I have a bit of a weird situation, already contacted Microsoft support, but hoping sages here know something. We are planning a change of UPN for our 700+ users. We are in the process of testing what consequences this will bring. ( I know, a lot! :) )
Here is the test case:
I changed the UPN of a test user in the local AD, and synced it to AzureAD with AzureADConnect. I then checked that the user contains no references to the OLD upn. I then tried to use roll out an intune device for this user (Both an iPad and an Android device).
Intune seems in both cases to dig up the old UPN from somewhere for these fresh/new devices. Android device actually gets stuck in a loop because the old UPN is used for authentication while that obviously no longer works.
The iPad seems to work, but any certificate i deploy on the device seems to contain the old username + UPN...
Sorry guys for a late answer: turned out to be super simple: The test user did not have a proper intune license assigned anymore.
Odd thing remains is that when there is no license, you will be able to roll out the android -or- iOS device, and it will revive old information.