Forum Discussion

SamuelFromAityAG's avatar
SamuelFromAityAG
Copper Contributor
Apr 04, 2023

How to revoke elevation rights quickly in Endpoint Privilege Management?

We plan to use Endpoint Privilege Management for our users to get temporary rights to elevate access on their local client via my access packages. I have created 2 settings policies to achieve this: One that denies all elevations with all users assigned to and a second one that allows elevation for a specific group of users. This specific group of users is excluded from the "deny" group in the corresponding deny-policy.

When a user is in the "grant" group he/she is able to elevate, perfect. But when I remove the corresponding user from the "grant" group, it takes hours until the elevation access is revoked. Any ideas what I can do to speed up this? Sometimes, a reboot helps, but not always.

 

Thanks for your support!

Intune
Mobile Device Management (MDM)
  • Moe_Kinani's avatar
    Moe_Kinani
    Bronze Contributor
    Apr 05, 2023
    Hi Samuel,

    That’s expected behaviors for now, you might be luck if takes few hours, I have seen it taking few days. The feature is still in preview and may improve in the future.

    Moe
    • Rudy_Ooms_MVP's avatar
      Rudy_Ooms_MVP
      MVP
      Apr 05, 2023
      yep 4.... hours ... not the 8 hours that we could get with the default intune sync...but with the mmpc sync we got 4 hours 🙂

Resources