update firmware and Windows.
  3. Rename, RMM & verify apps: Rename device, install RMM, verify auto-deployed apps.
  4. Pre-ship config & ship: Configure as tempaccess, ship device with password note.
  5. Post-delivery setup: Walk user through Entra join, Office apps, and OneDrive backup.

Mode A: New User + New Device

Step 1: Setting Up the Accounts

(New User + Device only — skip for Device Replacement)

  1. Create the user in SyncroMSP.
  2. Create a User Account in Office 365. Use the MSFT given password and don't require the user to change it at first login.
  3. Allocate the correct licenses to the user (confirm with client which licenses are needed).
  4. Enable MFA from within Office 365 for the user.
  5. Add the user to all relevant SharePoint groups (confirm with client which groups are appropriate).
  6. Salesforce: Create/invite user in Salesforce. Mimic permissions from the user specified on the onboarding form. Default access level: HC Member. Set up MFA during IT Orientation. Communicate with HC if licenses are needed.
  7. Zoom SSO: After adding user to the Zoom Enterprise App in Entra, log in as the user to create their Zoom account. Allocate license/number as needed. Set the phone area code to the city of the user's office location.
  8. Passportal: Set up the account for the user. Set up MFA during IT Orientation.
  9. Slack: Invite user as a Member in the main Housing Connector workspace. Set up MFA during IT Orientation.
  10. Add the Username, password, QR code, and a 6 digit PIN to the Signal Channel for reference.

Important Security Notes

  • MFA for Salesforce, Passportal, and Slack is set up during IT Orientation — not before.
  • Salesforce default access level is HC Member — escalate license requests to HC.
  • Zoom account is created by logging in as the user after Entra Enterprise App assignment.
  • Slack invitation should be to the main Housing Connector workspace as a Member.
  • Post credentials to Signal Channel immediately for team reference.

Step 2: Setting Up the Laptop (Offline Phase)

  1. Interrupt the OOBE (Out of Box Experience) and set up the device 'without Internet' under the user ltcadmin with regular password.
  2. Once at a desktop, place the device on the Internet.
  3. Download the Lenovo Commercial Vantage from the Microsoft Apps Store.
  4. Update the Lenovo firmware using Commercial Vantage.
  5. Update/patch Windows fully (reboot as needed until all updates are complete).
  6. Test Sound and Camera. If the Camera has a vanity slider, place it in the off position (not closed).

OOBE Interrupt Tips

  • Press Shift+F10 to access command prompt during OOBE if needed.
  • Select "I don't have internet" or "Set up for work or school" > "Domain join" to proceed offline.
  • Ensure firmware updates complete before installing any other software.

Step 2 (cont.): Software Installation and Device Rename

  1. Rename the device: HP-LP-XXX (Windows laptops) or HP-MAC-XX (MacBooks).
  2. Reboot the device.
  3. Install the RMM (Syncro) and approve if necessary.
  4. Wait for the following applications to auto-deploy via Syncro RMM, then verify each is installed:
    • Google Chrome — do not sign in or set as default browser
    • Adobe Acrobat Reader — confirm it is set as the default for PDF
    • Zoom client
    • Slack
    • Microsoft Office 365 Business

Auto-Deploy via Syncro RMM

Chrome, Adobe Acrobat Reader, Zoom, Slack, and Office 365 Business are configured to deploy automatically once the RMM agent checks in. Allow time for all packages to download and install. If any app fails to deploy, install it manually and report the issue.

Naming Convention

  • Windows laptops: HP-LP-XXX (Housing Connector - Laptop - Number)
  • MacBooks: HP-MAC-XX (Housing Connector - Mac - Number)
  • Check existing devices to determine next available number.
  • Update internal inventory tracking after rename.

Mac-Specific Step

When adding the MDM profile on MacBooks, grant Huntress Full Disk Access. This is required for endpoint protection to function correctly.

Step 3: Join Entra and Configure User Profile

  1. Join Entra using the user's new Office 365 account.
  2. Use the 6 digit PIN previously added to the Signal channel.
  3. Once at a desktop, confirm that Edge is logged in as the user.
  4. Confirm Microsoft Office 365 Business was deployed via RMM. If not yet installed, allow time or install manually from office.com.
  5. Open Word and confirm the license agreement.
  6. Install any Office updates.
  7. Set Teams to auto start.
  8. Open Outlook and configure for the user.
  9. Enable BitLocker and save the recovery key to AAD.

Entra Join Process

  • Go to Settings > Accounts > Access work or school > Connect.
  • Choose "Join this device to Azure Active Directory".
  • Sign in with the user's O365 credentials.
  • Set up Windows Hello PIN when prompted.

Step 4: Final Configuration and Shipping

  1. Set the time zone for the laptop to 'automatically detect'.
  2. Set time zone and display name in Zoom.
  3. Launch OneDrive, and configure 'Backup' for Documents, Pictures, and Desktop.
  4. Pin Outlook to the taskbar.
  5. Make the OneDrive and Latitudes icon always visible in the system tray.
  6. Set the sleep time to 4 hours when plugged in.
  7. Box and ship the device to the user.

Final Checklist

  • RMM agent installed and checking in
  • Auto-deployed apps verified: Chrome, Adobe Acrobat Reader, Zoom, Slack, Office 365 Business
  • Adobe Acrobat Reader set as default PDF viewer
  • BitLocker enabled with recovery key saved to AAD
  • Zoom configured (time zone and display name)
  • OneDrive backup confirmed for Documents, Pictures, Desktop
  • Outlook pinned to taskbar
  • System tray icons configured (OneDrive, Latitudes)
  • Power settings: 4 hours sleep when plugged in
  • All Windows and Office updates installed
  • Device properly named (HP-LP-XXX or HP-MAC-XX)

Before Shipping

  • Test user login one final time to ensure everything works.
  • Verify OneDrive sync is functioning.
  • Confirm RMM is reporting to the dashboard.
  • Include setup instructions and MFA QR code in shipping package.

Mode B: Device Replacement

Steps 2 and 2(cont.) are identical to Mode A above — complete them first, then continue here.

Step 3: Pre-Ship Configuration & Shipping

  1. Create a local account named tempaccess with a secure password. Record the password.
  2. Log in as tempaccess and perform the following configuration:
    • Set the time zone to 'automatically detect'
    • Pin Outlook to the taskbar
    • Make the OneDrive and Latitudes icon always visible in the system tray
    • Set the sleep time to 4 hours when plugged in
  3. Verify all auto-deployed apps are present: Chrome, Adobe Acrobat Reader, Zoom, Slack, Office 365 Business.
  4. Write the tempaccess password on a paper note, include it in the shipping box, and box and ship the device to the user.

Pre-Ship Checklist

  • RMM agent installed and checking in
  • Auto-deployed apps verified: Chrome, Adobe Acrobat Reader, Zoom, Slack, Office 365 Business
  • Adobe Acrobat Reader set as default PDF viewer
  • Outlook pinned to taskbar
  • System tray icons configured (OneDrive, Latitudes)
  • Power settings: 4 hours sleep when plugged in
  • All Windows updates installed
  • Device properly named (HP-LP-XXX or HP-MAC-XX)
  • Paper note with tempaccess password included in box

Before Shipping

  • Confirm RMM is reporting to the dashboard.
  • Include setup instructions and tempaccess password note in shipping package.
  • Coordinate with the user's manager to schedule an IT orientation session for post-delivery setup.

Step 4: Post-Delivery Setup (with User)

Before You Begin

This step happens after the user receives the device. Schedule a remote IT orientation session and have the user power on the laptop with the paper note (tempaccess password) handy.

  1. Have the user log in to the device using the tempaccess account and the password from the paper note.
  2. Join Entra using the user's Office 365 credentials.
  3. Set up Windows Hello PIN when prompted.
  4. Enable BitLocker and save the recovery key to AAD.
  5. Confirm Edge is logged in as the user.
  6. Confirm Microsoft Office 365 Business is installed. If not, install manually from office.com.
  7. Open Word and confirm the license agreement.
  8. Install any Office updates.
  9. Set Teams to auto start.
  10. Open Outlook and configure for the user.
  11. Set time zone and display name in Zoom.
  12. Launch OneDrive and configure 'Backup' for Documents, Pictures, and Desktop.
  13. Verify OneDrive sync is functioning and all applications are working correctly.

Entra Join Process

  • Go to Settings > Accounts > Access work or school > Connect.
  • Choose "Join this device to Azure Active Directory".
  • Sign in with the user's O365 credentials.
  • Set up Windows Hello PIN when prompted.

Post-Delivery Checklist

  • Device joined to Entra under user's account
  • BitLocker enabled with recovery key saved to AAD
  • Edge signed in as user
  • Office apps activated and updated
  • Teams set to auto start
  • Outlook configured for user
  • Zoom configured (time zone and display name)
  • OneDrive backup active for Documents, Pictures, Desktop
  • All applications working correctly

PMT SharePoint Access Setup

Download and set up the PMT Access database from SharePoint.

How to Access AVD

End-user guide for connecting to Azure Virtual Desktop — Windows App setup, web client fallback, VM shutdown schedule, and troubleshooting.

On this page

Quick StartMode A: New User + New DeviceStep 1: Setting Up the AccountsStep 2: Setting Up the Laptop (Offline Phase)Step 2 (cont.): Software Installation and Device RenameStep 3: Join Entra and Configure User ProfileStep 4: Final Configuration and ShippingMode B: Device ReplacementStep 3: Pre-Ship Configuration & ShippingStep 4: Post-Delivery Setup (with User)