Forum Discussion
How do I add users synced from AD to AAD as local administrators on Windows 10 devices with OMA-URI?
Hi, I am trying to create a custom policy to add users as local admin on devices with the OMA-URI "./Device/Vendor/MSFT/Policy/Config/RestrictedGroups/ConfigureGroupMembership". This works fi...
JorgenSundet
Anything in event log on the client, DeviceManagement-Enterprise-Diagnostics-Provider ?
Your syntax looks ok and as you are saying, it works for cloud only.
If they should be added to all devices, have you tried adding them with "Additional local administrators on Azure AD joined devices" that you find under Device -> Device Settings in Azure AD?
Global admins and device owner gets local admin rights by default.
Another options is by PowerShell - “net localgroup administrators AzureAD\testuser@contoso.com /add > nul 2> nul” | cmd
JT