Forum Discussion
taffe1337
Apr 02, 2024Copper Contributor
Intune Account Protection, remove local admin
Hello folks,
I've encountered a issue while attempting to remove local administrators through Intune's Endpoint Security, under the Account Protection section.
My plan was to enforce this policy across different tenants, but I've run into a problem.
I applied this setting to three different tenants.
I received error messages in the report for the profile on two of them, while it was successfully applied on the third. The error details are as follows:
- Setting: Group Configuration
- Error Type: 2
- Error Code: 65000
I checked if the Windows feature version might be related, but the issue persists even on the most recent versions. I also explored any differences between Windows Pro and Business editions.
- Has anyone else encountered this specific issue, and if so, how was it resolved?
- Are there known compatibility issues with certain Windows versions or editions that I might have overlooked?
Thank you in advance for your time and assistance.
- SebastiaanSmitsSteel Contributor
Are you using the following configuration: 'Local user group membership' or are you using something else? So this configuration: https://techcommunity.microsoft.com/t5/intune-customer-success/new-settings-available-to-configure-local-user-group-membership/ba-p/3093207
If this is the case, can you share more detail of the rules you are creating?
- taffe1337Copper Contributor
Hello! SebastiaanSmits, sorry for my late answer, I hope i'm not to late.
This is how my setup looks like, I mark all the users I want it to apply on, then I assign it on a group were the users are included in.
It has worked on some organisations.
Thank you for any help!