Correct way to redeploy intune DEP iOS devices

TassieTrooper 16 Reputation points
2023-03-14T11:05:22.91+00:00

Hello. Can anyone please confirm the 'correct' way to redeploy an DEP iOS device in Intune? I have searched high and low, yet nothing seems to definitively on record the 'correct' process.

Here is what I am faced with having to do each time a device is wiped/deleted so it can be reassigned using the same or different Token Enrolment profile:

  1. Wipe or delete the device from Intune.
  2. Wait approximately 5mins then delete the device from AAD - Yes, you read right, the AAD object is not deleted!
  3. NOTE: 1 and 2 can be swapped around as one never impacts the other, both device 'accounts' must be deleted manually.
  4. Wipe the device via iOS DFU restore or via Apple Configurator, if an Intune 'Wipe' was not performed.
  5. Configure the device as usual via the iOS Setup Assistant, which will configure (enroll) the device for Remote Management (Intune).

If you do not remove the device from Intune and AAD, a device with the same device name (naming template via the Token profile) is registered within AAD and Intune; and I discovered this problem - that is multiple, duplicated named AAD device objects (unique object IDs of course) - are in AAD. I have a device listed 7-times, which was a testing device I assumed (I inherited this AAD tenant)

Cheers,

Dave

Microsoft Intune iOS
Microsoft Intune iOS
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.iOS: An Apple mobile operating system.
202 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Simon Ren-MSFT 31,756 Reputation points Microsoft Vendor
    2023-03-15T09:15:04.7066667+00:00

    Hi Dave,

    Thank you for posting in Microsoft Q&A forum.

    Yes, Intune and AAD are separate and removing devices in one portal will not impact the other. In general, the steps to redeploy intune DEP iOS devices are as below:

    1,Wipe the device from Intune.

    2,Delete the device from AAD

    3,Unassign the device from the current MDM in Apple Business Manager (ABM) or Apple School Manager (ASM)

    4,Assign the device to MDM

    5,Reploy the device to Intune as usual
    unassing and assign

    Thanks for your time. Have a nice day!

    Best regards,
    Simon

    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    https://docs.microsoft.com/en-us/answers/articles/67444/email-notifications.html