Forum Discussion
Allow only user account that is assigned to the device
How to restrict user account that has been assigned to the device in Intune?
I have setup the configuration profile and have entered everything but not sure what would go under
OMA-URI Value section?
What value will be for those users who have been assigned to that device and no one else should login with their credentials?
- Moe_KinaniBronze ContributorHi Oryxway,
Is this what you looking for?
https://www.inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/
Moe- oryxway390Brass Contributor
Moe_Kinani Yes, that is the one. But, I am not sure about that string that is there. What does that string do there?
We already have an account as a local admin account. but we just need to make sure that only that user assigned the device should be able to login. In order to achieve what should be the string?
- Moe_KinaniBronze Contributor
This policy should do it for you. The OMI is basicslly allowing AllowLocalLogon by using locsl Administrators group + Azure AD user you want to allow. So the value would like below:
Administrators AzureAD\email address removed for privacy reasonsHope this helps!
Moe