how to stop users from logging into a device except specific accounts

Bronze Contributor

Hi all,


Is it possible to only allow specific accounts to log into a device via intune? I want to stop all other users except 3 specific accounts. 




11 Replies
Hi Rudy as these accounts are only azure based and not local created accounts will this still work?

As stated in the article he is specifying a azuread\ user... so
Okay thank you! I will mark this as complete once tested! Appreciate your help!
Hi Rudy,

When setting this for multiple accounts would it look like so?

AzureAD\Email address removedEmail address removed&#Email address removed

or AzureAD\Email address removedEmail address removedEmail address removed

please help!
I would go for the  as also mentioned in the screenshot if i am not mistaken

Hi @Rudy_Ooms_MVP 


So I can manage to log in as myself (Admin) and exam1 but the other 2 exam2/exam3 no luck. 


Any ideas?


here is my config

Screenshot 2022-03-11 at 8.02.56 AM.png

@Rudy_Ooms_MVP This is the same question I have. How can I set this up for all users in the company that have been assigned a Intune managed device to login to only their assigned computers and no one else can login to their computer? I am confused with the string value that needs to go in here.



Were you every able to figure this out? Trying to do the same in our environment for non admin users
This worked for me.
Do you know if there is an Android device equivalent?