This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 34%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Hello,
I connected Microsoft Defender 365 to Endpoint recently.
After 3 weeks, I face too many devices that are not in Endpoint anymore. Maybe there were before. These devices have different statuses. MEM doesn't manage them. Some of them are active, and others not.
I would like to remove these devices. I cannot run the script on them because I don't have access to them or know where they are or whose devices are.
Moreover, these devices are not onboarded. Their onboarding statuses for these devices are "can be onboarded."
It would be great if you could give me some solution to this problem.
Hi,
The issue seems more related to Microsoft Defender. It is better to contact Microsoft Defender for Endpoint to get more accurate help. Here is the link:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/contact-support?view=o365-worldwide
Best regards,
Simon
This data is collected by device discovery. You can add exclusions. Once a device is recognized you need to wait 14 days for them to drop from the view once excluded or disconnected.