Wiping a device

Iron Contributor

Hello,

Is there any option in Intune, where conditions can be set to perform wiping of devices.

Example: if a machine is inactive for a period of 60 days and doesn't come online, then perform complete wipe of the device.

5 Replies
Check out Devices > Device Cleanup rules
"Set your Intune device cleanup rules to delete Intune MDM enrolled devices that appear inactive, stale, or unresponsive. Intune applies cleanup rules immediately and continuously so that your device records remain current."
Another possibility would be implementing app protection policies. When implementing app protection policies you could configure the conditional launch settings:

https://call4cloud.nl/2021/03/app-protection-and-a-disabled-account/
I have seen this setting is available just for Android/iOS app protection policy and not for Windows 10 devices.
This would just remove the device from the portal and will not perform the wiping of the device.

https://techcommunity.microsoft.com/t5/device-management-in-microsoft/using-intune-device-cleanup-ru....
Perhaps (little bit of rethinking) but you can make use of Windows information Protection... and combine it with a powershell script like Nicola build some time ago: https://tech.nicolonsky.ch/clean-up-azure-ad-devices/