Deploying infrastructure at the edge has always been one of the more painful parts of running hybrid environments. Whether it’s retail stores, factories, branch offices, or remote sites, getting servers racked, configured, and ready for workloads has traditionally required skilled IT staff on-site — a process that’s slow, expensive, and error-prone, especially when you need to do it at scale. In my latest video, I walk through Simplified Machine Provisioning for Azure Local, which is a new way to provision Azure Local physical hardware nodes with minimal on-site interaction, while keeping centralized control through Azure. The idea is simple: rack it, power it on, insert a prepared USB, and let Azure do the rest.
📺 Watch the video: https://www.youtube.com/watch?v=jsmhpWPh-tI
Why Azure Local Simplified Machine Provisioning matters
The classic OS installation path for Azure Local means creating boot media, connecting to each server’s management interface, and manually running Windows Setup — then configuring networking and registering with Azure Arc as separate steps. That works, but it doesn’t scale well when you’re rolling out dozens or hundreds of sites.
Simplified machine provisioning shifts that configuration effort to Azure. Instead of manually configuring each server locally, IT teams can now:
- Define provisioning configuration centrally in Azure
- Securely complete provisioning remotely with minimal steps
- Automate provisioning workflows using ARM templates to ensure consistency across sites
This is especially valuable when someone other than your on-site staff prepares the machines — for example, a hardware manufacturer or integrator, so the people in the rack only need to power the hardware on and connect it to the network.
How it works: the three stages
At a high level, the process breaks down into three key stages:
1. Prepare the machines
You install a Microsoft-provided maintenance environment on the machine via a bootable USB, which generates an ownership voucher. These artifacts meet the FIDO Device Onboarding (FDO) standard and are sent to the customer. Anyone can prepare the machines — a manufacturer, an integrator, or even the customer — but the approach is most valuable when it’s done before the hardware ever reaches the on-site team.
2. Provision the machines from Azure
In the Azure portal, you set up site-level configuration that applies to all new machines under a site — settings like time zone, time server, proxy server, and Key Vault for administrator credentials. This eliminates the need to manually configure each machine. You then claim machine ownership using the voucher and select the operating system profile. The machines securely connect to the call-home URL, the OS is installed, and networking and Azure Arc registration are handled remotely.
3. Deploy the cluster
Once provisioned, the machines are ready to be used to create an Azure Local instance, just as you would with ISO-based installation.
Built on open standards (FIDO Device Onboarding)
One of the parts I really like is that this is built on the FIDO Device Onboarding (FDO) specification, an industry-standard approach for securely onboarding devices at scale. FDO enables secure device identity and ownership transfer, protecting machines with zero-trust supply-chain security, and it provides a consistent onboarding model that can extend beyond servers to broader edge scenarios down the road.
Centralized, site-based configuration with Azure Arc
The new provisioning flow uses Azure Arc Sites. In Azure Arc, a site represents a physical business location, datacenter, a store, factory, or campus, and the set of resources associated with it. With site-based configuration, you can create and manage provisioning settings centrally in the Azure portal, define networking and environment configuration at the site level, and reuse the same configuration as new machines are added. It’s targeted, repeatable management at scale.
Resources and links
- 📺 Azure Local Overview
- 📺 Deploy VMs on Azure Local (Portal, CLI & IaC)
- 📖 Install & register via Simplified Machine Provisioning (Microsoft Learn)
