Forum Discussion
MUST be able to delete duplicate/orphaned devices from M365 Security Center
Good morning, I am about 2-3 weeks into evaluating Microsoft Defender for Endpoint, and so far have about 4 Windows 10 devices onboarded and managed through InTune policies. One of the test m...
- AFAIK, TVM data only includes data from computers that have been active in the last 30 days.
Microsoft doesn't provide the ability to remove devices because it's extremely dangerous. If an attacker would get permissions on your cloud instances, he could remove all his tracks. The devices are retained for forensic purposes.
Best options it to tag an offboarded machine and create an 'Inactive' machine group for it
Sitting with the same issue. I have computers showing Intune config issues on my dashboard, but they are all duplicate PC's. Filtering them out is not a acceptable solution. I do understand that they want to keep an audit trail if an attacker gets access to your system, but then make the system more secure and less frustrating.
