There have been some reported incidents where the Surface Pro Image can't be captured or leaves the Surface Pro inoperable.

Deployment Solution 8.x all versions

Microsoft Surface Pro 3 tablets

Microsoft Surface Pro 4 tablets

For best results, ensure you are on 7.5 SP1 or higher.

These are the known steps to capture Surface Pro images successfully:

1. Update Surface Pro firmware to latest version.
2. Trusted Platform Module (TPM) [Disabled].
3. Secure Boot:
   1. You can have it [Enabled] or [Disabled].
   2. For the Surface Pro 4 you may need to change the Secure Boot configuration "Secure Boot certificate keyset" from "Microsoft only" to "Microsoft & 3rd party CA."
4. Configure Alternate System Boot Order [Network -> USB -> SSD].
5. Configure External Ports [All ports enabled].
6. Use Microsoft Branded USB-Network dongle (model: 1663) or dock for PXE boot.
7. Bitlocker needs to be disabled and the drive needs to be decrypted (If the drive is listed with a padlock, even an unlocked padlock one of these steps is still required to be disabled).
8. Drivers:
   1. Import 'Surface Gigabit Ethernet Adapter' driver (msu30x64w8a.inf) into the 'Preboot Database' and rebuild your PXE image.
      1. Note: Remove any copies of the 'Surface Ethernet Adapter' driver (msu64w8.inf) from your 'Preboot Database,' as it will be matched first for the NIC and cause a failure.
   2. For Surface Pro 4 also import the ManagementEngine driver (heci.inf).
9. Run the procedure in KB 161011: Remove Windows Store Apps before attempting capture.
10. In the advanced options of the image create and restore task add the following ghost command line switches will need to be added  -ntexact -ntil -ntic

Note! The time to PXE boot a Surface Pro is significantly longer than a machine with a dedicated NIC. This is likely due to the difference in performance of a dedicated network card compared to the USB dongle. For further information, contact the hardware manufacturer.