Share via

User has legacy MSODS device registrations visible

Matthew Dodson 20 Reputation points
2025-05-08T17:31:47.0433333+00:00

We have a fleet of Macs managed with Kandji (recently migrated from Jamf) and most of our Mac users have what appear to be legacy MSODS device registrations visible in portal.manage.microsoft.com that are not in Entra ID or Intune and cannot be removed. I know it's not necessarily causing performance problems, but it's made their device list cluttered and confusing and I want to purge them.

I've read that I can request escalation and a backend cleanup of these entries, but my company doesn't pay for Microsoft support so I can't contact them. Is there any way I can clean this up?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Accepted answer
  1. Anonymous
    2025-05-09T14:47:05.19+00:00

    Hello Matthew Dodson,

    Since these entries are leftover and not managed through Entra ID/Intune, you cannot remove them through standard admin tools.

    You can look into some Cleanup Options:

    1.Microsoft Support Escalation (Best Option)

    Since these entries are not exposed through APIs or the current portals, Microsoft must manually clean them up via backend support.

    You mentioned your company does not pay for support however, if your organization uses any of the following:

    -Microsoft 365 Business/Enterprise plans (E1, E3, E5, Business Premium)

    -Intune

    -Microsoft Entra ID P1 or P2

    Then you likely already have basic support included: You can submit service requests via the Microsoft 365 Admin Center or Azure Portal. Response time: Within 24 hours (for non-critical issues) and no additional cost --> Try this first: Go to admin.microsoft.comSupportNew service request

    OR portal.azure.com→ Help + Support → New support request

    -Microsoft Professional Support (Pay-per-incident)

    If you don't have a Microsoft 365 or Azure subscription:

    Price: ~$499 USD per incident (may vary by region), Gives you one-on-one access to a Microsoft support engineer, Used mostly by companies without enterprise subscriptions

    Available at: https://support.services.microsoft.com

    2.Rejoin Devices (Workaround, not a cleanup)

    If a device is still active and has the legacy MSODS entry, try: Removing it from Work/School Account on the Mac Fully unenroll the device from MDM (Jamf/Kandji) Re-enroll cleanly to Intune or current MDM

    This only works for devices still in use and won’t help for ghost/stale entries.

    -Prevent Future Clutter

    Ensure devices are enrolled only through supported paths (Apple DEP with Intune or Kandji)

    Users aren’t manually joining Entra ID or enrolling via legacy portals.

    MDM profiles are pushed and removed cleanly.

    Since you're already managing devices via Kandji and have migrated from Jamf, you likely have Microsoft Entra ID and/or Intune licenses active. This means you probably already have the ability to open a support ticket at no additional cost. Azure Support Plans Comparison | Microsoft Azure
    https://learn.microsoft.com/en-us/entra/fundamentals/how-to-get-support#tips-for-creating-online-support-requests

    I hope this clarifies things.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.