I have something of a mess on my hands. When these devices were joined, or "registered" with Azure AD, they had already been through OOBE and had local accounts created on them. I realize now that I should have used sysprep.exe to re-do the OOBE and join to Azure AD from there, however hindsight is 20-20 and I learned this later on. These PCs are on the other side of the country and I no longer have hands on them.
So these were registered to Azure AD while logged in with a local user account, going to settings -> accounts -> connect to work/school -> connect.
After registering to the AD domain, I went again to settings -> accounts -> "Enroll only in device management", in order to connect the computers to Intune.
Q1: If I were to run sysprep.exe remotely via screenconnect session, and chose the option to "quit" I'm guessing OOBE will run upon next reboot (so I can't do this remotely). Is there any better way to clean up this mess than deleting everything out from Azure AD and re-running OOBE?
Pics of mess, notice devices in azure AD don't match those in Intune:
[...]I should have used sysprep.exe to re-do the OOBE and join to Azure AD from there[...]=> Not necessarily, why? Take a look at this documentation to plan your Azure AD Join: learn.microsoft.com/en-us/azure/active-directory/devices/… or Hybrid Azure AD join if you want to join your AD Domain too: learn.microsoft.com/en-us/azure/active-directory/devices/…