Ghosts in Entra ID group. Can't delete what isn't there.

Jon Resele 60 Reputation points
2024-09-12T04:43:31.04+00:00

Entra ID cannot delete devices that are Autopilot devices, and you can only delete those devices from Intune or online at https://admin.microsoft.com/Adminportal/Home?#/PrepareWindows or there-abouts.

My problem is that I have 11 devices in my Intune-Autopilot Entra group (dynamic assign using the instructions at https://video2.skills-academy.com/en-us/autopilot/enrollment-autopilot) that are not available to remove via Intune or the admin.microsoft.com site.

Is there a way to delete these "ghosts" from Entra?

One of the devices is a PC that was in a room that was converted and we removed the PC from Active Directory (moved from Domain to Workgroup) but still showed up as an Autopilot device in Entra.

5 specific devices are PCs that I gathered the HWID of through the PWSH and .csv upload to Intune, but after having been deleted from the Autopilot devices in Intune, are still in Entra as "ghosts"; and to clean things up, I'd like to get rid of them.

We've encountered an "issue" where, when uploading an HWID to Autopilot, it will automatically join Entra; making it impossible to then Hybrid-join, due to being already Entra-joined. So we're trying to clean up our existing Autopilot PCs to clear out everything. (We had an Intune domain-join policy/config that was working, but that was before Autopilot uploads were automatically joining Entra)

Other than the one I've already dropped from AD, I don't know if dsregcmd /leave /debug will work if in Entra the deviceID is technically a different device than the current machine (we've seen Entra-joined, Entra-registered, and MDM-only for the same PC with different deviceIDs in Entra; same PC, same hardware, different devices in Entra)

Windows Autopilot
Windows Autopilot
A collection of Microsoft technologies used to set up and pre-configure new devices and to reset, repurpose, and recover devices.
466 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,029 questions
0 comments
Accepted answer
  1. Crystal-MSFT 48,576 Reputation points Microsoft Vendor
    2024-09-12T05:20:22.0866667+00:00

    @Jon Resele, Thanks for posting in Q&A. In general, the steps to remove Autopilot devices are as below:

    1. Remove the devices from Intune.
    2. Remove the devices from Autopilot devices.
    3. Remove the device from Microsoft Entra ID.

    https://www.prajwaldesai.com/delete-windows-autopilot-device-intune-entra/#:~:text=Delete%20Windows%20Autopilot%20Device%20From%20Intune%201%20Sign,deletion%20can%20take%20a%20few%20minutes%20to%20complete.

    Note: Non-Microsoft link, just for the reference.

    But from your description, it seems the device is still unable to delete after we remove the Autopilot device. Please ensure the devices under Devices in Intune portal is also removed. Wait for some time for sync to see if the result will be different.

    However, if it is still not working. please open case to help to remove the device records.

    https://video2.skills-academy.com/en-us/entra/fundamentals/how-to-get-support

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.