Offboard devices

Applies to:

• Microsoft Defender for Endpoint Plan 1
• Microsoft Defender for Endpoint Plan 2
• Microsoft Defender Vulnerability Management
• Microsoft Defender XDR

Platforms

• macOS
• Linux
• Windows Server 2012 R2
• Windows Server 2016

Want to experience Defender for Endpoint? Sign up for a free trial.

Follow the corresponding instructions depending on your preferred deployment method.

Note

The status of a device will be switched to Inactive 7 days after offboarding.

Offboarded devices' data (such as Timeline, Alerts, Vulnerabilities, etc.) will remain in the portal until the configured retention period expires.

The device's profile (without data) will remain in the Devices List for no longer than 180 days.

In addition, devices that are not active in the last 30 days are not factored in on the data that reflects your organization's Defender Vulnerability Management exposure score and Microsoft Secure Score for Devices.

To view only active devices, you can filter by sensor health state, device tags or machine groups.

Offboard Windows devices

• Offboard devices using a local script
• Offboard devices using Group Policy
• Offboard devices using Mobile Device Management tools

Offboard Servers

• Offboard servers

Offboard non-Windows devices

• Offboard non-Windows devices

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.