SOLVED
Home

Azure AD user in Windows 10 - local admin problem

Highlighted
Iivo Kerminen
Occasional Contributor

Azure AD user in Windows 10 - local admin problem

Hi

 

We have Office 365 Business Essentials and Premium licenses, we do not have AAD Premium, EMS, Intune licenses.

 

If I login to a new PC using some users (not O365 admin user account) O365 credentials, this user becomes a local admin in that PC.

 

But if I use some other user's O365 credentials (not O365 admin user account) to login to that same PC, this second user that log's in to the same PC is not a local admin.

 

Also, I can't find anywhere on that PC to change this.

 

How do I control which (O365) user account is local admin and which is not?

2 Replies

Re: Azure AD user in Windows 10 - local admin problem

Solution

Re: Azure AD user in Windows 10 - local admin problem

Hi

 

Like I said, we do not have AAD Premium, EMS, Intune licenses. Those steps require EMS licenses or AAD Premium.

 

I was able to set the secondary login account as admin account. Login using this secondary account, go to Control Panel/User Accounts/User Accounts/Change your account type and use O365 admin account or the first account used to login to PC to go past UAC. This way you can upgrade user account as local admin.

 

Based on this link

https://community.spiceworks.com/topic/1580701-azure-ad-users-given-local-admin-permissions

it is not good idea to downgrade the first (O365)account used to login to PC as standard user. 

Prefer to use O365 admin account or some other O365 account used as local admin account when login the first time to PC and add the actual user account to PC after this. This way normal users do not have local admin permissions and you dont have to downgrade user account permissions.

Related Conversations
Conditional Access based on location only?
Jim Kacerguis in Azure on
2 Replies
How to locate storage account belongs to azure VM disk
Suhag Desai in Azure on
7 Replies
Tuesdays with Corey: Azure Migrate Tool demo
Rick Claus in Azure on
1 Replies
Report on users with MFA Enabled
Damon Betlow in Azure Active Directory on
18 Replies
OMS UPdate management not working at all
Carsten Stahlberg in Azure on
10 Replies