Forum Discussion

Louis_H440's avatar
Louis_H440
Copper Contributor
Sep 21, 2023

Linking local admin account to Intune / AD

Hello,    We are in the process of setting up Intune for our organisation and are working on designing the process for enrolling each user's device. Currently, each users' account is set up as a lo...
Intune
mobile device management (mdm)
LeonPavesic's avatar
LeonPavesic
Silver Contributor
Sep 21, 2023

Hi Louis_H440,

To link a local admin account to an AD account in Intune, you can use the following steps:

  1. Create a new user account in Azure AD for the local admin account. The user account must have the same username and password as the local admin account.
  2. Enable Azure AD Connect to synchronize the new user account to your on-premises Active Directory.
  3. Once the user account has been synchronized, you can enroll the device in Intune using the company portal.
  4. When the device is enrolled, Intune will create a new user account on the device using the Azure AD user account.
  5. Intune will also add the Azure AD user account to the local administrators group on the device.

Once the device is enrolled and the user account is linked to the AD account, the user will be able to log in to the device using their Azure AD credentials and will have local administrator privileges on the device.

Here are some additional things to keep in mind:

  • You can also use the Microsoft Endpoint Manager Admin Center to link a local admin account to an AD account. To do this, go to Devices > All devices > [Device name] > Account. Under Local admin account, click Link to Azure AD account.
  • If you are using a hybrid Azure AD environment, you must make sure that Azure AD Connect is configured to synchronize user accounts from your on-premises Active Directory to Azure AD.
  • Once a user account is linked to an AD account, the user cannot log in to the device using a local admin account.

    Here are some useful links you can use:
  • Manage local administrators for Azure AD joined devices: https://learn.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin
  • Link a local admin account to an Azure AD account in Intune: https://learn.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin


    Please click Mark as Best Response & Like if my post helped you to solve your issue.
    This will help others to find the correct solution easily. It also closes the item.


    If the post was useful in other ways, please consider giving it Like.


    Kindest regards,


    Leon Pavesic

Louis_H440's avatar
Louis_H440
Copper Contributor
Sep 21, 2023

Thanks for the quick response, LeonPavesic! I'll test the process and get back to you.

Resources