I have assigned some users the Cloud Device Administrator role, which says "Full access to manage devices in Azure AD." But when they try to update a device owner in AzureAD Powershell using the
Add-AzureADDeviceRegisteredOwner or Remove-AzureADDeviceRegisteredOwner cmdlets, they get this error:
Code: Authorization_RequestDenied Message: Insufficient privileges to complete the operation.
As a global administrator, I can change device owners using these cmdlets, but clearly I don't want to give them that role. Is there another role or permission I can assign that will allow changing device owners?