Forum Discussion
Intune Shared-Device Configuration - Disallow Entra Login
Hello everyone,
I am encountering an issue with our shared device setup in Intune.
Our organization manages devices through Intune, and we have configured shared devices specifically for external guests who only need access to a laptop and Microsoft Office products. While the setup generally works as expected, we’ve noticed an issue where users are still able to log in using Entra (Azure AD) accounts from our tenant, despite setting the Guest account configuration to "Guest" in Intune.
We would like to restrict access solely to the local guest account and prevent users from logging in with Entra accounts.
Our current configuration for the shared device profile is as follows:
Shared multi-user device settings:
- Shared PC mode: Enabled
- Guest account: Guest
- Account management: Enabled
- Account Deletion: At storage space threshold and inactive threshold
- Start delete threshold (%): 20
- Stop delete threshold (%): 50
- Inactive account threshold: 30
- Local Storage: Enabled
- Power Policies: Enabled
- Sleep timeout (in seconds): 600
- Sign-in when PC wakes: Enabled
- Maintenance start time (minutes from midnight): 60
- Education policies: Disabled
Is there a way to enforce this restriction, allowing only the local guest account and blocking Entra user access? Any guidance on this matter would be greatly appreciated.
Thank you for your assistance.