🔧Platform-level Targeting for Device Cleanup Rules

Service: Microsoft Intune
Roadmap ID: 397886
Published: Not yet
Tags: Admin Impact, User Impact

Introducing platform-level targeting of Device Cleanup rules

🚧 In development but already live: You can access this platform-level cleanup capability right now in the Intune admin center.

What This Means for You:

• ✅ Granular cleanup scope: Create up to five separate rules (one per platform) so that stale devices are hidden only from the platforms you choose.
• 🔒 Scoped RBAC control: Define and assign unique “Device Cleanup Rule” permissions per platform, ensuring that only the right admins can create, modify, or delete each platform’s cleanup rule.
• 🔄 Intermediate targeting stage: Rules now run at the OS level, giving you an extra layer of precision before devices are permanently hidden.

How to Get Started:

1. Sign in to the Microsoft Intune admin center.
2. Navigate to Devices > Organize devices > Device cleanup rules, then click Create.
3. On Basics, enter your rule’s Name, Description, and select the Platform (All platforms, Windows, iOS/iPadOS, macOS, iPadOS, Android (AOSP), Android Enterprise).

1. Click Next and under Rule settings, set the number of days of inactivity (30–270) before devices are hidden.

1. Click Next, then Review + create to finalize.

1. To adjust RBAC: go to Tenant administration > Roles > All roles, select a role, and add the “Manage Device Cleanup Rule (Platform)” permission for each platform you want that role to manage.

Summary:

With platform-level targeting, you’ll keep your Intune tenant tidy and secure—tailored exactly to how your organization manages each OS. Enjoy the extra precision!

ℹ️ More info: Check out the official docs on creating a device cleanup rule.