Correct way to redeploy intune DEP iOS devices

TassieTrooper 11 Reputation points

Hello. Can anyone please confirm the 'correct' way to redeploy an DEP iOS device in Intune? I have searched high and low, yet nothing seems to definitively on record the 'correct' process.

Here is what I am faced with having to do each time a device is wiped/deleted so it can be reassigned using the same or different Token Enrolment profile:

  1. Wipe or delete the device from Intune.
  2. Wait approximately 5mins then delete the device from AAD - Yes, you read right, the AAD object is not deleted!
  3. NOTE: 1 and 2 can be swapped around as one never impacts the other, both device 'accounts' must be deleted manually.
  4. Wipe the device via iOS DFU restore or via Apple Configurator, if an Intune 'Wipe' was not performed.
  5. Configure the device as usual via the iOS Setup Assistant, which will configure (enroll) the device for Remote Management (Intune).

If you do not remove the device from Intune and AAD, a device with the same device name (naming template via the Token profile) is registered within AAD and Intune; and I discovered this problem - that is multiple, duplicated named AAD device objects (unique object IDs of course) - are in AAD. I have a device listed 7-times, which was a testing device I assumed (I inherited this AAD tenant)



Microsoft Intune iOS
Microsoft Intune iOS
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.iOS: An Apple mobile operating system.
56 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Simon Ren-MSFT 14,936 Reputation points Microsoft Vendor

    Hi Dave,

    Thank you for posting in Microsoft Q&A forum.

    Yes, Intune and AAD are separate and removing devices in one portal will not impact the other. In general, the steps to redeploy intune DEP iOS devices are as below:

    1,Wipe the device from Intune.

    2,Delete the device from AAD

    3,Unassign the device from the current MDM in Apple Business Manager (ABM) or Apple School Manager (ASM)

    4,Assign the device to MDM

    5,Reploy the device to Intune as usual
    unassing and assign

    Thanks for your time. Have a nice day!

    Best regards,

    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.