Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Today we're going to scorch a device from MEM and Azure AD. Let's get started.

Use this guide to reset a device and prepare it for a new user.

Note

Removing a device from on prem Active Directory is only necessary for Hybrid AD devices.

Removing a Device from Users and Computers (Active Directory on Prem)

  1. This is only applicable if the device was Hybrid AD. If it is not then you can move onto the next section.

  2. Open Active Directory Users and Computers

  3. Right click on “co.ssd.k12.mo.us” and select Find…

    Image Added
  4. Type in the Computer name of the object you’re looking for

    Image Added
  5. Right click on that object and delete it

Removing a Device from Endpoint Manager and Autopilot

You will need to have access to use Azure AD and Microsoft Endpoint Manager on a device that's not being scorched. We are going to be working in Endpoint Manager. You can use Chrome or Edge for good resultsfor the next steps

Google Chrome or Microsoft Edge is the best browsers to use for this.

  1. Record the serial number of the device that needs to be removed.

    1. In my example you'll find that I'm working on device 5X38M63.

  2. Log into Office 365.

  3. Either using the tiles to the left of your screen or

selecting
  1. select the "Waffle" in the top left

look for the Admin tile
  1. to get a list of options to chose.

  2. Select the Admin Tile.

  3. The tile looks like this and will open a new screen:

    Image Modified
  4. Select "Show All" on the left menu area.

  5. Select "Endpoint Manager".

    Image Modified
  6. Chose "Devices" on the left panel.

    Image Modified
  7. Chose "Windows".

    Image Modified
  8. You can search for the device by its Serial Number.

    Image Modified
  9. Select the record you want to work with.

  10. In most cases the name of the records should match between Endpoint Manager and Azure AD

  11. Select the Delete option (Looks like a trash can).

    Image Modified
  12. Select "Yes" when asked to confirm deleting the record

.Caution - You'll want to note the device name especially if its different than the serial number. We'll need it soon
  1. .

  2. Next we'll need to remove the Autopilot record from MEM.

  3. Click Devices.

    Image Modified
  4. Click

Enroll Devices
  1. Enrollment.

Image Removed
  1. Under "Windows Autopilot

Deployment Program
  1. " select Devices.

Image Removed
  1. image-20240926-150935.pngImage Added

  2. Put the serial number of the device you want to check up on here.

  3. Check the box to the left of the box of the device we want to remove.

  4. Click the "Delete" option.

  5. Select the "Yes" option to confirm the operation.

    Image Modified
  6. If you click the bell icon you can see the status of the deletions taking place. Autopilot deletion will take several minutes. You don't have to wait. You can move onto the next step.

    Image Modified

Removing a device record from Azure Active Directory

We are going to work in Azure Active Directory. Chrome or Edge both work to do this.

You may skip the first few steps if you know how to navigate to Azure Active Directory.

  1. Log into Office 365.

  2. Either using the tiles to the left of your screen or selecting the "Waffle" in the top left look for the Admin tile.

  3. Select the Admin Tile.

  4. The tile looks like this and will open a new screen:

    Image Modified
  5. Select "Show All" on the left menu area.

  6. Select "

Azure Active Directory
  1. Identity".

Image Removed
  1. image-20240926-151200.pngImage Added

  2. You will select "

Azure Active Directory
  1. Devices" again on the panel on the left. 

Image Removed
  1. image-20240926-151303.pngImage Added

  2. Select "All Devices".

Image Removed
  1. Search for the device name. In my case I'm looking up SSD-5X38M63.

In most cases (While we're in a Hybrid environment)
  1. If the device is a Hybrid AD device there will be two

results
  1. records like shown below. If its not there will only be one record.

    Image Modified
  2. Select

the checkbox that says “Azure AD Join” under Join Type next to the
  1. all matching device records. 

  1. You can leave the Hybeid Azure AD Joined Object

  1. When you do this the trash can icon with the selection "Delete" will be available. Chose this.

  2. If the records do not delete then its likely there's something connected to MEM still.


Next steps -

Format and Reinstall Windows 10
Info

If a Hybrid Azure AD joined object exist you do not need to install any local account or rebind the machine. You can chose login to Organization or login using the @ssdmo.org account of the assigned user.

Note

Caution - If there’s no Hybrid Azure AD Object you will do the following

  1. You can delete the partitions and create one larger partition. That will work.

  2. Create a local SSD account.

  3. Rename the computer to SSD-SERIALNUMBER.

  4. Bind the system to the on prem domain. You can now use the enrollment instructions.

Filter by label (Content by label)showLabelsfalsesortmodifiedshowSpacefalsereversetruecqllabel = "mem-intune" and type = "page" and space = "TSKC"

Use the Confluence Page on Importing the device into Autopilot

Page Contents

Table of Contents
minLevel2
absoluteUrltrue
printablefalse