Intune/Endpoint Manager Microsoft 365 Admin

Cleaning Up Microsoft Intune: Removing Unused Apps and Policies

13 hours ago
Liam Robinson
No Comments
Share This

Microsoft Intune is a powerful tool for managing devices and apps within your organisation. However, as time goes on, it’s easy for unused apps and outdated policies to accumulate, cluttering your management environment and potentially causing confusion or performance issues. Regular clean-ups ensure your Intune environment remains efficient and aligned with your organization’s needs. Here’s a step-by-step guide to help you declutter Intune.

Why Clean Up Intune?

  1. Improved Efficiency: Unused apps and policies can make navigating Intune more cumbersome, slowing down tasks like reporting and troubleshooting.
  2. Better Performance: Streamlining your configurations can reduce processing overhead on managed devices.
  3. Enhanced Security: Retiring outdated policies ensures that only current, compliant configurations are applied across your devices.
  4. Clarity for Administrators: A clean environment helps IT teams avoid applying or editing incorrect policies.

Step 1: Review Your Existing Apps

  1. Generate an Inventory:

In order to keep your Intune instance nice and clean, its important to take stock of what apps you have in the portal.

  • Navigate to Apps > All Apps.

Under filter, choose Assigned and select ‘Unassigned Apps only’

  • Review the apps with no assignments, If an app has no assignments, it is likely to be unused, unless you plan to assign it later.

You can also check the ‘Last Modified‘ date of apps with assignments, it could be that some assignments are set to ‘Uninstall‘ only, verify this is no longer needed and it can be marked for deletion if not.

  2. Remove Unused Apps:
    • Select the app you wish to remove Click the Ellipsis (3 Dots), and click Delete.

Note: If an app has dependencies  enabled, you will have to edit the application and remove the dependencies before it will allow you to delete.

 

Step 2: Audit Policies and Profiles

  1. Evaluate Existing Policies:
    • Review Configuration Profiles, Compliance Policies, and App Protection Policies.
    • Check their assigned scope and determine whether they are still relevant.
  2. Analyse Deployment Statistics:
    • Use reporting tools within Intune to identify policies with low assignment rates.
    • Identify conflicting or overlapping policies that could be consolidated.
  3. Retire Outdated Policies:
    • Before deleting a policy, unassign it from all groups.
    • Test the removal to ensure no negative impact on device configurations.
    • Delete the policy once verified as unnecessary.

Step 3: Optimise Assignments

  1. Group Clean-up:
    • Review Azure AD groups associated with app and policy deployments.
    • Remove or merge inactive or redundant groups.
  2. Use Dynamic Groups:
    • Where possible, replace static groups with dynamic ones to automate assignments based on device or user attributes.
  3. Simplify Scopes:
    • Consolidate similar policies and use fewer, broader groups to simplify management.

Step 4: Document and Monitor

  1. Maintain a Change Log:
    • Document the apps and policies you’ve removed, including the reasons for removal.
    • This helps maintain accountability and provides a reference for future audits.
  2. Set Up Regular Audits:
    • Schedule biannual or quarterly reviews of apps and policies to ensure continued relevance.
  3. Use Automation:
    • Leverage Intune’s reporting features and PowerShell scripts to automate parts of your clean-up process.

Tips for a Smooth Clean-up Process

  • Communicate with Stakeholders: Notify affected teams or departments about planned changes to ensure alignment and avoid disruptions.
  • Test Before Deleting: Always test the impact of policy or app removal in a controlled environment before applying it to production.
  • Use Tags or Naming Conventions: Implement a consistent naming scheme to easily identify old vs. current configurations.

By periodically cleaning up unused apps and policies in Intune, you’ll not only improve the manageability of your environment but also ensure a smoother experience for your end-users. Make this a regular practice, and your Intune setup will remain lean, effective, and ready to adapt to your organization’s evolving needs.

Did you enjoy this article?
Signup today and receive free updates straight in your inbox. We will never share or sell your email address.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Intune/Endpoint Manager Microsoft365

Configuring Managed Home Screen Sign-In for Android Tablets: A Step-by-Step Guide

3 weeks ago
Liam Robinson
Exchange Online Microsoft 365 Admin Microsoft365

Automatically set out of office replies for all users (Microsoft 365)

4 weeks ago
Liam Robinson
Microsoft 365 Admin Microsoft365 Powershell

How to change username (UPN) in Microsoft365 using Powershell

4 weeks ago
Liam Robinson
AI Group Policy Intune/Endpoint Manager Windows 11

How to disable Copilot in Windows 11 using GPO or Intune

6 months ago
Liam Robinson