Forum Discussion

ChristineVacher's avatar
ChristineVacher
Copper Contributor
Apr 27, 2023
Solved

Permission to manage a group of devices

Some of our employees need to manage a small fleet of (approx. 30) AutoPilot/InTune enrolled devices.
We want to allow them to accomplish all remote tasks (only) on these devices (from "Retire" to "Locate device").
How can we achieve that?

(I wish we could simply assign them some built-in role but I don't know which one.)

Autopilot
Intune
RBAC
  • rahuljindal's avatar
    rahuljindal
    Apr 27, 2023
    What you need is scope tag and a custom role assigned to a dynamic AAD group containing these devices.

3 Replies

  • rahuljindal's avatar
    rahuljindal
    Bronze Contributor
    Apr 27, 2023
    What you need is scope tag and a custom role assigned to a dynamic AAD group containing these devices.
    • ChristineVacher's avatar
      ChristineVacher
      Copper Contributor
      Apr 27, 2023

      Thank you rahuljindal.
      So, no built-in role :sad:.

      I never created custom roles yet. I suppose that I should duplicate a built-in role.
      Should I start with Help Desk Operator?

      • rahuljindal's avatar
        rahuljindal
        Bronze Contributor
        Apr 28, 2023
        You can use built-in role if it meets your requirement.

Resources