![]() It will restore a device to its default settings (OOBE, out-of-box experience). The Wipe action (formerly named Factory Reset) can be a destructive action with potential data loss. However, it will not remove Microsoft 365 Apps for Enterprise (Office ProPlus) and other Win32 apps or any user’s personal data. Retire is a perfect option for BYOD devices enrolled in Intune, as it will remove all management Intune settings like Wi-fi, VPN profile, certificates, e-mail accounts, the Azure AD join record, and apps. Without any local administrator provisioned, you will not be able to access the device after a Retire/Delete any longer. If you still want to delete the AAD device, you need to remove it in Endpoint Manager Admin Center first. Devices with Autopilot ZTDID cannot be removed from AAD Therefore, the Azure AD team has added an extra safeguard to prevent any deletion of AAD device objects with assigned Windows Autopilot IDs. This object is the anchor for the Autopilot device. This is because if you register a device with Autopilot it will create a linked stub device object in Azure AD. Please note there is an exception to this: If your device has an Autopilot hash assigned (Zero Touch ID, ZTDID) it will NOT be deleted from Azure AD. For corporate devices, it removes all access to the device completely, as it also deletes the Azure AD record. Retire should be used for devices that are no longer needed. Yes, wait until device ultimately checks in Only if a local account exists (non AAD accounts) a sign-in is possible after Retire Action. Removes mail accounts that were provisioned by Intune. This includes emails and attachments in the Mail app for Windows. Intune management extension installed Win32 apps will not be uninstalled on unenrolled devices.Ĭonfigurations that were set by Intune policy are no longer enforced. ActionĬompany apps and associated data installed by IntuneĪpps are uninstalled. Retire leaves users’ personal data on the device. Delete will also issue the retire command but it will remove the device from the All devices list immediately. If you want to remove stale devices immediately, use the Delete action instead. The device will still show up in Intune until the device ultimately checks in. The Retire action removes app data, settings, and Intune managed email profiles from the device. If you prefer it short and concise summary can be found at the end. I would like to explain the different options, their differences, and their main use cases here. Some of the options even provide additional „suboptions“. It feels there are a million different reset options in Microsoft’s endpoint manager (aka Intune). Update: Added a paragraph to clarify on the effect of Windows Autopilot for device Retire / Delete actions.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |