Forum Discussion

StuartK73's avatar
StuartK73
Iron Contributor
May 15, 2020

Mysterious DEP Device Wipe

Hi All   I am investigating the unexplained wipe of a DEP enrolled device. This is the 3rd case of this.   From the logs, I can see nothing obvious except for an AD password change synced via AAD...
Intune
Mobile Device Management (MDM)
eglockling's avatar
eglockling
Steel Contributor

StuartK73  Yes, the Microsoft Intune and Intune Company Portal apps do not define this, it is a configuration that can be deployed to managed devices that leverages the existing built-in OS feature. Once the config is deployed, it is the device itself that evaluates the failed device password (passcode) attempts, not the MDM agent. Failed sign-in attempts to the Company Portal would only affect the user account (eg. lock the account, block additional sign-ins from this device, whatever your organization has defined...). Do you have any compliance actions set that would be contributing to this behaviour?

StuartK73's avatar
StuartK73
Iron Contributor
May 19, 2020

eglockling 

 

Hi There

 

Many thanks for your reply.

 

I can't see anything in Device Compliance that would cause this.

 

There is  Device Config setting, wipe after 6 incorrect PIN attempts.

 

Apart from that, I can see no obvious reason why this DEP device, the 3rd separate one has suddenly wiped.

 

Regards

Share