Another new Intune Wipe option – continue even if the device losses power

In a previous post, Autopilot Reset – What does it do? How is it different?, we covered the different Wipe options in Intune. Lo and behold, a few months later and we have another new wipe option! Let’s review.

Open the Microsoft Endpoint Manager console, and select a Windows device. Notice the new checkbox in the Device wipe options in Intune, “Wipe device, and continue to wipe even if device loses power. If you select this option, please be aware that it might prevent some Windows 10 devices from starting up again.”

Our latest device wipe option

If we take a look at the RemoteWipe CSP, we can find this setting quite easily. This is using the doWipeProtected setting, which was introduced all the way back in Windows 10 1703. For this article I’ll refer to this wipe as the Protected Wipe.

doWipeProtected CSP

To reiterate what the CSP doc says, doWipeProtected functions the same as a regular Wipe. That means the Protected Wipe option also restores a device back to its factory settings (back to OOBE). Just like before, this is what you should use for a lost or stolen device, since data can’t be restored.

The reason there’s a disclaimer, saying “it might prevent some Windows 10 devices from starting up again”, is if you’ve disabled Windows Recovery Environment (or messed with the partitions in general). If this was an issue when you used the regular Wipe command, it would just reboot into Windows. Now it will break the OS, requiring you to re-image it.

If you’d like to learn more about the CSP itself, take a look at a previous article where we ran the doWipeProtected command using PowerShell: How to use PowerShell to run any MDM CSP locally.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *