AvePoint Learn
Request article
Contact support
Request article
Contact support
English

    Home > Device Management > Manage Devices

    Export to PDF

    Manage Devices

    On the Devices page, all devices registered within the tenant are listed in the table with their basic information.

    Click Refresh to view the latest device list. Please note that the newly enrolled devices will be displayed only after the daily sync job is completed.

    You can also click Export to export the report of managed devices.

    Select one or multiple Windows devices and click Autopilot Reset to trigger a remote Windows Autopilot Reset for the devices. It quickly removes personal files, apps, and settings, resets devices running Windows 10 and later from the lock screen, applies original management settings from Microsoft Entra ID and Intune device management, and returns the devices to a fully configured or known IT-approved state.

    To delete a device, select the device and click Delete. Click OK in the confirmation window to confirm the deletion. The device will no longer be allowed to access to the company’s corporate resources. Company data may be wiped from the device if it tries to check in after it is deleted.

    Click a device name to access the Device details page. On the top of the page, you can view the name, compliance status, type, OS version, and operating system of the device. There are five tabs on this page:

    • Basics – In this tab, the essentials, BitLocker keys (if configured), user information, device notes, and device storage of the device can be viewed.

      The values of the editable fields are highlighted in light blue. Click the pencil button in an editable field to edit the corresponding information.

    • Compliance policies – The compliance policies applied to this device are listed in the table. Click a policy name to access the Policy settings page. For more information, refer to Manage Policies.

    • Groups – In this tab, you can view and manage the group assignment for the device.

      • Add groups – Click Add groups and the Add groups window appears. Select the groups that you want to add and click Add to add the groups. Choose whether to add the device to a group by clicking the toggle button in the Member column of the group.

      • Turn off for all – Click Turn off for all to turn off the membership for all groups listed in the table.

      • Turn on for all – Click Turn on for all to turn on the membership for all groups listed in the table.

      • Export – Click Export to export the group assignment for the device.

      • View group details – Clicking a group name allows you to view the detailed information of the group in the Group details window. Refer to View and Manage Groups

    • Local passwords – In this tab, you can view the account name, last password rotation time, and next password rotation time. Click an account name link to view the local administrator password.

      NOTE

      This is only available for Windows devices.

    • Device actions – In this tab, you can view all device actions with the start time, finish time, and status.

    • Audit logs – In this tab, you can view all action records performed to the current device. You can click Refresh to view the latest audit logs, or click Export to export the audit logs into an Excel.

    The following action are available on the Device details page to manage the device.

    • Sync – In the upper-right corner, you can click Sync to sync the device to get the latest polices and actions with Intune. When a device checks in, it immediately receives any pending actions or policies assigned to it. This action helps you immediately validate and troubleshoot policies without waiting for the next scheduled check-in.

    • Reset passcode – Click Reset passcode from the ellipsis drop-down in the upper-right corner to reset the passcode for the device, and a new passcode will be generated and displayed for the next 7 days.

      NOTE

      This is only available for devices of the Android operating system.

    • Remove passcode – Click Remove passcode from the ellipsis drop-down in the upper-right corner to remove the passcode from the device. Users will be able to access it without a passcode until a new one is set.

      NOTE

      This is only available for devices of the iOS operating system.

    • Remote lock – Click Remote lock from the ellipsis drop-down in the upper-right corner to remote lock this device. A locked device can only be unlocked by users with a passcode. Devices without a passcode will still be accessible to any user. Use this action when a device is misplaced, left unattended, or suspected of unauthorized use without wiping data or removing enrollment.

      NOTE

      This remote action supports the following platforms:

      • Android Enterprise corporate-owned dedicated (COSU)
      • Android Enterprise corporate-owned fully managed (COBO)
      • Android Enterprise corporate-owned work profile (COPE)
      • Android Open Source Project (AOSP)
      • iOS/iPadOS
      • macOS

    • Scan – Click Scan from the ellipsis drop-down in the upper-right corner, select the scan mode you want to issue on this device, and click OK to start the scan.

      • Quick scan – A quick scan looks at all locations on the device where there could be malware registered to start with the system, such as registry keys and known Windows startup folders. A quick scan helps provide strong coverage for both malware that starts with the system and kernel-level malware.

      • Full scan – A full scan checks all files and running programs on the device hard disk for malware. This scan could take longer than one hour.

    • Update signatures – Click Update signatures from the ellipsis drop-down in the upper-right corner to update the Windows Defender signatures on the device. Updating the Windows Defender signatures will apply the latest protection definitions. Users might experience a brief slowdown during the update process.

    • Rotate local admin password – Click Rotate local admin password from the ellipsis drop-down in the upper-right corner to rotate the local admin password on the device. A single password will be generated to the identity provider after a device restart. Password will expire automatically within the period specified in the policy.

      NOTE

      This is only available for devices of the Windows operating system.

    • Fresh start – Click Fresh start from the ellipsis drop-down in the upper-right corner to clean the device. Cleaning a device will remove all preloaded Win32 apps. To retain user data on the device, select the Retain user data on this device option.

    • Retire – Click Retire from the ellipsis drop-down in the upper-right corner to remove company data on the device. This will remove company data managed by Intune. The user’s personal data is not removed. Removing company data is not supported for Windows devices that are joined to Microsoft Entra lD. Any Win32 app deployed using Intune will not be automatically removed from the device, when the device is retired. The Win32 app and the data it contains will remain on the device. If the Win32 app is not removed prior to retiring the device, the end user will need to take explicit action on the device to remove the app.

    • Restart – Click Restart from the ellipsis drop-down in the upper-right corner to restart the device. Users will not be automatically notified of the restart, and might lose unsaved work.

    • Autopilot Reset – Click Autopilot Reset from the ellipsis drop-down in the upper-right corner to trigger a remote Windows Autopilot Reset for the device. It quickly removes personal files, apps, and settings, resets devices running Windows 10 and later from the lock screen, applies original management settings from Microsoft Entra ID and Intune device management, and returns the device to a fully configured or known IT-approved state.

      NOTE

      This is only available for devices of the Windows operating system.

    • Wipe – Click Wipe from the ellipsis drop-down in the upper-right corner to reset the device. Factory reset returns the device to its default settings. This removes all personal and company data and settings from this device. You can choose whether to keep the device enrolled and the user account associated with this device. You cannot revert this action.

      • Wipe device, but keep enrollment state and associated user account

      • Wipe device, and continue to wipe even if device loses power. If you select option, be aware that it might prevent some devices running Windows 10 and later from starting up again.

    • Delete – Click Delete from the ellipsis drop-down in the upper-right corner to delete the device. The device will no longer allow access to the company's corporate resources. Company data may be wiped from the device if it tries to check in after it is deleted.