Forum Discussion
Mysterious DEP Device Wipe
"Failed authentication attempts against the AAD account would not cause the device to wipe." - Even on the Intune Company Portal app? Do you have a reference to that info?
I have loads of Sign-in failures against the Intune Company Portal app around the same time as the password change, then the device re-enrolling.
Regards
StuartK73 Yes, the Microsoft Intune and Intune Company Portal apps do not define this, it is a configuration that can be deployed to managed devices that leverages the existing built-in OS feature. Once the config is deployed, it is the device itself that evaluates the failed device password (passcode) attempts, not the MDM agent. Failed sign-in attempts to the Company Portal would only affect the user account (eg. lock the account, block additional sign-ins from this device, whatever your organization has defined...). Do you have any compliance actions set that would be contributing to this behaviour?
- StuartK73May 20, 2020Iron Contributor
Hey buddy
On further investigation of the iOS Device Compliance and Configuration policies, I have noticed the following setting:
Password expiration (days): = 90
As roll-out was approx mid-February, 90 days would take it to mid-May, when the reset occurred.
Could this be the culprit?
- eglocklingMay 25, 2020Steel Contributor
StuartK73 This would definitely make sense. The end-user probably updated the passcode when prompted, then attempted to use the old one incorrectly too many times.
- StuartK73May 19, 2020Iron Contributor
Hi There
Many thanks for your reply.
I can't see anything in Device Compliance that would cause this.
There is Device Config setting, wipe after 6 incorrect PIN attempts.
Apart from that, I can see no obvious reason why this DEP device, the 3rd separate one has suddenly wiped.
Regards