Hi, @Moe_Kinani 

From looking at the command I assume this makes a spare device on AD to which I can then add the device to the already existing user?

I was able to resolve this using the following steps:

For Azure AD joined devices Windows 10 devices, take the following steps:

Open the command prompt as an administrator
Enter dsregcmd /forcerecovery (You need to be an administrator to perform this action).
Click “Sign in” in the dialog that opens up and continue with the sign in process.
Sign out and sign in back to the device to complete the recovery.

https://docs.microsoft.com/en-us/azure/active-directory/devices/faq

Just for good measure I gave user temporarly administrator priviledges & followed the steps initially to remove the device

e.g.

1) dsregcmd /debug /leave
2) Reboot
3) Add user to local-admins
4) Log-off & on again
5) dsregcmd /forcerecovery (I was unable to use the GUI, it did not “work” e.g. no sign-in screen showed.)

I used this for:

Fix Office 365 Error 70003: Your Organization Has Deleted This Device - Technipages

It might resolve your issue aswell

@Dutch2005nl

This saved me. I accidentally deleted a device from the admin portal and my employee could not recieve emails. The "dsregcmd /forcerecovery" wouldn't launch until the user was set up as an admin, and on a fresh restart. We are up and running now. Thank you!!!

@Dutch2005nlIt worked! Much thanks for being a life saver

@Moe_Kinani 

I needed to use the "Remote" solution that you have mentioned here. I was remote from the concerned Laptop. 

Your example helped me on the way, but had several questions on the Object details.
New-AzureADDevice -AccountEnabled $true -DisplayName "My new device" -DeviceId $guid -DeviceOSType "OS" -DeviceOSVersion "1.1"

For me, the hardest -Object (Like many others) was the mandatory -AlternativeSecurityIds $altsecids
So I added:
$key = [System.Text.Encoding]::Unicode.GetBytes("X509:<SHA1-TP-PUBKEY><Thumbprint>")
$altsecids = [PSCustomObject]@{key=$key;type='2'}

I also used OSType "Windows" and got a version number from another device. That did the trick and like magic the Laptop was able to login again via the original domein UserID. I'm not sure anymore where I have found all the pieces of this puzzle, but this worked form me.