![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 80%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
2,094 questions
@Matthew Schmidt if the policy settings are not taking effect on the endpoint despite removing the device from the AzureAD group and unassigning the policy, it could be due to synchronization delays or an Intune service issue. To address this, try initiating a manual sync on the device and checking the Intune service status for any ongoing problems.
This is because Intune does not automatically remove security policies when you unassign the policy (stop deployment). You may need to leave the policy assigned, and then change the security settings back to the default values. However, if you want to completely remove the policy from the device, you can delete the Windows Device from Azure Active Directory (AAD) and Microsoft Endpoint Manager (MEM) and wait for it to re-sync. This will clean up any MEM policies and profiles.
This practice is often followed before deploying new or redeploying any Windows device. Azure Active Directory (AAD) and Intune are different systems, so changes in one system may not automatically reflect in the other.
See this documentation
Troubleshoot policies and configuration profiles in Microsoft Intune - Intune | Microsoft Learn Cleanup Intune profiles and policies - Microsoft Community Hub
Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
Kindest regards,