Just letting folks know that we've observed an issue with deleted devices re-adding themselves silently to the console after being deleted. I have navigated this several times with support and haven't really gotten anywhere useful.
Here's what's happening:
We get devices in and process them for application data. During the process, we delete the devices from the console. The device may be on or off during the deletion. Sometimes, the device immediately gets the message to wipe after it is deleted from the console. Other times, it can take several minutes or hours.
If, for whatever reason, you sync the device to the console BEFORE it gets the wipe command, the device gets added back into the console AS A NEW DEVICE. However, this new device, which in my mind seems like a new enrollment, stays enrolled to the same user, and eventually gets applied the same profiles (but seemingly only because they are already installed on the device). ' Eventually' is important, because until the device is synced several times, the console isn't fully aware of the device SN or really anything beyond the user name. Most importantly, this causes the wipe command to be lost, because the device gets a NEW DEVICE ID in the console, and previous wipe messages are queued for the old device id. You can see this in the event logs, even after a device has been deleted. One would expect that a device which is assigned a new device ID would trigger a user and admin notice of a new enrollment. However, for whatever reason (TOS already accepted on device?), there is no new enrollment email. So you, as an admin, have no clue that the device is back in your console except by running reports or physically inspecting the device. From a DLP standpoint, this has some concerns. Perhaps you think it is not a good thing to immediately delete devices from the console. It has been suggested that devices be unenrolled and then deleted. However, we are looking to keep our enrolled footprint clean so that our metrics are a little more accurate. I suspect the difference in time between unenrolling and deleting is not going to be significant enough to prevent this if a device is powered on after the deletion. So, once we no longer need a device in MDM, we want them gone. Also, devices have to be deleted before you can re-enroll them to a new user in most cases.
Our devices are all enrolled in AE/A4W Work-Managed mode. We've seen this on both Nexus 7 FHD (2013) tablets and Honeywell CT60 devices.
I guess the whole point of this post is not so much to start controversy, but rather to make sure people are aware of this odd quirk and possibly see if anyone else has seen this issue. (OK, so maybe that could start some controversy, but that's not what I'm shooting for.) The ALL-CAPS in the above are more about the surprisingly unexpected behavior than anything else.
FYI Support eventually discovered the bug and fixed it in console 20.03
Apparently this is a known bug with their shared SaaS environment, their internal reference number is AAPP-625 for this issue.
We have devices re-appearing weeks after they are deleted,
FYI Support eventually discovered the bug and fixed it in console 20.03