In this post, I will show more details about devices and the applications installed. This post contains Device inventory information in MS Endpoint Manager Portal. It contains the information like operating system, serial number & other hardware details, actions on the device properties. Sign in Microsoft Endpoint Manager admin center portal and go to devices -> All devices -> Select the device to show the device name, serial number, primary user and the below actions can be performed on the device.
Retire – Removing the managed data, email profiles and settings from intune that are no longer needed and leaves personal data from intune.
Wipe – Restoring a device to its factory default settings and the user data will be kept if you choose the check box called Retain enrollment state and user account.
Delete – You can delete the devices from the specific device pane.
Remote lock – Locks the device and the device owner can lock or unlock the devices using Pin or Password. Without pin or password, device cannot be remotely locked.
Sync – Forcing the selected device to check immediately and receives any pending action or polices and it helps you immediately validate and troubleshoot policies you’ve assigned, without waiting for the next scheduled check-in.
Reset passcode – Resetting passcode has both device level passcode reset and work profile passcode reset.
Device level passcode reset – It resets the passcode for the entire device.
Work profile passcode reset – It resets the passcode only for the user’s work profile on Android enterprise devices.
Restart – The Restart device action causes the device you choose to be restarted (within 5 minutes) and the device owner isn’t automatically notified of the restart, and they might lose work.
Fresh Start (Windows only) – This action helps to remove applications that are pre-installed on a PC running Windows 10, version 1709 or later.
Autopilot reset (Windows only) – Autopilot reset avoids the need of an employee to visit each machine to start the process. The device must be MDM managed and joined to Azure AD to enable a device for Autopilot Reset.
Quick scan & Full scan (Windows 10 only) – In Microsoft endpoint manager portal and select device you want to scan and select more from options, select Quick scan(recommended) or Full scan. Also, use windows security app to run a scan on the device.
Update Windows Defender security intelligence – Microsoft Defender Antivirus Security intelligence updates and platform updates are delivered through Windows Update. Keeping your antivirus protection up to date is critical.
BitLocker key rotation – You can remotely rotate the BitLocker recovery key of a device that runs Windows 10 version 1909 or later, and Windows 11. Azure AD-joined and Hybrid-joined devices have support for key rotation enabled via BitLocker policy configuration.
Rename device – This action help to rename a device that is enrolled in Intune and the device’s name is changed in Intune and on the device. Supported devices are
- Android Enterprise: Corporate-owned work profiles, Dedicated devices, Fully managed.
- iOS/iPadOS supervised devices with iOS 9.3 and later
- macOS 10 – Corporate-owned devices
- Windows – Corporate-owned devices
- Corporate-owned co-managed devices that are Azure AD joined
New Remote Assistance Session – Using TeamViewer, administrator can manage devices from Intune portal and the following devices are supported.
- Android device administrator (DA)
- Android Enterprise personally owned devices with a work profile (BYOD)
Hardware contains many details about the device, like the device ID, operating system and version, storage space, and more details.
Discovered apps lists all the apps that Intune found installed on the device, and the app versions.
Device compliance lists all assigned compliance policies, and if the device is compliant or not compliant.
Device configuration shows all device configuration policies assigned to the device, and if the policy succeeded or failed.
Recovery keys shows available BitLocker keys found for the device.
Managed apps list all the managed apps that Intune configured and has deployed to the device.
Hardware Device details:
- Device Details:
Name -> The name of the machine.
Management name -> The device name used only in the console. Changing this name won’t change the name on the device.
UDID -> The device’s Unique Device identifier.
Intune Device ID -> GUID for unique identification on the device.
Serial number -> The device’s serial number from the manufacturer.
- Operating System:
Operating system -> The operating system used on the device.
Operating system version -> The version of the operating system on the device.
Operating system language -> The language set for the operating system on the device.
Build number -> The operating system’s build number.
Total storage space -> The total storage space on the device (in gigabytes).
Free storage space -> The unused storage space on the device (in gigabytes).
- System enclosure:
IMEI -> The device’s International Mobile Equipment Identity.
MEID -> The device’s mobile equipment identifier.
Manufacturer -> The manufacturer of the device.
Model -> The model of the device.
Product Name -> The product name of the device, such as iPad8,12.
Phone number -> The phone number assigned to the device.
- Network Details:
Subscribe carrier -> The device’s wireless carrier.
Cellular technology -> The radio system used by the device.
Wi-Fi MAC -> The device’s Media Access Control address.
Ethernet MAC -> The primary Ethernet MAC address for the device. For macOS devices with no ethernet, the device will report the Wi-Fi MAC address.
ICCID -> The Integrated Circuit Card Identifier, which is a SIM card’s unique identification number.
EID -> The eSIM identifier, which is a unique identifier for the embedded SIM (eSIM) for cellular devices that have an eSIM.
Wi-Fi IPv4 address -> The device’s IPv4 address.
Wi-Fi subnet ID -> The device’s subnet ID.
- Conditional Access:
Activation lock bypass code -> The code that can be used to disable the activation lock.
Azure AD registered -> If Yes, the device is registered with Azure Directory.
Intune registered -> If Yes, the device is registered with Intune
Compliance -> The device’s compliance state.
EAS activated -> If Yes, then the device is synchronized with an Exchange mailbox.
EAS activation ID -> The device’s Exchange ActiveSync identifier.
Supervised -> If Yes, administrators have enhanced control over the device.
Encrypted -> If Yes, the data stored on the device is encrypted.