Forum Discussion
How to offboarding endpoint from Purview
Hi
I'm a fresh user of Purview and after creating policies linked to Exchange, I've enabled the onboarding of computer. Unfortunately, all Defender endpoints have been onboarded, and I've not be able to define which one was concerned. Now, I would like to offboard all those devices from purview and only keep them in Defender without any DLP protection. I tried to remove them with the onboarding script, but my endpoints are still present in Purview. How can I completely remove them?
Thanks for your help
Yohann
2 Replies
Thanks for your answer.
I've executed the offboarding script but even after 24 hours, devices are still in the list but the Endpoint DLP Status is "false". As you said, they still have Defender fully active.
Thanks
Hi CovUser06,
If you want to remove devices from Purview while keeping them protected by Microsoft Defender for Endpoint, you should download the Windows off‑boarding package from Purview portal > Settings > Device onboarding > Offboarding and run the included script on each device with administrator rights to stop them from reporting to Purview. After running the script, wait for the portal to sync (up to 24 hours) and check that the devices have disappeared from the “Onboarded devices” list. If you have many devices, you can deploy the script in bulk using Intune, SCCM, or Group Policy to offboard multiple endpoints at once. This process removes the devices from Purview DLP tracking while leaving Microsoft Defender fully active.
https://learn.microsoft.com/en-us/purview/device-onboarding-script#offboard-devices-using-a-local-script
