Hello Yasha Kohut,
Here are the answers to your queries. Hope you find them helpful.
Scenario 1: If these are shared devices, one approach to restore compliance without wiping them is to configure the devices as shared multi-user Windows devices. This can be done by:
- Applying the shared multi-user device configuration policy in Intune.
- Assigning the policy to the affected devices.
More information on this policy is available here:
Shared or multi-user Windows device settings in Microsoft Intune | Microsoft Learn
Note: This approach does not reassign the primary user or re-enroll the device but is useful in shared device environments where user-specific configurations are less relevant.
Otherwise, the ideal solution would be to unenroll and re-enroll.
Scenario 2: If a device is already enrolled in Intune by a user (e.g., user X), applying a provisioning package (.ppkg) will not override the existing enrollment unless the package includes a mechanism to:
- Unenroll the device from Intune
- Leave and rejoin Azure AD or Trigger bulk enrollment
Simply using a .ppkg to rename the device or apply configuration changes will not affect its enrollment status. In this case, the original user’s enrollment and associated settings will remain intact, and the new name or configurations may not reflect in Intune.
In short: The original enrollment takes precedence, and .ppkg changes are limited unless re-enrollment is explicitly triggered.
If you found the information above helpful, please Click Yes. This will assist others in the community who encounter a similar issue, enabling them to quickly find the solution and benefit from the guidance provided.