Forum Discussion
Inability to delete Autopilot devices leads to endless supply of never cleaned up devices in AAD
JeremyTBradshaw 1500 views later and still nobody has come to the rescue.
I can compound this issue. In a hybrid domain joined environment, if a machine comes in and needs to be re-imaged or have its OS re-installed, when it rejoins the domain with the same hostname, local AD creates a new credential, Azure creates a new credential, and Endpoint/MEM still has the old entry because it never removes entries. This causes device-based licensing to break for Office 365, because while everything looks good on paper, the object must be removed from MEM manually first, which tech-level staff has no access to.
Its absolutely awful.
Sorry I'm not ignoring, I just have been on a hiatus from this topic so wanted a chance to test thing out freshly. Agree it's lackluster, but I don't know the reasoning behind it. I do know that straight up Azure AD Join can suffice in place of Hybrid AAD Join in many cases, and in that case this issue disappears. It could be worth giving it a try on some brave users and ironing out the kinks before committing to it entirely. This guy covers the AADJ vs HAADJ comparison quite well. It's also worth noting that the stale devices issue with HAADJ is temporary and will eventually be possible to cleanup when those devices are retired as Autopilot-registered. So it's not a permanent issue at least.