Allow organizations to remove the full wipe option from non-company owned devices
Allow an organization to define user-owned devices and remove the ability to perform full wipes on those devices.
Do you mean you want to disable the ability for users to do the full wipe in the company portal, or prevent admins from doing a full wipe in the Azure admin console? I’m trying to see if I should merge this with https://microsoftintune.uservoice.com/forums/291681/suggestions/34001734
Why this feature is available
Jeroen Brouwers commented
I think the problem (at least on our end) is that BYOD users do not like the suggestion that the company can just wipe their entire device, even if the organization intends to only apply a selective apps wipe in such a case.
This would mean that the Intune UI would need to make a difference between the full wipe and the selective wipe, given specific settings in the InTune portal.
Hi. It would be great if there is a Powershell option or something which disables the full wipe option from Intune for BYOD or personal devices. This would add an additional layer of security so users cannot even 'accidentally' remote wipe devices.
Students are using school computer(corporate) as non local adminstrator and use the possibility to wipe the computer in th company portal to bypass permissions
At no point should an organisation sjhould have full access to the my device in order to fully wipe it.
Robert Cooper commented
This should have really been a day one release feature. Of course BYOD users do not want to give their company admins the power to factory reset their personal devices. Please can we get some traction on this.
I require the Wipe option to be greyed out for personal ownership devices. This would be helpful for my organisation Intune management as our users have concerns around the ability of the admins to wipe their personal devices.
Imre Butsy commented
I have a customer here who has concerns around the ability to perform a full wipe on personal mobile devices. They do not want to risk full wiping a personal device accidentally.
On Android Enterprise managed devices we can only manage the work profile, thus the problem does not exists.
However they see it as a concern for iOS (and other platforms as well).
They want to remove the full wipe button from Azure portal for personal devices ( or make it optionally unavailable).
Any update on this? IT admin should not have full wipe on personal device.
Hi Cathy, yes we want to prevent admins from doing a full wipe in the Azure admin console for BYOD devices. Same as the link you sent so can merge together.
"prevent admins from doing a full wipe in the Azure admin console" on user-owned devices is the request. Allowing admins the ability to wipe corporate data from a device is one thing, allowing admins to wipe personal data on user-owned devices is unacceptable.
Please allow us the option to disable full remote wipe in the MDM portal, we need to provide proof that we can only selectively wipe corporate data.