Determine Defender for Endpoint offboarding state of Windows machines using PowerShell

The Defender portal sometimes takes an extended time to reflect the offboarding status of a machine, showing "Can be onboarded" which isn't definitive. This status can indicate either offboarding or a new device discovered by the device discovery service. The portal's advanced hunting feature lacks a direct field indicating offboarding. While device inventory shows onboarding status, it doesn't indicate if a device has been offboarded. A PowerShell script is provided to efficiently determine offboarding status, bypassing the typical seven-day delay. The script examines registry indicators related to onboarding and the state of the Sense service. It outputs an easily readable status and can export results to a CSV file. The script checks one or more Windows computers, locally or remotely. The script is available to quickly assess if a device has been offboarded from Defender for Endpoint. This script is intended to be simple but could be integrated with management tools. The author plans a future publication for Linux devices.