Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.ravenna.ai/llms.txt

Use this file to discover all available pages before exploring further.

Use Microsoft Intune actions in workflows to automate device management operations including remote wipes, policy syncs, key rotations, and script assignments.

Actions

Autopilot reset

Triggers a wipe and re-provision of a Windows device via Autopilot. The device is reset to a factory-like state and re-enrolled through Windows Autopilot, applying your organization’s provisioning profile automatically.
An Autopilot reset wipes all data from the device and re-provisions it from scratch. Confirm with the user before running this action.
Input fields:
  • Device - The Intune managed device to reset (semantic field, resolved from ticket context)
Common use cases:
  • Reprovision a device for a new employee without manual IT intervention
  • Reset a malfunctioning Windows device while preserving Autopilot enrollment
  • Prepare devices for redeployment through automated workflows
Retires an Intune-managed device, removing company data and management profiles while leaving personal data intact. Use this for BYOD offboarding or when a device should no longer be managed by your organization.Input fields:
  • Device - The Intune managed device to retire
Common use cases:
  • Remove corporate data from personal devices during offboarding
  • Retire devices that are no longer in use
  • Automate BYOD cleanup when employees leave the organization
Forces a device to check in with Intune and pull any pending policies, configuration profiles, or compliance updates. Use this when you need a device to apply changes immediately rather than waiting for the next scheduled check-in.Input fields:
  • Device - The Intune managed device to sync
Common use cases:
  • Push urgent policy updates to a specific device
  • Verify a device picks up new compliance requirements
  • Troubleshoot devices that appear out of sync with Intune policies
Rotates the BitLocker recovery key for the specified Windows device. The new recovery key is stored in Intune and available to administrators. Use this after a recovery key has been used or shared, or as part of routine key rotation policies.Input fields:
  • Device - The Intune managed device to rotate the BitLocker key on
Common use cases:
  • Rotate recovery keys after they have been disclosed during a support interaction
  • Implement scheduled key rotation as part of security compliance
  • Respond to security incidents by rotating encryption keys on affected devices
Performs a full wipe of an Intune-managed device, removing all data and returning it to factory settings. For macOS devices, a 6-digit unlock code is automatically generated and returned in the workflow output.Input fields:
  • Device - The Intune managed device to wipe
Output data:
  • macOS Unlock Code - A generated 6-digit PIN required to unlock macOS devices after wiping (only returned for macOS devices)
A full wipe is destructive and removes all data from the device. Make sure to back up any necessary data before running this action.
Common use cases:
  • Wipe lost or stolen devices to protect corporate data
  • Prepare devices for decommissioning
  • Respond to security incidents requiring immediate data removal
Assigns an Intune management script to a group, allowing it to run on all devices belonging to members of that group. Maps a Ravenna user group to the corresponding Entra (Azure AD) group for script targeting.Input fields:
  • Script - The Intune device management script to assign
  • Entra Group - The Entra (Azure AD) group to assign the script to
  • Organization - The organization context for the assignment
Common use cases:
  • Deploy remediation scripts to specific teams or departments
  • Assign configuration scripts as part of onboarding workflows
  • Automate script deployment based on access request approvals
Learn more about configuring workflows and setting up the Intune integration