This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
We got such problem. I have iOS devices enrolled to intune using User Enrollment. I have create conditional access policy and deployed it to ios user groups so that users who doesn't enroll they device can't get to the company resource.
The problem.
When i delete ios device from intune. On the device:
After 1 hour, if they try to reach company resource -> they receive notification in application that they need to enroll theirs device . So it's means that after deleting ios device from intune, conditional access policy applies only after 1 hour, but no immediately.
Maybe you got some suggestions? Or maybe there something need to be changed in configuration?
Thank you!
The delay could be because of the access token that is valid for an hour. If you want to speed this up, you can try to perform the device wipe which will revoke the data (only corporate data).
Regards,
Eswar
www.eskonr.com
So in my case in iOS User Enrollment i need to use selective wipe?
Because in user enrollment scenario, device cannot be wiped.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@EduardsGrebes-8297, Your understanding is correct. We can try selectively wipe to remove corporate app data by creating a wipe request. The following link for the reference:
https://learn.microsoft.com/bs-cyrl-ba/mem/intune/apps/apps-selective-wipe#create-a-wipe-request
Hope it can help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
You can try the retire option which removes only the corporate data/apps etc. Please read https://learn.microsoft.com/en-us/mem/intune/remote-actions/devices-wipe#retire for more about the retire option.
Thanks,
Eswar
Hello
I used selective wipe on device and then delete it.
Everything runned successfully.
@EduardsGrebes-8297,Thanks for the update. I am glad to hear that it is working by using selective wipe. If there's anything we can help in the future, feel free to post in our Q&A.
Again thanks for your time and have a nice day!