With the Intune update in the week of July 2, 2018 on of the new feature is automatic device cleanup so that we don’t need to run a device cleanup script anymore.
There are some limitation in the feature but in my option this is what the Intune customers are in need of.
How to enabled the cleaunup feature
Start the M365 Device admin center
Set your Intune device cleanup rules to delete Intune MDM enrolled devices that appear inactive, stale, or unresponsive. Intune applies cleanup rules immediately and continuously so that your device records remain current.
- Click devices
- Click Device cleanup rules
- Select Yes
- Set a number between 90 and 270 of days – if you need a highter or lower number of days you need to scripts the device delete
- Click on the link to see effected devices
- Click Save
Note: Remember that the devices is only deleted in Intune and not in AzureAD
After you click Save, all devices that have been inactive for the specified number of days will immediately be deleted from Intune. Intune will continue to delete devices as they exceed the number of set days. Reports with data about the deleted devices may take up to 48 hours to refresh.
The device Dashboard before the cleanup:
The device Dashboard after the cleanup
Cloud First 
Thanks for the summary of this topic. In our case this function is not usable since our Android for Work devices not leaving a login-time stamp and all android devices including Outlook-App logins would be cleared. So actually – not usable at least in our case or I’am missing a point. 🙂
By any chance do you know how we can restrict this access to this for Helpdesk role.
Looks like non Intune admin can also access this and enable the rule.