Sign in Subscribe

Microsoft Intune Device Cleanup Rules

Dumitru Razvan

2 min read
Microsoft Intune Device Cleanup Rules

Introduction

In large organizations stale devices can become a security threat because enrolled devices can still have access to company ressources, and can be easily misplaced. Our reccomendation is to set an automatic task to purge them after a certain period of time.

Configuration

Luckily enough, Intune offers a built-in solution that can auto-purge stale devices. By stale devices I mean those that did not make any contact/sync with intune in a number of days. Just head over to intune.com -> Devices -> scroll down till you find Device clean-up rules in there you'll have a simple option to enable or disable the feature, and configure the number of days after which an inactive device will be removed from Intune.
Screenshot_148.png

The number of days you can configure is from 30 - 270. I would probably ask HR for a reccomendation on this, maybe 90 days is too short for some long absence leaves (medical, maternity/paternity, etc), but then maybe 180 is too long of a timeframe allowing for more security threats, so maybe something in between like 120 days would work? It's up to you.

So it's straight forward, Intune will keep track of each device and the number of days since they're inactive, and when they reach that threshold, they'll be removed from Intune automatically.

Note! Devices can rejoin by simply syncing with intune again within 180 days. This is because the device certificate, which is used to establish trust between the device and Intune, is valid for 180 days total. If the certificate expires, you'll need to re-enroll the device. Also, this process does not remove devices from Azure, so you'll need to figure out another process over there for the cleanup of stale devices

Conclusion

It's fairly simple to setup an automatic rule in Intune to auto-remove enrolled devices after a number of days, if they become inactive, and it's a good security measure to impose in your organization. Follow for more tips and tricks, and subscribe using the button bellow in order to be informed when a new article is published. Thank you, see you next time!

Sign up for exclusive free content

Enter your email
Subscribe