Microsoft Intune, “Retire,” “Wipe,” and “Delete”
In Microsoft Intune, “Retire,” “Wipe,” and “Delete” are actions you can take when managing mobile devices and sometimes computers. These actions are used to control and secure the data and settings on the devices.
1- Retire:
- Purpose: Retiring a device means marking it as no longer needed or in use. It’s a way to indicate that the device is no longer managed by the organization.
- Effects: When you retire a device, it typically removes company data and settings associated with that device, but it doesn’t wipe the entire device or delete personal data.
- Use Case: You would use the retirement option when an employee leaves the company, and you want to remove their access to company resources without wiping their personal data.
2- Wipe:
- Purpose: Wiping a device means removing all data and settings on the device, returning it to its factory state. It’s a more drastic action than retiring and is typically used in cases where the device is lost, stolen, or when more thorough data removal is necessary.
- Effects: Wiping a device will erase all data on the device, including both company and personal data. It resets the device to its original configuration.
- Use Case: You would use the wipe option when a device is lost or stolen, or when you need to decommission a device and ensure no company data remains on it.
3- Delete:
- Purpose: Deleting a device removes it from the Intune console and revokes its management capabilities. It’s a way to permanently remove a device from the organization’s Intune account.
- Effects: Deleting a device removes it from management but does not wipe the device or affect the data on it.
- Use Case: You would use the delete option when you no longer need to manage a device with Intune, such as when a device is no longer in use or is being replaced.
The difference between ‘Retire’, ‘Wipe’, and ‘Delete’ in Intune device management is as follows:
- Retire:
- removes app data, settings, and Intune managed email profiles from the device. The device will still show up in Intune until the device checks in. Retirement leaves users’ personal data on the device. Retire also removes the Azure AD record of the device, unless the device has an Autopilot hash assigned³.
- Wipe :
- restores a device to its factory default settings. All data, apps, and settings are removed. Wipe also removes the device from Intune management and Azure AD, unless the device has an Autopilot hash assigned³. Wipe is useful for resetting a device before giving it to a new user, or when the device has been lost or stolen.
- Delete:
- removes the device from the All-devices list in Intune immediately. Delete also issues the retire command to the device, which removes app data, settings, and Intune managed email profiles from the device. Delete also removes the Azure AD record of the device, unless the device has an Autopilot hash assigned³.
It’s important to understand the differences between these actions and use them appropriately based on your organization’s policies and the specific circumstances for each device. Always exercise caution when performing actions like wiping or deleting, as they can result in data loss on the device. It’s also good practice to communicate with the device owner or user before taking such actions, especially when dealing with personal devices.
Now, let’s to see the video from our YouTube channel:
You can find all learning for Azure by clicking here.