![]() ![]() ![]() The above is true for Hybrid Join via Windows Autopilot unless you have configured the Autopilot profile to provision standard accounts.įrom a security perspective, you might be frowning at the thought of providing local administrator rights to the end-users. Irrespective of the join state, the user account performing the join is added to the local Administrators group on the endpoint. When discussing the local administrator account on MEM/Intune managed Windows 10 endpoints, we need to consider the two join states that the device can be in. Further considerations (if any, there are many…)ĭifferent ways to manage Windows 10 Local Admin accounts with Intune.Is it a good practice to set local admin accounts on the modern managed Windows 10 endpoints?.Use LocalUsersandGroups CSP starting Windows 10 20H2.Use Restricted Groups CSP from Windtill Windows 10 2004.Method #3 – Configure local admin via Intune using custom OMA-URI policy.Method #2 – Configure additional local admin via Device settings in Azure.Method #1 – Allow local admin rights on Win 10 endpoints via Azure AD roles.Different ways to manage Windows 10 Local Admin accounts with Intune. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |