User rights / Debug Programs

Question

hello&nbsp;when i try to configure a CSP in intune to allow no one to have the right to debug programs, all my devices falls in error in the intune console.I only tried to do this by configuration settings, not by OMA-URIan idea ? thank's

micheleariis · Answer

Hey! Let me quickly explain why you’re seeing that error.

When you try to configure a policy in Intune to completely remove the Debug Programs (SeDebugPrivilege) right using Configuration Settings, the CSP in Windows throws an error. This happens because it doesn’t accept an empty list - you must assign it to at least one account or group, usually Administrators or the System account.

Here’s how you can fix it:
Assign at least the Administrators group to avoid the error and keep things stable.
Use a custom OMA-URI if you really want to remove the privilege from everyone. But be careful - this needs thorough testing because it can have unexpected side effects.

alahel76 · Answer

this is what i done, and it works&nbsp;&nbsp;

micheleariis · Answer

Well, if you want to accept the solution as correct.Have a nice day

Forum Discussion

User rights / Debug Programs

Share

Resources