In one of the recent blog posts, I shared step by step guide to Setup Automatic Intune Device Cleanup Rules. In this video post, you will be able to delete Azure AD stale device records (Old device records).
Introduction – Delete Azure AD Stale Devices
Microsoft announced the options to Delete Azure AD Stale Devices in session from Microsoft Ignite 2018. Microsoft helps IT Pro to keep device lifecycle issues by deleting the stale device records from Azure AD.
List of Azure AD Stale Device
Navigate to Azure AD -> Devices blade, you might be able to see a column called “Activity.” The “Activity” column entries will provide you the details of approximate last logon timestamp for a device.
Azure AD device attribute called ApproximateLastLogonTimestamp helps to delete Azure AD stale devices. I would recommend going through Microsoft documentation to have more details.
- Connect-MsolService
- Get-MsolDevice -all | select-object -Property Enabled, DeviceId, DisplayName, DeviceTrustType, ApproximateLastLogonTimestamp | export-csv C:\AzureAD_Stale_devicelist-summary.csv
Disable Azure AD Stale Device Records
Feel free to use your scripting skills to disable stale devices using the following command 🙂 I mean, if you want to disable all Azure AD obsolete devices, you can use scripting skills.
- Disable-MsolDevice -DeviceId “b6ccb307-ba46-4f05-a22f-15938634ae45” -Force
Remove Azure AD Stale Device Records
Once the devices are disabled, you can remove Azure AD stale devices using the following command.
- Remove-MsolDevice -DeviceId “b6ccb307-ba46-4f05-a22f-15938634ae45” -Force
Resources
- Learn How to Setup Azure AD Device Cleanup Rules
- How to Setup Automatic Intune Device Cleanup Rules
- Delete Azure AD Devices – AAD Device Management