How can I delete or remote stale devices in Azure AD using Policy or PowerShell ?

Question

How can I delete or remote stale devices in Azure AD using Policy or PowerShell ?

EnterpriseArchitect 6,041

Folks,

How can I delete or remove the old device in Azure AD with ApproximateLastLogonTimeStamp older than 120 days?

Is there any PowerShell or Azure Policy to do that automatically?

Accepted answer

0 additional answers

Your answer

Answer 1

Carlos Solís Salazar 18,196 MVP Volunteer Moderator

Hi @EnterpriseArchitect

Thank you for asking this question on the **Microsoft Q&A Platform. **

It will be this script in PowerShell:

$dt = (Get-Date).AddDays(-120)  
$Devices = Get-AzureADDevice -All:$true | Where {($_.ApproximateLastLogonTimeStamp -le $dt) -and ($_.AccountEnabled -eq $false)}  
foreach ($Device in $Devices) {  
Remove-AzureADDevice -ObjectId $Device.ObjectId  
}

The following documentation has more details

Hope this helps,
Carlos Solís Salazar

----------

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
NOTE: To answer you as quickly as possible, please mention me in your reply.

Carlos Solís Salazar 18,196 Reputation points MVP Volunteer Moderator

2022-08-23T12:47:54.07+00:00

Hi @EnterpriseArchitect

How did it go?

You can Accept Answer and Upvote, if the above response helped answer your query, others visiting the forum with the same query might get help.
NOTE: To answer you as quickly as possible, please mention me in your reply.
EnterpriseArchitect 6,041 Reputation points

2022-08-23T13:12:07.563+00:00

That's great, thanks @Carlos Solís Salazar .
I assume the deletion can be reversed from the recycle bin supposed there is any device must be restored ?

Share via

How can I delete or remote stale devices in Azure AD using Policy or PowerShell ?

0 additional answers

Your answer