Forum Discussion
Admin Privilage for All users with Autopilot
Hi Guys,
There's a requirement from on of our clients to grant Admin privilege to all users who logs into their devices. I understand this is achievable via Autopilot.
My question is what would be the best solution for the users who has already logged into the devices? How can the requirement can be achieved via Autopilot or any other method? Would appreciate any help.
Cheers!
12 Replies
I have used the screenshot attached for small size company in the past, not ideal solution because it hits all the devices, but achieves your objective until the support of adding group to Local Admin with Intune.
Moe
- Hey Moe,
I checked this out, thanks for that!
Like I said above the number of users are pretty high to add as an Admin for all the Azure Ad devices. Would love if there was an option to add as a Dynamic Security group here.sheiksaad If I read the documentation; https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-restrictedgroups#restrictedgroups-configuregroupmembership
"The member SID can be a user account or a group in AD, Azure AD, or on the local machine."
A group in AAD. But it doesn`t work for me. I opened a support call for this, I want it to work either with a AAD group.
- Can you create a group which contains all users and push them as local admin to the machines? cfr https://www.inthecloud247.com/manage-the-local-administrators-group-with-microsoft-intune-hybrid-ad-joined-windows-10-devices/
Or else, you should create a Powershell script which adds the current user- Hey Thijs!
I had this in my mind at first but the problem is these are Azure AD joined devices. - Hey Peter!
Yes correct, these are Azure AAD joined devices.
