AzureAAD-MDE- Security Management for Microsoft Defender for Endpoint mis-scope

BGTech88 1 Reputation point
2022-05-06T21:29:17.28+00:00

While setting up the process listed here https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/security-config-management?view=o365-worldwide
the scope of devices that the policy should apply to was wider than intended. As such, many devices were AAD Joined or Hybrid Joined that should not have been. The scope has been changed which caused the devices to be removed from Intune, however, reducing the scope of the policy has not changed the device status within AAD.

Is there a recommended method to remove these devices' AAD status/enrollment without effecting them within the production environment?

Thanks in advance.

Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,313 questions
Microsoft Entra
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Lu Dai-MSFT 28,366 Reputation points
    2022-05-09T04:06:35.577+00:00

    @BGTech88 Thanks for posting in our Q&A. From the article, it seems there is no setting will remove intune devices.

    To clarify this issue, we appreciate your help to collect some information:

    1. Please make sure that the device is enrolled in intune before you configure Security Management.
    2. Could you please clarify that which setting you used to educe the scope of the policy?
    3. Please check if these target devices are listed in Azure AD portal. If possible, please show the screen shot of the device.
      200089-image.png
      Note: please hide the private information.

    If there is anything update, feel free to let us know.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.