Shared PC and manage user

Copper Contributor

Hello Community,

How do you manage a shared PC in your organization or what is the best practice to managed multiuser shared device?


PC A is being used by multiple users that runs 24/7 somedays. All the users use same applications and software which is why local user in the PC is currently being used.

However, the organization also has Intune for managing their devices, in which PC A is not currently registered. If the organization like to manage the shared device and register their device, what it would be like and.

a. who will be the primary owner?

b. What policies in Intune is used for managing these PC?

c. Only allow selected Azure AD to use the PC.

Any help would be appreciated.


2 Replies
Hi Ashokdangol,

Good question!

A. Primary owner will be the device enrollment account (DEM) which you enrolled the workstation with.
B. That depends on the configuration policies you want to use. There is of course the Shared Configuration profile you can use.
C. You could try to following for example (Thnx Peter!):
You setup Windows Autopilot deployment profile to have Deployment mode set as "Self-deploy". Then the device has no primary user and will enroll itself during Autopilot. If you have Autopilot profiles with user-driven deployment modes, then you have primary user assigned but this is not for shared devices since you will get issues with the company portal when other users signing in other than the primary user.

You can manage shared devices with "Shared multi-user device" configuration settings. Here you can set rules to delete inactive accounts which is highly recommended. You also have "Shared PC Mode" which if enabled only allows one user at a time to sign in. (Best practice i feel to avoid conflicts in software)

Just keep in mind that there is a requirement for TPM 2.0 with self-deploy. If you have older models with TPM 1.2, try to check if you can update the TPM chip.