Hi Richa,
To manage non-compliant devices in Intune, you can use the following options:
- Automate actions for noncompliance: You can create a compliance policy in Intune where you specify actions for non-compliance. For example, you can set a rule to send an email to the user if their device is not compliant. After a specified number of days, if the device remains non-compliant, you can choose to retire/remove the device.
Here's the documentation on how to create a compliance policy in Intune: Create a device compliance policy
- Manually remove the non-compliant devices: You can also manually remove non-compliant devices from Intune. Go to the Intune portal, select "Devices" -> "All devices", then select the devices you want to remove and click "Delete".
Here's the documentation on how to delete devices in Intune: Delete devices by using Microsoft Intune
- Notification to users: As for sending a notification to users about the removal of their device, this can be done in the compliance policy. In the "Actions for noncompliance" section of the policy, you can specify an email to be sent to users when their device is flagged for removal.
Here's the documentation on how to specify email notifications in compliance policies: Device compliance notifications. Remember, removing a device from Intune management will delete all managed apps and their data from the device. For large scale operations, it's recommended to automate the process using Microsoft Graph API: Microsoft Graph API - Device Management