User rights company portal - enrollment Endpoint Manager

Iron Contributor


I have been looking a bit more into the rollout process of Endpoint Manager for MAC and Windows. For the manual rollout I used the Company Portal on both systems.
Unfortunately, I kept getting errors as soon as the user registering the device with Endpoint Manager did not have admin rights. Since adjustments are made to the system during registration, I can understand this.

Can I demote the user as a user after registering the device with Endpoint Manager? What about policy changes in Intune - do they propagate to the system if the user is only a user?

Thanks for the help

Many greetings

2 Replies

Hi @Stefan Kießig 


Exactly the same question bothers me too.
How do I remove admin rights after Intune installation / rollout
And also important for me: the user profile should remain available

Maybe there will be answers to the question soon, I would be happy


There are enough possibilities out there when you need to restrict the users in the admin group with the use of Intune