Operational Defect Database
BugZero updated this defect 32 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
VMware | 97804
EntraID Partner Compliance - Device Un-enrollment Known Issue
Last update date:
4/17/2024
Affected products:
Workspace ONE
Affected releases:
No affected releases provided.
Fixed releases:
No fixed releases provided.
Description:
Symptoms
This article pertains to the Microsoft EntraID Partner Compliance sync for Conditional Access feature.When a device is un-enrolled from management, Workspace ONE UEM retains the Entra Device ID. While this helps with keeping track of obsolete IDs that correspond to stale device records in Entra, it causes an issue when the same device re-enrolls. Workspace ONE UEM will update the previous record in Entra as compliant and managed, even though the record will not be used again, since a new ID and record will be created when the device registers to Entra again. Once the device re-registers, the old record will be updated correctly to unmanaged and non-compliant, but there will be a gap between the re-enrollment and Entra registration.
Impact / Risks
Devices in this scenario will have their previous Entra ID records updated incorrectly following a re-enrollment, but before the new Entra registration occurs.
Resolution
Workspace ONE UEM will be implementing a change in a future release to delete the Entra device ID for devices that have unenrolled to prevent this issue from happening.
Workaround
As a temporary workaround, Workspace ONE UEM Admins should delete the device records from UEM before devices re-enroll.
