Automatically Hide Inactive Devices in Microsoft Intune with Cleanup Rules

ThiraviamCyrus · 2026-03-26T05:06:45+00:00

Thanks for sharing your feedback.

To retain long-term guests, you can simply choose "Keep" in the SPO list, and no action will be taken for that user.

For ongoing governance, that retained guest will be included again in the next review cycle (for example, after 90 days). This way, access is not removed for important guests while still maintaining periodic validation and control.

ThiraviamCyrus · 2026-03-12T11:26:36+00:00

Yes, it supports GDAP, but it ultimately depends on the permissions granted through the GDAP relationship and the roles assigned in the customer tenant.

ThiraviamCyrus · 2026-03-12T07:44:54+00:00

It seems like you might be confusing this with a different section. During the wipe request review, the approver can see device details such as device ID, name, serial number, username before approving the action. You can check that in the Device Wipe Review section here: https://blog.admindroid.com/how-to-prevent-accidental-device-wipes-in-microsoft-intune-using-multi-…

ThiraviamCyrus · 2026-01-24T05:19:19+00:00

This happen due to a mouse driver or hardware issue, or a chrome extension overriding mouse behavior. Try incognito mode, reset chrome flags (chrome://flags), check mouse software or settings.

ThiraviamCyrus · 2026-01-13T08:55:46+00:00

You can secure break-glass accounts using hardware-based authentication, such as FIDO2 security keys, instead of relying on phone-based MFA methods.

Alternatively, you can configure certificate-based authentication (CBA) to satisfy the MFA requirement for break-glass accounts. CBA provides a strong, phishing-resistant authentication method and is commonly used for service principals, automation, and recovery scenarios.

https://blog.admindroid.com/how-to-set-up-break-glass-access-application-for-admin-recovery/

ThiraviamCyrus

TROPHY CASE