I’ve been asked by our support teams to see if there’s a way to automatically drop devices that haven’t checked in with Jamf within a certain timeframe (I.e. 30-90 days). In Config Manager on the Windows side, we have it set to 14 days. However, if we were to even set the device to unmanaged to drop out of Smart Computer Groups, when the device comes back online, it would have to be re-enrolled again.
This is mainly an issue with things like security patches and zero-day vulnerabilities where it may show 100 devices out of compliance, yet 20 of those haven’t been online in 90+ days. So after pushing a patch via a policy, we still show 20 out of compliance and 2nd level has to engage the customers to see what the status of those devices is.
How are you dealing with stale Macs and if/when they do come back online if the device is either unmanaged or the record is removed completely?