Mobile Device Management of Office 365
Editor’s note: The following post was written by Windows IT Pro MVP Terry Lau as part of our Technical Tuesday series .
I'm going to talk about wipe options and un-enrollment scenarios of Mobile Device Management (MDM) on Office 365. Many Mobile Device Management platforms support "Full wipe" and "Selective wipe" for administration.
Wipe options on Mobile Device Management on Office 365
What are "Full wipe" and "Selective wipe" on Mobile Device Management?
"Full wipe" - Factory reset of the managed devices and the device record will be removed on the Mobile Device Management console (it depends on which product). All data, including personal data, is deleted.
"Selective wipe" - Remove data, applications and management profile which are published by your organization. User’s personal data isn't affected.
To remove wipe devices, Full or Selective, make sure devices connect to data network. If not, the wipe command cannot be applied to devices.
Remark: When administrators press "Full wipe" or "Selective wipe," the device record will be deleted automatically on Mobile Device Management of Office 365, whether the device wiped or not.
Except for performing "Full wipe" or "Selective wipe" on Mobile Device Management of Office 365 by administrators, users still can perform "Full wipe" on "Mobile devices" of Outlook.
However, the device record still remains on Mobile Device Management of Office 365.
If the user re-enrolls MDM on the wiped device again, two device records for the user are left on Mobile Device Management of Office 365 and "Comp Portal."
It's difficult for administrators to identify which is the currently managed device. On the user side, it can be based on the task bar of Comp Portal which is the old device record.
There are only three buttons on the old device record. Press "Remove" to delete the device record.
Microsoft should update the portal to display the last check-in time of the device records on Mobile Device Management of Office 365.
Remark: Based on my testing, users need to click "Comp Portal" to apply "Selective wipe" command to the device on Windows Phone 8.1. According to Wipe a mobile device in the Office 365 article, the command should be applied to the device immediately. Furthermore, I pressed "Selective wipe" for my Windows Phone 8.1 but the device still can send and receive email of the user account of Office 365 by ActiveSync after applying the wipe command.
Un-enrollment on Mobile Device Management of Office 365
There are two methods to un-enroll MDM on user devices. The first one is click "Remove" on the device of "Comp Portal."
However, the device is required to be connected to Internet.
Another method to un-enroll on the device is to click “Settings > General > Device Management > Management Profile > Remove Management."
After removing the device profile on Mobile Device Management, the device synchronizes the un-enrollment information to Office 365 if data network is available. Then,the device record will be deleted on Mobile Device Management of Office 365.
About the author
Terry Lau is an operations consultant in a system integrator company. He's responsible for providing design, implementation, configuration and support for products which are related to Microsoft solutions like Virtualization, Enterprise Mobility Management and so on.
Terry is a blogger. He likes to share IT knowledge on his blog. His blog focuses on Microsoft technologies like Hyper-V, Enterprise Mobility Management, Microsoft Azure and so on.