Microsoft Technical Takeoff: Windows and Microsoft Intune
Oct 24 2022 07:00 AM - Oct 27 2022 12:00 PM (PDT)

Remove "Administrator" rights from devices.

Occasional Contributor

We have a requirement to remove "Administrator" rights from our "Hybrid AD joined" devices. These devices are enrolled with "Administrator" user account type (Autopilot Profile).


Is there any way we could achieve this requirement?




3 Replies
I guess there are.. i assuming the workloads are moved to intune.
Shouldn't devices be enrolled with the user account (as "user") ?
I have once seen devices that haven been enrolled with the same (service) account in the start, and this creates issues for the users, because they cannot use the Company Portal if the user is not the same in Intune + on device.

We are pushing a local administrator using Azure, and devices are constantly cleaned up using step 3 as a script ( because of different languages on the devices.

By the way, if you have an international environment: a little highlight
I guess someone forgot to change it to User :).. Thanx for mentioning the blog :p Looking at it.. I realise I do need to update that powershell script :)