Forum Discussion

Luke_Pulis's avatar
Luke_Pulis
Copper Contributor
Mar 24, 2020

How to recover or re-add device

Hi,  To try and make a long story short, I have 2 devices, Device 1 one belonged to me and Device 2 belonged to someone previously. I had taken Device 2 because the specs we're better and am giving ...
Azure Active Directory (AAD)
microsoft 365
Moe_Kinani's avatar
Moe_Kinani
Bronze Contributor
Mar 25, 2020
Hi Luke,

I have been in the same boat sometime ago. Recycle bin is not yet supported and you can’t recover deleted devices, it’s a feature that MSFT working on.

All the devices stays on soft delete for 30 days, I know because when I delete a device from Azure AD, It stays in PowerBI report for 30 days.

Have you tried the ps below to add the device manually?

PS C:\>New-AzureADDevice -AccountEnabled $true -DisplayName "My new device" -DeviceId $guid -DeviceOSType "OS" -DeviceOSVersion "1.1"


https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/32127307-recycle-bin-for-deleted-devices

  • pnoorder60's avatar
    pnoorder60
    Copper Contributor
    Feb 11, 2024

    Moe_Kinani 

    I needed to use the "Remote" solution that you have mentioned here. I was remote from the concerned Laptop. 

    Your example helped me on the way, but had several questions on the Object details.
    New-AzureADDevice -AccountEnabled $true -DisplayName "My new device" -DeviceId $guid -DeviceOSType "OS" -DeviceOSVersion "1.1"

    For me, the hardest -Object (Like many others) was the mandatory -AlternativeSecurityIds $altsecids
    So I added:
    $key = [System.Text.Encoding]::Unicode.GetBytes("X509:<SHA1-TP-PUBKEY><Thumbprint>")
    $altsecids = [PSCustomObject]@{key=$key;type='2'}

    I also used OSType "Windows" and got a version number from another device. That did the trick and like magic the Laptop was able to login again via the original domein UserID. I'm not sure anymore where I have found all the pieces of this puzzle, but this worked form me.

     

  • Luke_Pulis's avatar
    Luke_Pulis
    Copper Contributor
    Mar 25, 2020

    Hi, Moe_Kinani 

    From looking at the command I assume this makes a spare device on AD to which I can then add the device to the already existing user?

    • Moe_Kinani's avatar
      Moe_Kinani
      Bronze Contributor
      Mar 25, 2020
      Correct.

      It’s the only workaround in your situation.

      • Dutch2005nl's avatar
        Dutch2005nl
        Copper Contributor
        Jun 01, 2021

        I was able to resolve this using the following steps:

        For Azure AD joined devices Windows 10 devices, take the following steps:

        Open the command prompt as an administrator
        Enter dsregcmd /forcerecovery (You need to be an administrator to perform this action).
        Click “Sign in” in the dialog that opens up and continue with the sign in process.
        Sign out and sign in back to the device to complete the recovery.

        https://docs.microsoft.com/en-us/azure/active-directory/devices/faq

        Just for good measure I gave user temporarly administrator priviledges & followed the steps initially to remove the device

        e.g.

        1) dsregcmd /debug /leave
        2) Reboot
        3) Add user to local-admins
        4) Log-off & on again
        5) dsregcmd /forcerecovery (I was unable to use the GUI, it did not “work” e.g. no sign-in screen showed.)

         

        I used this for:

         

        https://www.technipages.com/fix-office-365-error-70003-your-organization-has-deleted-this-device?unapproved=1033343&moderation-hash=4c1bd2119308ea6ec3a95df729a416f5#comment-1033343

         

        It might resolve your issue aswell

Resources