Tech Community Live: Endpoint Manager edition
Jul 21 2022, 08:00 AM - 12:00 PM (PDT)
SOLVED

Intune Read Role

%3CLINGO-SUB%20id%3D%22lingo-sub-3262556%22%20slang%3D%22en-US%22%3EIntune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3262556%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20guys%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20hope%20you%20guys%20could%20help%20me%20with%20this%20weird%20lil%20issue.%20I've%20assigned%20a%20security%20group%20for%20the%20Read%20Only%20Operator%20role%20in%20Endpoint%2FIntune.%20I've%20added%20three%20members%20to%20the%20group.%26nbsp%3BIn%20the%20Audit%20logs%20in%20the%20AAD%20it%20states%20that%20the%20membership%20is%20succeeded.%26nbsp%3BFor%20some%20strange%20reason%2C%20they%20can't%20see%2F%22read%22%20devices%20in%20the%20Endpoint%20manager%20portal%20and%20in%20the%20notification%20it%20states%20%22You%20haven't%20enabled%20device%20management%20yet.%20Click%20here%20to%20start%22.%3CBR%20%2F%3EI've%20tried%20to%20test%20it%20with%20a%20test-account%2C%20works%20perfectly.%3CBR%20%2F%3EHave%20any%20of%20your%20experienced%20this%3F%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3262556%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eendpoint%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3273466%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3273466%22%20slang%3D%22en-US%22%3ENo%20problem%2C%20glad%20to%20help!%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3273461%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3273461%22%20slang%3D%22en-US%22%3EGot%20an%20approval%20and%20it%20indeed%20fixed%20the%20issue!%20Thanks%20for%20your%20help!%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3264471%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3264471%22%20slang%3D%22en-US%22%3EHave%20to%20wait%20on%20an%20approval%20before%20I%20can%20make%20such%20a%20change%2C%20but%20I%20will%20keep%20you%20up%20to%20date!%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3264453%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3264453%22%20slang%3D%22en-US%22%3EDid%20it%20fix%20your%20issue%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3262670%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3262670%22%20slang%3D%22en-US%22%3EThis%20might%20be%20it!%20I%20will%20definitely%20check%20it%20out%20and%20let%20you%20know%20if%20this%20is%20the%20solution!%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3262586%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3262586%22%20slang%3D%22en-US%22%3EPerhaps%20this%20was%20configured%3F%3CBR%20%2F%3E%3CBR%20%2F%3E%22To%20be%20able%20to%20administer%20Intune%20you%20must%20have%20an%20Intune%20license%20assigned.%20Alternatively%2C%20you%20can%20allow%20non-licensed%20users%20to%20administer%20Intune%20by%20setting%20Allow%20access%20to%20unlicensed%20admins%20to%20Yes.%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Ffundamentals%2Funlicensed-admins%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Ffundamentals%2Funlicensed-admins%3C%2FA%3E%20%22%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3262577%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3262577%22%20slang%3D%22en-US%22%3EIs%20that%20necessary%3F%20Cause%20they%20don't%20and%20so%20don't%20I%20actually.%20But%20I%20do%20have%20the%20Intune%20Admin%20role%20and%20not%20the%20Read%20Only%20operator.%20Would%20that%20make%20a%20difference%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3262564%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20Read%20Role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3262564%22%20slang%3D%22en-US%22%3EDo%20the%20users%20have%20a%20Intune%2FEMS%20license%3F%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi guys,

 

I hope you guys could help me with this weird lil issue. I've assigned a security group for the Read Only Operator role in Endpoint/Intune. I've added three members to the group. In the Audit logs in the AAD it states that the membership is succeeded. For some strange reason, they can't see/"read" devices in the Endpoint manager portal and in the notification it states "You haven't enabled device management yet. Click here to start".
I've tried to test it with a test-account, works perfectly.
Have any of your experienced this?

8 Replies
Do the users have a Intune/EMS license?
Is that necessary? Cause they don't and so don't I actually. But I do have the Intune Admin role and not the Read Only operator. Would that make a difference?
best response confirmed by Djaswant (Occasional Contributor)
Solution
Perhaps this was configured?

"To be able to administer Intune you must have an Intune license assigned. Alternatively, you can allow non-licensed users to administer Intune by setting Allow access to unlicensed admins to Yes. https://docs.microsoft.com/en-us/mem/intune/fundamentals/unlicensed-admins "
This might be it! I will definitely check it out and let you know if this is the solution!
Did it fix your issue?
Have to wait on an approval before I can make such a change, but I will keep you up to date!
Got an approval and it indeed fixed the issue! Thanks for your help!
No problem, glad to help!