Forum Discussion
Solved
MUST be able to delete duplicate/orphaned devices from M365 Security Center
Good morning, I am about 2-3 weeks into evaluating Microsoft Defender for Endpoint, and so far have about 4 Windows 10 devices onboarded and managed through InTune policies. One of the test m...
- AFAIK, TVM data only includes data from computers that have been active in the last 30 days.
Microsoft doesn't provide the ability to remove devices because it's extremely dangerous. If an attacker would get permissions on your cloud instances, he could remove all his tracks. The devices are retained for forensic purposes.
Best options it to tag an offboarded machine and create an 'Inactive' machine group for it
Abdul Farooque There is now an exclude device option that you can use on duplicate devices. Not perfect, but it is something (And duplicate device is a reason code, so MS does know this can be an issue)
I found the option to exclude devices option, but can this be done by script? Is there an API for that?