Have Intune remove devices from AAD and delete it's attributes.
When removing a device from Intune, have it delete the device from AAD and have it remove its attributes linked to intune.
Specially it required for mobile phones because in user-less enrollment the device ID get created in AAD though the device did not joined/register in AAD. When the device get removed from Intune it still remains in AAD and in groups which used by Intune for app, policies deployment.
I request Microsoft take some quick action here.