Forum Discussion

Ion Zubia's avatar
Ion Zubia
Brass Contributor
May 11, 2018

Is there anyway of using none-admin users on compliant devices?

Hi,

 

When working with Intune and Conditional access you need to use an administrator account to make any device compliant. However, is there anyway to use an standard user once the device is register in Azure and marked as compliant? I can only make it work with admin users.

 

Thank you,

 

Ion

  • What do you mean that you need to use an admin user to make it compliant?

     

    Are you auto-registering and auto-enrolling the devices in Intune?

     

    I have Windows 10 clients here with non-admin users, and they're marked as compliant in Intune. No extra steps by an admin user were needed to get to that state.

    • Ion Zubia's avatar
      Ion Zubia
      Brass Contributor

      Hi,

       

      I believe a hybrid environment is needed to accomplish this scenario. At the moment our premise infrastructure has 0 connection to our 365 and Azure AD.

       

      I'm forcing compliance to a few users, however, even if their Windows 10 machines are marked as compliant, these users will only be able to access their data if they're logged in with a local admin account. Otherwise access is denied and the device detected as non compliant.

       

      And no, I'm enrolling the devices manually.

      • Paul Cunningham's avatar
        Paul Cunningham
        Steel Contributor

        I'm confused why they are logging in with local admin accounts and then accessing Office 365 services. Can you explain why they are doing that?

Resources