In the policy you specify which user(s) or group(s) needs to have local admin rights. Although in that case they will become administrator on all Azure AD joined devices, which is not recommended when they only need to be admin on their own device.Ī good alternative is to give the user the admin rights via the local user group membership policy by making the user member of the local Administrators group via Microsoft Intune. Or via the “additional local administrators on all Azure AD joined devices” option in the Azure AD device settings. There are several ways to grant users these rights, for example via a separate Autopilot profile where you specify that users need to be local Administrator. I did several Intune projects at customers, and with almost every implementation a subset of users’ needs to have local administrator rights (for example developers).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |