Forum Discussion
StuartK73
May 15, 2020Iron Contributor
Mysterious DEP Device Wipe
Hi All I am investigating the unexplained wipe of a DEP enrolled device. This is the 3rd case of this. From the logs, I can see nothing obvious except for an AD password change synced via AAD...
eglockling
May 18, 2020Steel Contributor
StuartK73 Yes, the Microsoft Intune and Intune Company Portal apps do not define this, it is a configuration that can be deployed to managed devices that leverages the existing built-in OS feature. Once the config is deployed, it is the device itself that evaluates the failed device password (passcode) attempts, not the MDM agent. Failed sign-in attempts to the Company Portal would only affect the user account (eg. lock the account, block additional sign-ins from this device, whatever your organization has defined...). Do you have any compliance actions set that would be contributing to this behaviour?
StuartK73
May 19, 2020Iron Contributor
Hi There
Many thanks for your reply.
I can't see anything in Device Compliance that would cause this.
There is Device Config setting, wipe after 6 incorrect PIN attempts.
Apart from that, I can see no obvious reason why this DEP device, the 3rd separate one has suddenly wiped.
Regards