DenisPasternak-3587 avatar image
0 Votes"
DenisPasternak-3587 asked LuDaiMSFT-0289 commented

Compliance status is "Not Compliant " after owner account was removed/restored

There are many computers in Intune that are in Compliance status is N/A . This happened after the administrator account was deleted, which was fired. Some computers that were added to Azure from his account changed status to N/A. For this computers, properties owner was specifies with this admins account.

Devices was enrolled using this article. Over Company Portal, with options "allow organization manage my device" enabled.

After restoring the account, the problem persisted.

In my test environment, I was able to repeat the issue once. Next, I tried the same steps, but subsequent devices remained "Compliant" even if the users who added this device were deleted.

I cannot explain why this is happening.

Why does the status of some computers change, and some do not?

The solution to the problem is to re-add the device, but this must be done on the device side. Can this be done on the Intune side?

Thank you.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

LuDaiMSFT-0289 avatar image
0 Votes"
LuDaiMSFT-0289 answered LuDaiMSFT-0289 commented

@DenisPasternak-3587 Thanks for posting in our Q&A.

It seems a misoperation. For issues caused by misoperation, it is not suggested to spend time on them, because these phenomenon may vary.

When you remove the user and the owner shows "None", it is suggested to try to add another user in the primary user
Then try to use the new primary user sigining in the device and check if the device shows normal status both in intune and Azure AD portal.

If there is anything update, feel free to let us know.

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 8
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the answer.
Yes, the owner is unknown. When I change ownership it doesn't help. The device remains in N/A status. Only if this new owner re-adds the device. But we don't want to ask users to do it on their end.

0 Votes 0 ·
LuDaiMSFT-0289 avatar image LuDaiMSFT-0289 DenisPasternak-3587 ·

@DenisPasternak-3587 Thanks for your update. I have tried the test in my lab. When the device's owner shows none, I tried to change the primary user in Devices > select the target device > Properties. However, this setting is greyed out. I couldn't do any change about primary user.


Given this situation, the only way is to delete the device in intune portal and enroll the device again. Currently, all the enrollment methods need to be done on the device side.

If you are interested in that device enrollment can be done on intune side, it is suggested to post in intune feedback portal. This is a place to collect customers' requirements and problems.

Thanks for your understanding and hope it will happen in the future.

0 Votes 0 ·
image.png (48.8 KiB)
image.png (36.6 KiB)

I'm sorry, maybe I didn't ask the right question.

The problem is that the devices are in Not Compliant status.


0 Votes 0 ·
Show more comments

After restoring a deleted user in AzoreAD. The status was changed, however, after the one of following steps:

1.Disable/enable computer account.

Import-Module MSOnline
Install-Module MSOnline
Get-MsolDevice -Name 'DESKTOP-G21392F' | Disable-MsolDevice -Force
Get-MsolDevice -Name 'DESKTOP-G21392F' | Enable-MsolDevice -Force

2.Performed synchronization from the Intune side.

3.Performed forced sending of data from the user's computer. According to the schedule, it happens every 24 hours.

4.Launched the Companies Portal on computer. It wasn't prompted to sign in.

I doubt that these actions can somehow affect, except for the last one. But for some reason, the status changed after ~5 minutes. Most likely, launch of the Company Portal changed its status, because it was automatically logged in after Company Portal started. Company Portal did not request the account`s credentials, application just started.

0 Votes 0 ·
LuDaiMSFT-0289 avatar image LuDaiMSFT-0289 DenisPasternak-3587 ·

@DenisPasternak-3587 After restoring a deleted user in AzureAD, the owner's "None" status is changed and shows the previously deleted user. I have tried in my lab and it shows same as yours. The user account signs in the Company Portal app automatically without the prompted sign-in page.

Honestly, not sure why Company Portal did not request the account's credentials. With the limitation resource, I have no idea that how Company Portal detected the user account and logged in automatically. If you are interested in this, it is suggested to create an online support ticket to find if there is any background logic about this situation. Here is the support link:

Thanks for your understanding and hope everything goes well with you.

0 Votes 0 ·

Thank you. Everything is very unpredictable.

Now, on two new test computers, I deleted the user, after which the status changed to Not Complaint. Then he restored the user and within a day the status changed to Complaint.
I do not understand the relationship, why in one case it does not work, but in the other it works.

0 Votes 0 ·
Show more comments