Updated 01/25/21 - You can now rename a co-managed device that is Azure AD joined. The “Rename device” setting is currently disabled for Hybrid Azure AD joined devices. Intune Engineering is continui...
Updated Dec 19, 2023
Version 12.0
Blog Post
2 MIN READ
Known issue with “Rename device” setting for Windows 10 devices in the Intune console
Hello Intune,
we are having a very serious issue with Hybrid AAD Joined Windows 10 machines and our MDM users.
They are able to see their Windows 10 Corporate-Owned Hybrid AAD Joined machines in the Company Portal and from there, issue a Refresh (Wipe) command! This is very dangerous as it allows end users to reset their assigned company machines through their mobile.
I have already been informed by Intune Support that this is a known issue and should be resolved.
The logic here should be that if a Windows 10 Domain Joined / Hybrid AAD joined machine is Corporate owned (GPO or SCCM used for automatic enrollment), the "Enrollment user" shouldn't be able to act against those systems. Only designated entities should.
Please raise this case's impact as it could really cause issues where users unknowingly do such actions (rename should also be blocked for them) as these devices are not under their ownership, rather they are company resources.
Thanks