This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 76%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
We mistakenly allowed BYOD android and IOS devices to be enrolled into Intune. We have since blocked enrollment while enabling MAM. For the previously registered devices (especially iOS), what is the least disruptive way to remove the device from Intune MDM to switch to MAM? I believe deleting the personal iOS device will not affect data but the end user may need to reinstall company apps?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@mpls, Thanks for posting in Q&A. To remove a personal iOS device from Intune MDM to switch to MAM, the user can simply remove the device from the Intune portal. This will remove the device from MDM management, The next time the device checks in, any company data on it will be removed as Intune also retires a device when deleting it from the admin center. For iOS devices, apps that are pinned to the management profile, all app data and the apps are removed. These apps include apps originally installed from App Store and later managed as company apps unless the app is configured to not be uninstalled on device removal.
You can check what data is removed in the following link:
But the user will still be able to access company apps that are protected with MAM policies. However, the user may need to reinstall company apps if they were previously installed through MDM.
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you, Crystal. Will any harm be done by deleting the byod personal iOS device from Intune vs asking the user to remove the device from their company portal? Is the end result the same?
@mpls, Thanks for marking our reply as answer. Remove the device Intune means the device is not managed by Intune. Not heard harm before. Remove it from company portal can also remove the device from Intune. This is OK too.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 89%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFD%3C/text%3E%3C/svg%3E)
do you mean DELETE option or RETIRE option in Intune ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 3%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
I have done this procedure with a iOS personally enrolled. Device platform restriction block personal device enrolment, MAM is applied. I used RETIRE and not delete, and now when adding account in outlook, it redirecting me on company portal to be enrolled, did I missed something. All applications are protected by MAM but Outlook and Teams keep asking me to enroll the device. What do you think ?
thank you