This blog post will be about a new tool, written in PowerShell, to retire and/ or wipe a mobile device. Let’s start with the fact that I know that it’s possible to retire and/ or wipe a mobile device through the ConfigMgr console, but that didn’t stop me from creating this tool. The reason for that is related to how mobile devices are managed and who is usually responsible.
In most cases the service desk is responsible for helping end-users with their mobile devices. Now what if a company rather not provides the ConfigMgr console to the service desk, or a company wants to prevent the service desk from wiping a mobile device? That’s were this tool comes in place.
>> Available via download here on the TechNet Galleries! <<
Now lets start with a quick overview of this tool. The interface is pretty straight forward. It provides a textbox to provide a username. This textbox has a tooltip to provide information about the required information. After providing a username the Get button can be used to get the registered mobile devices of the specified user. The mobile devices, of the specified user, will be shown in the datagridview. After selecting a mobile device, in the datagridview, the Retire and/or Wipe buttons will enable, if applicable. Wiping a mobile device is not applicable for Windows (RT) devices.
This tool provides a few messages based on the actions performed by the administrative user. The following message can show, based on the provided input.
Before this tool can be used, the user, or service account, used to start this tool, requires at least the permissions as described in this post. Besides those permissions, there are no special requirements for using this tool. I also didn’t use the ConfigMgr cmdlets, which completely removes the dependency to install the ConfigMgr console (or do something creative with the cmdlets).
To start this tool the following parameters are available.
- SiteServer: This parameter is mandatory and should point to a server containing the SMS provider;
- SiteCode: This parameter is mandatory and should be the (primary) site code of the mobile devices;
- AllowWipe: This switch is optional and enables an additional button to wipe a mobile device.
All these parameters together will make a complete example look like this.
.\Retire-MobileDevice.ps1 -SiteServer CLDSRV02 -SiteCode PCP -AllowWipe
12 thoughts on “Retire or wipe mobile devices via PowerShell”
This is a great tool for our servicedesk!
Is it possible to also search by device-name?
We have many non-personal ipads in the schools that are device-orientated and shared between the students.
This means that we create 1:1 service-users for these ipads to join them to intune and we tag the devices with a device-name. The servicedesk ask the user for this name, and it would be perfect to have the ability to also search for the name of the device in this tool.
At this moment it only works with specifying the user name, but it’s great feedback for future updates.
When I review the primary devices via CM, I see a mobile device for the user.
When I run the PS1 tool, I receive “Please provide an user with a primary mobile device”
The account for which I am running the tool has appropriate permissions in CM.
CM is 2012 R2 CU3
Not completely sure what you mean. Did you enter a user name, pressed Get Mobile Devices and it didn’t get any results?
Correct. After clicking Get Mobile Devices, it returns the ““Please provide an user with a primary mobile device” box.
Thank you for the quick response!
In that case it sounds like the user has no mobile devices of which he is the primary user. If it does, please use the contact form for easier contact.
The reason why Jeff is having this issues is because of this:
PTCLOUD needs to be changed to his domain 🙂
Thanks for the tool Peter, was looking for something like this.
Thank you Daniel and NianIT! That indeed could be a very good reason.
Also, a new and more advanced version of the tool is available here: https://www.petervanderwoude.nl/post/updated-tool-remote-mobile-device-manager/
Jeffs problem is probably due to the domain being wrong in the tool.
You could replace PTCLOUD with $env:USERDOMAIN in the code to make it work automatically.
This will be true as long as he runs the tool with a user in the same domain.
Does this work with Intune mobile devices? Our mobile devices are not managed by SCCM, only Intune. Would be cool to retire them via this script/interface.
This script was created for a hybrid environment. Nowadays, with PowerShell and Graph, it should be possible to create something similar for Intune.