Offboarding Windows Servers from Defender for Endpoint service

New Contributor

Hi, I am building server decommissioning tool (PowerShell Studio) - will decommissioned server onboarded to Defender for Endpoint service be eventually removed from it without any action from my end or I have to code offboarding part to avoid any permanent leftovers on cloud's end? Most of our servers are running Windows Server 2012 R2/2016 and onboarded to Defender for Endpoint service using SCOM agent but we also have a few Windows Server 2019 machines onboarded using local script.

1 Reply

@BojanZ You can get the off boarding script from https://security.microsoft.com/preferences2/offboarding

 

2021-06-14 10_31_48-Window.png

 

If you dont offboard, I believe once the retention period is over (which is set on defender settings) the inactive device will be deleted