Forum Discussion
Managing Local Administrators on endoints using Intune
Hello, I need to frequently add and remove users from Administrators group on specific computers. I'm creating a policy (under Account Protection) which adds users to this group and I'm assigning th...
Hi Acme_Deepcred,
I am a little bit curious about the use case for frequently adding and removing users from the administrators group? 🙂
However, what do you experience when changing it? Also, what action do you use in your account protection policy?
I am a little bit curious about the use case for frequently adding and removing users from the administrators group? 🙂
However, what do you experience when changing it? Also, what action do you use in your account protection policy?
Hey, thanks for your answer.
The usage is simply giving employees local admin permissions on a computer for a limited time when they need it.
I'm not sure what you mean by 'action', I choose 'Local user group membership' under 'profile' when creating the policy.
Sometimes it works just perfect, and the user is added the local 'Administrators' group and sometimes nothing happens (even after doing a sync)
- Have you looked at Endpoint Privilege Management (EPM)?
It could help you with this and would be a lot easier for you as an IT administrator to maintain.