Auto Selective Wipe When an Account is closed.
When an end user account is set to auto-expire, this will also perform a selective wipe on the end user devices on the date/time the expiration was set.
@TheScreamingRichard – If you can do it in the UI, you can do it with Graph – we build the UI entirely on top of Graph. :-)
This page has the remote actions
There’s one member called
and there’s a different member called
there’s also one called
I’m assuming it’s one of those you’d be able to call for a Graph-based solution, though our Graph people are all at Build this week so if that’s not what you need I can ask them when they get back.
Thomas Garrity commented
Would prefer this to be a simple configuration in the console rather than needing to write code.
We have made an automation for this. This is published in GitHub too.
You can read more here: https://www.attosol.com/automate-selective-wipe-of-intune-app-protection-registered-devices-on-employees-exit/
The Screamin Richard commented
@Cathy, Unfortunately the Graph API "wipe" is actually a factory reset and not a selected wipe like "Remove company data" for MDM or "App selective wipe" for MAM. Unless I'm missing something.
This would be absolutely gold for us as we need to wipe a student's device when they leave the college to make sure that we remove any of our college owned apps and setting. This would automate our "off boarding" of exiting students so their device is ready for the next school they enroll in as well
T. Kuisma commented
Please make it possible to configure, so that when AAD user account is disabled or deleted, personal mobile devices related to that account are wiped & deleted from Intune. Same thing should happen if EMS/Intune license is removed from the user, but with some delay (week or so).
How do you set and end user account to auto-expire? That is a suggestion I had raised in the O365 uservoice forums
@David, you might be able to automate this with the Graph API - thoughts?