AVD Intune Device Record Removal
Intune-registered AVD desktop records are not automatically cleaned up as part of the desktop removal and rebuild process. To enable this automatic cleanup of these records, you must perform the following steps:
Assign the Required Permissions
The following permissions must be granted to the Nerdio Manager app service:
Device.ReadWrite.All
DeviceManagementManagedDevices.ReadWrite.All
Note: If Intune integration is enabled in the Nerdio Manager console, then the required DeviceManagementManagedDevices.ReadWrite.All permission already exists. If not, it must be added manually.
To assign the required permissions:
In the Azure portal, navigate to Microsoft Entra ID.
On the left, in the Manage blade, select App Registrations.
Search for and select your Nerdio Manager app registration.
On the left, in the Manage blade, select API permissions.
Select Add a permission and then select Microsoft Graph.
Select Application permissions.
Enable the required permissions, as shown below.
From the review screen, select Grant admin consent for , and then select OK.
The status changes from Not granted to Granted.
Set the Advanced App Service Setting
Once permissions have been granted, the app service setting Features:AvdHostEntraIdCleanup must be set to True.
To set the App Service setting:
See Advanced App Service Configurations for details about how to set Features:AvdHostEntraIdCleanup to True.
Comments (0 comments)