08-13-2020 11:58 AM
Which of the standard admin roles is required to view bitlocker recovery keys for a device in intune?
08-13-2020 08:16 PM - edited 08-13-2020 08:25 PM
Hi Steve,
One of those should do it!
Global admins
Intune Service Administrators
Security Administrators
Security Readers
Helpdesk Admins
Hope this helps!
Moe
08-13-2020 08:21 PM
08-17-2020 06:09 AM
08-17-2020 10:25 AM
11-05-2020 02:10 PM
Interesting that we have to use excessive permissions from AAD to allow access to Bitlocker recovery keys. I don't think L1 needs to reset passwords, when they only need to relay the key to a user when needed. However, Helpdesk admin AAD role is the best we can do ATTM it appears.
In addition, the documentation