Forum Discussion

WaySlow's avatar
WaySlow
Copper Contributor
Jun 04, 2025

Temp admin for personal hosts

Hello,

We're looking to implement personal host pools for engineer users.  These would be Windows 11, entra-joined and managed via Intune.  Is there a recommended method to grant these users temp local admin?  On our physical endpoints we've been using MakeMeAdmin, but thats not working for our test hosts.  I've seen that PIM is an option but can be pricy.  

 

Thanks.

3 Replies

Sort By
  • KartikDogra's avatar
    KartikDogra
    Copper Contributor
    Jun 09, 2025

    If you are using AVD Personal Pools then you can create an Entra group and add members in that entra group. this group then can be give RBAC role in IAM  i.e. virtual Machine administrator at either resource group where VM's belong or at the Virtual Machines level. Users in that group will get the admin rights on VM's 

  • jlou65535's avatar
    jlou65535
    Iron Contributor
    Jun 06, 2025

    Hey I think you are right, PIM and LAPS could be your only choices on that one

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Jun 05, 2025

    You may consider Intune Local User Group Policy, Azure AD PIM, SLAPS even PowerShell Scripts via Intune.

Resources