Forum Discussion
Intune 403 error - When accessing InTune Portal
Hi Intune Community,
I have two users who I have given them the Application Manager role with full access, under Tenant Admin --> MEM roles but they are receiving following access error when they try to reach Intune/Endpoint Manager:
I read https://techcommunity.microsoft.com/t5/microsoft-intune/401-and-403-error-when-logging-into-endpoint-admin-center/m-p/1713817#M5226 link, which does not apply to our environment. As we already have the MDM set-up and running.
Any thoughts/help appreciated.
- Hi.
the microsoft documentation is a little bit hard to read. But yes indeed... just like the screenshot I posted.. All devices/All users otherwise it is not going to work
8 Replies
I was having the same issue and after much google searching and digging found this link on another post. I tried it and it worked perfectly for me. Now I am able to access everything.
https://support.microsoft.com/en-us/office/set-up-basic-mobility-and-security-dd892318-bc44-4eb1-af00-9db5430be3cd#activatemdm- Hi,
I don't know for 100% sure if this still applies... but I guess it's worth taking a look at it:
https://www.enhansoft.com/how-to-add-the-intune-service-administrator-directory-role-to-a-user-account/#:~:text=Intune%20Service%20Administrator%3A%20Users%20with,Azure%20AD%27s%20Conditional%20Access%20settings.- Thanks for your reply,
We dont want to give admin role, as it has full privileges. They shouldn't be given tat role.
They just need to manage the apps(upload, change properties ,assignments,etc.) so that is why I gave them MEM roles.Hi...
Ahhh okay. Pretty good point. Do you have configured scoping or only added the user/group to the buildin roleDoes the user have access to other parts like device configuration profiles? Just tested it my self.. I made a copy of the application manager role and assigned it the the Intune_app_group (my tset ser is a member) and included all devices and users... it took about 5/10 minutes before i could access the application page (the first time I logged in ... i had the same error)
