By Laura Arrizza – Program Manager II | Microsoft Endpoint Manager – Intune
We are pleased to announce a new experience to configure local user group membership settings for Windows devices. Th...
Updated Dec 01, 2023
Version 11.0
Blog Post
4 MIN READ
New settings available to configure local user group membership in endpoint security
I am experiencing the same issue as some of the other contributors on this thread. When using a AzureAD security group (either using the people picker or manually entering the SID) to the local administrators group I can see the group SID in the local admins group on the client but when I try and run an evaluated command and entering the correct user ID at the UAC prompt it doesn't work. If change the policy and use user rather than an group, it works as designed. I have a call open with Microsoft but it seems to be a bit of a hot potato as it just keeps getting bounced to different teams with none of them taking any interest, it's been almost 8 weeks now. The environment is pure cloud, no hybrid. All the PCs are Windows 11 Pro (22H2) and managed with Intune.
Any help gratefully received.
Rob