Microsoft Intune for SCCM Admins Part 2 Intune Infra Setup

This is second (2nd) part of Microsoft Intune for SCCM admin. In this part you are going to see how to perform Intune infra setup. The best way to start learning Intune is to get a trail version and follow the Microsoft LAB which I explained in the video.

Part 1 – Video Microsoft Intune for SCCM Adminshttps://youtu.be/23j0Pgdp_zA

NOTE! – Learn about the Microsoft Intune for SCCM Admins training posts. 1. Microsoft Intune for SCCM Admins Part 1 2. Microsoft Intune for SCCM Admins Part 2

Introduction

I have a post in which I’m talking about the SCCM co-management lab. You can click on that lab and search with Intune you will get an option to set up AM in tune lab. In that lab there are instructions which you need to follow to learn Intune infra setup.

The prerequisite for the lab is get a trial version of Microsoft 365. I have explained how to get a Microsoft 365 subscription for free for 30 days. So, this lab would be a good starting point for you.

Intune Infra Setup with LAB

You can get the trial subscription and you can follow through the instructions in the lab. Download Microsoft EM+S (Microsoft 365) step by step setup guide from here. This will cover the trial version options. 

I’m sure that LAB instructions will help you to learn Intune setup and create complaints policies and all the other policies. We are going to talk about these policies in upcoming Intune for SCCM Admin videos and posts.

Intune Infra Setup Guide for SCCM admins

In this video, we are going to see:

  • How to setup Intune infrastructure?
  • How to setup device enrollment how to integrate in tune with Azure Active Directory?
  • How to setup enrollment restrictions policies?

SCCM is tightly integrated with Active Directory but in Intune world it’s all about Azure Active Directory integration.

Intune is not integrated from Active Directory. But, you can sync your on Prem Active Directory with us or Active Directory using AAD connect.

Intune Infra Setup - Intune for SCCM Admins
Intune Infra Setup – Intune for SCCM Admins

Intune Integration with Azure AD & Active Directory

So, once you have linked Intune with your Active Directory then you can setup the management authority for that tenant. Intune will be your management authority for your tenant as you can see in the video.

You can add Vmware Airwatch, MobileIron, and mass365 to your Azure Active Directory. Checkout the video for more details. More details about this integration and Intune infra setup in this post & video.

Intune Enrollment options for SCCM Admins

Let’s check the enrollment options available in Intune. Unlike SCM, there is no need of Active Directory discovery or Active Directory user discovery or system discovery or group discovery.

There is no need of that because Intune tightly integrated with Azure Active Directory.

Intune Enrollment Restriction Rules for SCCM Admins

Enrollment restriction are another configuration which is available in Intune. I don’t see this kind of similar configuration available in SCCM.

So you can restrict a particular device based on the OS and based on the enrollment method which each which you use within your organization. Intune infra setup is explained in the above video.

For example, if you want to restrict BYOD devices from enrolling into Intune, then you can do that for Windows, iOS, and Android. The only company owned devices can be enrolled into Intune.

I have couple of other post related to this topic. You can go through those posts to get the details. Also, you can watch the video to understand it better.

3 Parts of Intune Enrolment Configurations

Intune enrollment options are basically divided into 3 parts. First one is windows enrollment and second is iOS or Apple enrollment, and the third one is Android enrollment. So, these are the 3 parts of enrollment options available in Intune.

Configure Intune Enrollment

You can configure windows enrollment by clicking on the windows enrollment tab can you can set up the policies which you want. You can create enrollment status page. Also, you can create autopilot profiles etc…  

Other interesting options which Intune has is terms and conditions you can create different terms and conditions for your users and diploid to the Azure AD groups.

Others – Intune Infra Setup Options

There are other options like device categories like SCCM device categories. And you have an option to upload the corporate owned devices details into Intune using corporate device identifiers option. Device enrollment manager is another useful option in Intune.

Extra Tips – Intune Infra Setup

Expanding on the Intune enrollment restrictions options here. There are 2 kind of restrictions policies, device type restrictions and device limit restrictions. Intune device type list policy has the priority option.

So, you can set up the BYOD restrictions in Intune. You can block the version of OS. You can block the out of support version of the OS and kind of stuff like this Intune infra setup.

Resources

What to Learn Intune? Great Resource Around you! (1)LinkedIn Learning Courses for Microsoft Intune , (2)Learning How to Learn SCCM Intune Azure(3)Learn Intune Beginners Guide MDM MAM MIM(4)Microsoft Intune for SCCM Admins Part 1

Microsoft Intune Training for SCCM Admins – Introduction

Hello in this video we are going to see Microsoft Intune Training for SCCM admins introduction. Let’s check out what does Microsoft Intune. I have a blog post about the same topic where I have explained the difference between Intune and SCCM.

Great Learning

SCCM is great and it’s not going to die as per Microsoft. But, don’t go away from Intune learning. I would strongly recommend going through Intune learning process.

What to Learn Intune? Great Resource Around you! (1) LinkedIn Learning Courses for Microsoft Intune , (2) Learning How to Learn SCCM Intune Azure (3) Learn Intune Beginners Guide MDM MAM MIM, (4) Microsoft Intune for SCCM Admins Part 1

Microsoft Intune Training for SCCM Admins - Introduction
Microsoft Intune Training for SCCM Admins – Introduction

Wrong Assumption

If you’re thinking Intune is a cloud solution and you don’t have anything to configure you don’t have anything to learn then that that is the biggest mistake.

Intune is a beast and it has Lord of configurations load of integrations and it’s pretty similar to the complexities of SCCM. More details about Microsoft Intune Training for SCCM admins introduction.

Let’s Set the Stage

So, if you feel SCCM is complex product, then Intune is complex as well.  You cannot learn Intune within few days because it is a SaaS solution. The only easy part for Intune or from Intune administration perspective is that server infrastructure managed by Microsoft.

Microsoft Intune Training for SCCM Admins

You don’t have to set up Intune servers in your data center or in cloud. You don’t have to download Intune software from Microsoft and install it on your servers. And you don’t have to design Intune infrastructure it’s all managed by Microsoft for you.

So, you don’t have to upgrade Intune servers. Microsoft will get those updated for you unlike SCCM. Microsoft updates Intune services every week or once in a month. Microsoft Intune Training for SCCM Admins can take months.

Microsoft Intune Training for SCCM Admins - Device Management Portal
Microsoft Intune Training for SCCM Admins – Device Management Portal

You will get new features in Intune every month or every week. so infrastructure management is eliminated for Intune customers. It’s Microsoft’s responsibility.

Again

Disclaimer! Again, Intune is not easy to learn even if you don’t have to manage infrastructure.  Infrastructure is one component of that solution the other beast is the configuration and how it works and how it integrates with other 3rd party solutions like Android Apple etc..

Begin

Intune learning can take months and maybe years because it is evolving every month. And new things are getting added to Intune every week. So don’t take Intune learning as easy. If you are thinking, I will learn Intune within few weeks. I’m sure you’re going to fail in that Intune learning project.

So, let’s learn Intune together if you are an SCCM Admin. If you are not an SCCM admin, then this post might not make any sense to you. I’m planning to create a series of videos in this topic. And this topic is called Microsoft Intune Training for SCCM Admins.

Microsoft Intune Training for SCCM Admins - Introduction 3

Resources

Intune Application Model Deployment Guide | MEM

Let’s go through Intune Application Model Deployment Guide. In this video guide, you will see how to use Intune application model to deploy applications. Following is the step-by-step guide to creating Intune Application model.

NOTE! – Intune application model is adding new features with every new version of Intune. Check out the references section this post to get the latest updated documentation from Microsoft.

Introduction

Intune Simple MSI Deployment Options is called Line-Of-Business app (“strangely though”). With this Intune Line of business application, option, you can only deploy simple MSI apps.

LOB MSI App deployment - Intune Application Model Deployment Guide
LOB MSI App deployment – Intune Application Model Deployment Guide

In this post, I’m not going to cover the “Simple MSI app” deployment using Intune Line of Business App. I have already covered that long back “https://www.anoopcnair.com/intune-azure-end-end-msi-lob-app-deployment-video-guide/”

In this post, I’m going to cover Windows App(Win32) (the real Intune App Model). Windows App (Win32) is a beast which is similar to SCCM Application model.

MSI LOB Application Vs Intune Application Model

Intune LOB applications are technically deployed through Windows 10 built-in MDM agent.

Intune Application model uses a special package called IntuneWin. Most importantly, the IntuneWin package is NOT handled by Windows 10 built-in MDM agent.

IntuneWin app installation is handled by a new agent called Intune Management Extension. This client agent is created by Intune team only for IntuneWin application deployments. Also, this Intune extension agent is not part of the core Windows 10 OS.

MSI Vs IntuneWin - Intune Application Model Deployment Guide
MSI Vs IntuneWin – Intune Application Model Deployment Guide

Create IntuneWin Packages

You need to use a special package called “IntuneWin” to create the Intune Application Model. Vimal explained how to create IntuneWin packages using the Command Line tool by Microsoft here.

You can use a GUI tool called “Smart Package Studio” to create IntuneWin packages. IntuneWin packages can be used while creating the Intune App model as you can see in the below sections.

You can check out my previous post to get more details about converting MSI packages into IntuneWin. You can check out the following post to learn more – Convert MSI to IntuneWin Packages Smart Package Studio IntuneWin Tool

Learn How to Convert MSI Packages to IntuneWin Package - Home
IntuneWin – Intune Application Model Deployment Guide

Specify the Software Setup File

  • Navigate to Client apps > Apps > Add from Intune blade.
  • Select Windows app (Win32)Intune application model – from the provided drop-down list from Apps blade

Upload the App Package File (IntuneWin)

Configure App Information

  • Select App information to configure the app. Make sure you provide the following information wherever required. Some of the information will get populated automatically depending on the package.
    • Name:
    • Description:
    • Publisher:
    • Category:
    • Display this as a featured app in the Company Portal
    • Information URL:
    • Privacy URL:
    • Developer:
    • Owner:
    • Notes:
    • Logo:
  • Select OK.
Intune Application Model Deployment Guide | MEM 5
App Information – Intune Application Model Deployment Guide

Configure App Installation Details

  • Select Program to configure the app installation and uninstall command lines for the Intune application. You can get the information from Smart Package IntuneWin Package.
  • Add the complete uninstall command line to uninstall the app based on the app’s GUID. You can get MSI product code from the above Intune packaging tool.
  • Select OK.
Intune Application Model Deployment Guide
Intune Application Model Deployment Guide

Configure App Requirements

In the Add app pane, select Requirements to configure the requirements that devices must meet before the app is installed.

  • In the Add a Requirement rule pane, configure the following information.
    • Minimum operating system:
    • Disk space required (MB):
    • Physical memory required (MB):
    • Minimum number of logical processors required:
    • Minimum CPU speed required (MHz):
  • Click Add to display the Add a Requirement rule blade
  • Select the Requirement type to choose the type of rule that you will use to determine how a requirement is validated.
  • File: When you choose File as the Requirement type, the requirement rule must detect a file or folder, date, version, or size.
    • Path
    • Property
    • Associated with a 32-bit app on 64-bit clients
  • Registry: When you choose Registry as the Requirement type, the requirement rule must detect a registry setting based on value, string, integer, or version.
    • Key path
    • Value name
    • Registry key requirement
    • Associated with a 32-bit app on 64-bit clients
  • Script: Choose Script as the Requirement type, when you cannot create a requirement rule based on file, registry, or any other method available to you in the Intune console.
    • Script file
    • Run script as 32-bit process on 64-bit clients
    • Run this script using the logged on credentials
    • Enforce script signature check
    • Select output data type
  • Select OK.
Configure App Requirements - Intune App Model Deployment
Configure App Requirements – Intune App Model Deployment

Configure App Detection Rules

  • Select Detection rules to configure the rules to detect the presence of the app.
  • In Rules format field, select how the presence of the app will be detected.
  • Manually configure detection rules – You can select one of the following rule types: ( You can get the information from Smart Package IntuneWin Package )
  • MSI
    • MSI product code
    • MSI product version check
  • File
    • Path
    • Detection method
    • Associated with a 32-bit app on 64-bit clients
    • Select No (default) to expand any path variables in the 64-bit context on 64-bit clients.
    • Examples of file-based detection
  • Registry – Verify based on value, string, integer, or version.
    • Key path
    • Value name
    • Detection method
    • Associated with a 32-bit app on 64-bit clients
  • Use a custom detection script
    • Script file
    • Run script as 32-bit process on 64-bit clients
    • Enforce script signature check
  • Select Add > OK
Configure App Detection Rules - Intune Application Model Deployment
Configure App Detection Rules – Intune Application Model Deployment

Configure App Return Codes for Intune Application Model

  • Select Return codes to add the return codes used to specify either app installation retry behavior or post-installation behavior.
  • In the Return codes pane, add additional return codes, or modify existing return codes.
    • Failed
    • Hard reboot
    • Soft reboot
    • Retry
    • Success
  • Select OK.

Upload App – Intune Application Model

In the Add app pane, verify that you configured the app information correctly and Select Add to upload the app to Intune.

Dependencies

Application dependencies are applications that must be installed before the actual application (which you are going to deploy) can be installed. Intune application model provides options to include dependencies.

Dependencies - Intune Application Model
Dependencies – Intune Application Model

NOTE! – The maximum number of dependencies you can have in Intune application model is 100 dependencies.

More details about the dependencies can be learned from Micrsoft documentation here.

Deployment of Application in Intune

  • Select Assignments.
  • Select Add Group to open the Add group pane that is related to the app.
  • For the specific app, select an assignment type:
    • Available for enrolled devices
    • Required
    • Uninstall
  • Select Included Groups and assign the groups that will use this app.
  • In the Assign pane, select OK to complete the included groups selection.
  • Select Exclude Groups if you want to exclude some devices/users.
  • Select OK.
  • Select Save.

Resources

Intune Tenant Status Page – How to Get the Release Version of Intune Tenant?

In this post, you will learn how to get the details of your Intune version of your tenant. Many times I was wondering why I didn’t had the newer features in my Intune console? Microsoft mentioned in the blog post that these features are released. But those new Intune features are not available in my Intune? What is Intune Tenant Status blade?

Update – Service Health section doesn’t have anything to do with the cases raised by a customer, it’s any service incidents/outages active on that tenant.

[Related TopicList of Intune Versions since 2009] Coming Soon

You can get better answers to all the above questions related to Intune new features and versions in the new Intune Status page.

Intune Version Details – Where in Intune console?

  • Login to Azure Portal – https://portal.azure.com/
  • Navigate to Intune blade
  • Click on Intune > Tenant Status
  • Intune Tenant Status blade – Tenant Details section will give you the following details
    • Tenant Name – [email protected]
    • Tenant Location – Asia Pacific 0201
    • MDM Authority – Microsoft Intune
    • Account Status -Active
    • Service Release – 1812
    • Total Enrolled Devices – 1000?
    • Total Licensed Users – 4000?
    • Total Intune Licenses – 6000?
  • Intune Tenant Status blade -> Connector Status section will give you the following details
    • Header Details – Connector Status – 0 unhealthy
    • Status – Connector Name – Time Stamp
      • Not Enabled – APNS Expiry Date – 08‎-‎02‎-‎2019‎ ‎11‎:‎20‎:‎06
      • Healthy – DEP Last Sync Date – 08‎-‎02‎-‎2019‎ ‎11‎:‎20‎:‎06
      • Warning – VPP Last Sync Date – 07-‎02‎-‎2019‎ ‎1‎:‎23‎:‎12
      • Not Enabled – Managed Google Play App Sync – N/A
      • Healthy – Microsoft Auto Pilot Last Sync Date – 08‎-‎02‎-‎2019‎ ‎11‎:‎20‎:‎06
  • Intune Tenant Status blade -> Intune Service Health section will give you the following details
    • Intune Service Health – 0 total
      • Status – ID – Title – User Impact – Start Time – Updated
      • No active Intune incidents or advisories
    • Intune Service Health – 0 total
      • You don’t have permissions to see this. Click to add your account to the appropriate role in portal.office.com to gain access
      • Status – ID – Title – User Impact – Start Time – Updated
      • See past Incidents/Advisories
  • Intune Tenant Status blade -> Intune News section will give you the following details
    • Intune News – 0 active
      • You don’t have permissions to see this. Click to add your account to the appropriate role in portal.office.com to gain access
      • Act By – Category – Message Title – Published – Message ID
Intune Tenant Status Page
Intune Tenant Status Page

Access Issues – Intune Tenant Status

Intune Blade Access

Do you have access issues with Intune tenant status? You need to have related access to Intune blade. More details about Intune RBAC blog post.

Intune Service Health Access

You need to have following access to review or check whether you have appropriate access. You should have Service Administrator or global administrator access to check Intune Service Health section. (Intune Tenant Status)

  • To assign these permissions, sign in to the Microsoft 365 admin center with Global Administrator permissions.
  • Select Users > Active Users, and then select the account that requires access.
  • Select Edit for Roles, select Service Administrator or Global Administrator
  • Save your edit to assign the permissions.

Intune News Access

View Intune news communications from the Intune service team, you need to have additional permissions. Otherwise, you will get access denied errors as you can see below.

You don’t have permissions to see this. Click to add your account to the appropriate role in portal.office.com to gain access.

To view information for Intune News details, your user account must have the Global Administrator or Service Administrator role in AAD. Otherwise, you need be assigned the Message Center reader role in the Office Admin portal.

  • Sign in to the Microsoft 365 admin center with administrator permissions.
  • Select Users > Active Users, and then select the account that requires access.
  • Select Edit for Roles, select Teams Communications Administrator,
  • Save your edit to assign the permissions.

Resources

List of Online SCCM Intune Communities – 2019

Happy new year 2019 and wishing you all blessed year 2019! I would like to through back the list of Online SCCM Intune communities. Hopefully, these communities will help you to keep you updated with SCCM and Intune.

#Throwback A complete List of Online SCCM Intune Communities which you should be part of – in 2019 #MSIntune #Intune #SCCM #ConfigMgr #ITPros #MVPBuzz

I thought of giving the details of all the online IT Pro communities related to SCCM, Intune, Azure, and Windows. I’m going to provide all the online IT Pro communities. The following is the list of Online SCCM Intune IT Pro Communities for 2019.

Online SCCM Intune Communities - SCCM Intune Online IT Pro 2019 Communities
Online SCCM Intune Communities
Facebook
Linkedin
Twitter
Reddit
Technet Forum

Online SCCM Intune Communities

Online SCCM Intune Communities -Online SCCM Intune Community
SCCM Intune Online Community 2019

SCCM Intune Online IT Pro Communities of 2019 – SCCM Community Groups – Facebook Community Groups – Linkedin Community Groups. Online Community Online IT Community More Details below. I would recommend joining the following online communities. Online SCCM Intune Communities?

Resources

Why Should You Download & Install Windows 10 SDK & Tools

Intune Certificate Deployment Step by Step Guide

The first before deploying SCEP certificate is to check the prerequisites of Intune certificate deployment. I’m going share the details of Microsoft PKI related certificate deployments in this video post. If you have a non-Microsoft PKI environment, you need to check the supportability of Intune.

SCEP does not support all third-party Certificate Authority (CA), providers.  In the recently Ignite Microsoft announced new 3rd party certificate authority partners. Recently, Intune included support for Device based SCEP deployment. Intune already supported User-based SCEP certificate.

Newly Announced Certificate Authority Partners

Intune Certificate Deployment

  1. Entrusted Datacard
  2. GlobalSign
  3. EJBCA
  4. COMODO
  5. Digicert
  6. IDNOMIC

The above is the list of  3rd party CA partners supported by SCEP. Hence you can deploy SCEP Certificate from these CAs via Intune. If you have a customer looking for any of the other third part CA to support SCEP, you can contact Microsoft and they will able to help you with the onboarding process.

Prerequisite for SCEP Certificate Deployment via Intune

Following are the Prerequisites for Intune Certificate Deployment. SCEP Certificate deployment to users and devices.

  1. PKI or CA infrastructure
  2. NDES Server
  3. Azure AD App Proxy Connector
  4. Microsoft Intune Certificate Connector:

I would recommend reading Microsoft documentation to get more details about SCEP or Intune certificate deployment prerequisites.

How to Create a SCEP certificate Certificate

Before deploying SCEP Certificate, you need to deploy PKI or CA chain of certificates to your devices or users.

  1. Root CA Cert
  2. Intermediate or Issuing CA cert 1
  3. Intermediate or Issuing CA cert 2
  4. Intermediate or Issuing CA cert 3 etc..
  5. SCEP Certificate issuing from CA

You need to make sure all the intermediate or Issuing CA certs have already reached the device. Once all the required certs are already there in the machine, you can deploy SCEP Certificate to the user or device. The device certificate can be secured using TMP chip.

As I mentioned in the above video, you can log in to the Azure portal with correct Intune RBAC access and create a SCEP certificate deployment profile.

  1. Azure portal
  2. Intune Blade
  3. Device Configurations – Profiles
  4. Create Profile
  5. Platform – Windows 10 or later
  6. Profile Type – SCEP Certificate
  7. SCEP Certificate Type – User or Device
  8. More details available https://www.anoopcnair.com/learn-intune-create-deploy-scep-profile-windows10-devices/

Intune Certificate Deployment SCEP Certificates

Troubleshoot on Intune Certificate Deployment Issue?

I have already shared a post about the Intune application, certificate or profile deployment troubleshooting options. I would recommend readin that post for more troubleshooting details from Intune side.

Other part of troubleshooting is done from CA, NDES, NDES Intune connector, Azure App Proxy connector etc…

https://howtomanagedevices.com/intune-troubleshooting/

Troubleshoot Intune Deployments – Applications Policies Profiles Intune Issues

Troubleshooting Intune deployments are challenging for new admins in device management world. The above video will help you to troubleshoot Intune deployment issues.

Phases of Intune Troubleshooting

There are FOUR (4) phases in Intune Deployment Troubleshooting. All these four steps are explained in this videos. You can find more details below.

  • Server/Cloud Console Side – Intune Health check
  • Server/Cloud Console Side – Intune Troubleshooting Blade
  • Server/Cloud Console Side – Deep dive into Intune App Deployment Troubleshooting
  • Client Side (Device Side) – Troubleshooting Logs/Events etc

It was far more difficult to troubleshoot on Intune issues at the time of Silverlight console. But after migrating to Azure portal Intune troubleshooting became more easy.

How to Start Intune Troubleshooting

  • Login to Azure portal – http://portal.azure.com
  • Navigate to Intune Blade
  • Click on Troubleshoot node
  • Click on Select User button
  • Search and select the user id which you want to troubleshoot
  • Click Select to start Intune troubleshooting
  • Troubleshooting blade will give you all the details of selected user
  • Drill down each part of troubleshooting guide get into the root of the Intune issue

Troubleshoot Intune Issues

Most of us know how to start troubleshooting with Intune Silverlight console. Intune troubleshooting made easy after the migration to Azure portal. More details https://www.anoopcnair.com/start-troubleshooting-intune-policy-deployment-issues/ Troubleshooting on Windows 10 MDM issues are pretty new for most of us. The importance of MDM policies are getting increased day by day. In this blog post you will see tips to start MDM way of Windows 10 troubleshooting.

How to Troubleshoot Windows 10 Event Logs

Windows 10 MDM Issues Troubleshooting using registry WMI and Event Logs. More detailed discussions are available in the following blog post – https://www.anoopcnair.com/windows-10-mdm-troubleshooting-guide/

Intune Error Codes Table

Intune error codes can find the details of Intune Apps, Intune Policies, and Intune compliance policies.  you’ll be able to review applications installation status and enrollment status for devices. Here’s a list of user details you can view for each user in the Troubleshooting portal:

  • User status
  • Group assignment
  • Application and policy Assignments
  • App protection Status
  • Compliance issues
  • Device status
  • Device details such as OS type and version

Resource

How to Delete Azure AD Device https://howtomanagedevices.com/delete-azure-ad-devices/

Delete Azure AD Devices – AAD Device Management

Azure Active Directory is an identity solution from Microsoft. But Azure AD helps to perform device management actions also. Most organizations use Intune to manage AAD devices. In this video, you will learn how to delete Azure AD Devices.

The Devices registed to Azure AD are visible in Azure portal. You can login to Azure portal with Azure AD admin privileges to delete devices from there. You can also delete Azure AD devices if you have Intune Administrator access.

How to Get Devices into Azure AD Management?

You have two options to get a device under the Azure AD Management.

  • 1.Registering – iOS, Android, and Windows
  • 2.Joining – Windows

In bith the above scenarios Azure AD devices can be managed by MDM Solution like Intune. Registering a device to Azure AD enables you to manage a device’s identity. When a device is registered, Azure AD device registration provides the device with an identity that is used to authenticate the device when a user signs-in to Azure AD. You can use the identity to enable or disable a device. You can also Delete Azure AD devices and remove their identities from AAD.

Delete Azure AD Devices

How To Disable an Azure AD Devices

  • Login to Azure Portal with required permissions
  • Go to Azure Active Directory blade in Azure portal
  • Select All Devices option
  • Search the devices with Device Name or You can search with User Name
  • Select one device and click on Disable button as shown in the above video

How To Delete Azure AD Devices

  • Login to Azure Portal with required permissions
  • Go to Azure Active Directoty blade in Azure portal
  • Select All Devices option
  • Search the devices with Device Name or You can search with User Name
  • Select one device and click on DELETE button as shown in the above video

Resource

Learn How to Delete or Disable Devices from Azure Active Directory

What is device management in Azure Active Directory?