What's the difference between retire vs selective wipe in Intune Managed Device

1
votes

I've enroll some devices with Intune, but MacOs device cannot be wipe since the "Wipe" button is disabled. I need to do Selective Wipe(Which is remove company data, but not the user data), can i replace it with Retire function? What's the difference ?

What I've already tried : I've tried to restart the MacOs, approve management profiles from Intune, make sure the Device has been registered in Intune, but the wipe button is still disabled. I tried to call wipe from Graph API and it return 204 (which is success). But in Azure AD, Device action give notice : Wipe Failed.

1
macosazure-active-directoryintune
Take a look. Follow the referred document will be helpful I hope.Md Farid Uddin Kiron
If my answer helpful you could mark to help community. Thanks once again.Md Farid Uddin Kiron
Hi @MdFaridUddinKiron , thanks to contribute this post, but I would like to wait a little bit more for another answer that may give another perspective for Selective wipe and RetireWendi
Whats that? can you share, I would try to answer, What you exactly like to know?Md Farid Uddin Kiron
I try to do selective wipe for Android and it directly sign out the device from Company Portal and restarting the device (not factory reset). The Android configuration still remain the same. So I believe retire will do same thing, at least no more powerful than a selective wipe.. - I still believe I can replace selective wipe with retire, since.. We can't wipe mac-os device, the only option is RetireWendi

1 Answers

2
votes

It seems you are trying to implement Selective Wipe and Retire on Microsoft Intune

As you know both remove devices from Intune that are no longer needed

Difference

You cannot replace wipe with Retire because their functionality is not similar. I have described below as per official statement.

Selective Wipe

The Wipe action restores a device to its factory default settings. The user data is kept if you choose the Retain enrollment state and user account checkbox. Otherwise, all data, apps, and settings will be removed

Retire

The Retire action removes managed app data (where applicable), settings, and email profiles that were assigned by using Intune. The device is removed from Intune management. This happens the next time the device checks in and receives the remote Retire action

Retire leaves the user's personal data on the device.

Note: Before you remove a user from Azure Active Directory (Azure AD), use the Wipe or Retire actions for all devices that are associated with that user. If you remove users that have managed devices from Azure AD, Intune can no longer wipe or retire those devices.

For more details you could refer this official docs. If you still have any query feel free share. Thanks and happy coding!