Problems with duplicate devices?
When you swap a device by reimaging or reinstalling, the Hardware ID stays the same. This results in multiple Device Entries in Azure AD and causes issues with Conditional Access as Intune thinks the older version isn’t actually compliant even though Intune just has 1 record.
Most methods (such as Nicola’s) to combat this is by cleaning up stale devices in Azure AD based on their last Active Date. However, the downside of this method is that it may touch devices which weren’t duplicates, just dormant during, e.g. a vacation.
The following script detects duplicates based on the Hardware ID and disables or optionally deletes all but the most recent entry. It can supplement stale device removal based on Last Activity.
Note: this only works for Windows registered devices.
