Tech Community Live: Microsoft Intune
Mar 20 2024, 07:30 AM - 11:30 AM (PDT)
Microsoft Tech Community

Microsoft Intune User Wipe Issue - Forbidden Error

Copper Contributor

When trying to do a user wipe in Intune, I`m receiving the following error code.  A full Intune admin can do the wipe just fine but the custom created role cannot. I`m not sure what I`m missing here? 

 

<ErrorCode>Forbidden</ErrorCode>

<InnerError i:nil="true"/>

<InstanceAnnotations/>

<Message>{ "_version": 3, "Message": "An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: bb0e7e46-e73b-4ee1-8920-fff2d98eb6df - 

 

 

Permissions

 
Audit data
Read
Certificate Connector
Read
Corporate device identifiers
Read
Derived Credentials
Read
Device compliance policies
Read
View reports
Device configurations
View Reports
Read
Endpoint Analytics
Read
Enrollment programs
Read token
Read profile
Delete token
Delete device
Create device
Sync device
Create token
Assign profile
Delete profile
Update token
Update profile
Create profile
Read device
Filters
Read
Intune data warehouse
Read
Managed Google Play
Read
Managed apps
Read
Delete
Wipe
Update
Managed devices
Read
View reports
Microsoft Store For Business
Read
Mobile apps
View reports
Read
Organization
Read
Organizational Messages
Read
Remote tasks
Bypass activation lock
Disable lost mode
Shut down
Reboot now
Sync devices.
Send custom notifications
Remote lock
Locate device
Update cellular data plan
Reset passcode
Enable lost mode
Retire
Wipe
Roles
Read
Security tasks
Read
Telecom expenses
Read
Terms and conditions
Read
2 Replies

Hi @Fox_in_a_box,

the error you're encountering might be related to a permissions issue, where the custom role you've created may lack the necessary permissions for a user wipe in Intune.

In Intune, roles vary in their permissions, and a "Forbidden" error typically indicates insufficient privileges for the intended operation.

You can try these steps to troubleshoot / resolve your issue:

- Role Permissions: Ensure the custom role has the required permissions for a user wipe. Adjust the role settings if necessary.
- Intune Portal: Close and reopen the Intune portal or try using a different global user account to see if the issue persists.
- Device Status: If the device was un-enrolled via the Settings app, manually delete the device in Intune, as Intune may not automatically remove it.

Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic
(LinkedIn)

@LeonPavesic  - I`m assigning the permissions that microsoft required for a user wipe.  I`m not sure if something was updated on their side and the documentation needs to be updated.  I assumed it was a permissions issue, I`m not sure what other permissions are required from what I've listed.