Forum Discussion
Solved
Question: Script to remove a specific device from MEM (Intune) and Azure AD
I am looking for a script to fully remove an (Autopilot) device from a Microsoft tenant. The goal is to remove a specific device that I have physical access to from both Microsoft Endpoint Manager (I...
There's a module for autopilot things here (https://www.powershellgallery.com/packages/WindowsAutoPilotIntune/5.0),
After installing (Install-Module -Name WindowsAutoPilotIntune.), you could use this to remove the device from the Autopilot devices :
Connect-MSGraph Get-AutoPilotDevice | Where-Object SerialNumber -eq (Get-WmiObject -class Win32_Bios).SerialNumber | Remove-AutopilotDeviceThis deletes the device based on the serialnumber of the machine that you're logged into, this could take a few minutes to process in the background.
For the removal of the Azure AD device, you can use this:
Connect-Azuread Get-AzureADDevice | Where-Object DisplayName -Match $env:COMPUTERNAME | Remove-AzureADDevice
Did this work out for you ?
- Thank you Harm! Quick question, I believe in the script you posted for the removal of the Azure AD device we would need the COMPUTERNUME variable, right? What if we don't have that?
I've received multiple possible solutions through other channels as well and will test these May 12th. I will report back afterwards. 🙂- Did it work out for you?
- Hi Harm, thank you very much. This worked beautifully! I like this particular script because the number of lines of code is limited and it only took +/- 5 minutes of waiting time for the removal of the device to take effect in the tenant.
I have two additional questions though:
1. After running the "[...] Remove-AutopilotDevice"-command, it prompts me to log in with a user account. While the company branding is showing, it does not specify the exact tenant (e.g. contoso.onmicrosoft.com). Would there be a command to show the current tenant of the device?
2. The "[...]Remove-AzureADDevice"-command relies on the COMPUTERNAME and the Azure AD Object name to be identical. Could there be a possibility that these are not identical and if so, how could we go about this?
Again, many thanks for your input!
- When running it on the computer that you want to remove, the $ENV:COMPUTERNAME will give you the computername of the computer. The computername should be the samen as the AzureAD object AFAIK. Let us know if it worked, I tested it myself in my CDX tenant and it works
