Is there a way to Downgrade admin account to standard account for Intune enrolled Mac's.

Copper Contributor

HI,

For Macs enrolled in Intune, we are required by policy to revert the admin account to a standard account.
As of right moment, every enrolled device has administrator account by default. So kindly assist in providing the answer.

1 Reply
HI,

I have found the solution, have tested it and working as expected.
visit - https://blog.eucse.com/macos-elevated-admin-rights-with-workspace-one-uem/
Copy and run as script. Make as admin-------- -----------



#!/bin/bash

loggedInUser=`/usr/bin/stat -f%Su /dev/console`

if [ "$CurrentUser" == "root" ] || [ "$CurrentUser" == "_mbsetupuser" ] ; then
exit 0
fi

#adds user to admin group (post-install)
dseditgroup -o edit -a "$loggedInUser" -t user admin





Make as standard --------------------------



#!/bin/bash

loggedInUser=`/usr/bin/stat -f%Su /dev/console`

if [ "$CurrentUser" == "root" ] || [ "$CurrentUser" == "_mbsetupuser" ] ; then
exit 0
fi

#removes user from the admin group (post-uninstall)
dseditgroup -o edit -d "$loggedInUser" -t user admin