cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Windows 365 Business Cloud PC Local Admin

rtccoupe
Occasional Contributor

‎Aug 04 2021 12:52 PM

‎Aug 04 2021 12:52 PM

Windows 365 Business Cloud PC Local Admin

Hello,

 

I have deployed Windows 365 Business and thus far it is working great.  However, I was wondering if each user is required to have local admin privilege's?  Thanks!

2,438 Views
1 Like
6 Replies
Reply
6 Replies
Eric Orman

‎Aug 05 2021 05:45 PM

‎Aug 05 2021 05:45 PM

RE: Windows 365 Business Cloud PC Local Admin

Yes, all users are local admins in the Business option currently of Windows 365, see the second paragraph here = https://docs.microsoft.com/en-us/microsoft-365/admin/setup/get-started-windows-365-business?view=o36...
0 Likes
Reply
msmotto21

‎Aug 12 2021 05:25 AM

‎Aug 12 2021 05:25 AM

Re: Windows 365 Business Cloud PC Local Admin

I have also asked myself this question. from a security point of view whether something can be changed. I simply created a new user in the computer administration and added this user to the administrators group. Then I took out my AD user. Afterwards you are always asked for increased rights in the UAC for installers and can enter the local admin. With this I think you have increased the security a bit.
If someone has a different opinion or would like to share some additional security advice with us, I would be very grateful.

Regards Sebastian
0 Likes
Reply
Eric Orman

‎Aug 12 2021 07:35 AM

‎Aug 12 2021 07:35 AM

Re: Windows 365 Business Cloud PC Local Admin

We are currently investigating capability to provisioning Business Cloud PC's without requiring users to be local admins, they would be standard users. There is problems with this because without MEM there will not be a way to perform elevated administration on these devices. More details to come as we continue our development/progress.
0 Likes
Reply
rtccoupe

‎Aug 12 2021 07:38 AM

‎Aug 12 2021 07:38 AM

Re: Windows 365 Business Cloud PC Local Admin

Thank you Eric. I bring this up as many MSPs have been asking how to remove the local admin for the user for Windows 365 Business Cloud PC and the current inability for them to do so is creating a barrier of entry for consuming the product. Thanks again!

Ryan
0 Likes
Reply
msmotto21

‎Aug 12 2021 07:47 AM

‎Aug 12 2021 07:47 AM

Re: Windows 365 Business Cloud PC Local Admin

Hi Eric, okay what does this exactly mean? Now im standard user but i have no problem with Microsoft Endpoint Manager. For example i could onboard MDE via Endpoint Manager (applying condigs works) .Does my described workarround currently have a technical limitation for me or have I restricted any service with it? Thanks. Regards Sebastian
0 Likes
Reply
Eric Orman

‎Aug 12 2021 08:19 AM

‎Aug 12 2021 08:19 AM

Re: Windows 365 Business Cloud PC Local Admin

@msmotto21, if we provision a Business Cloud PC for a user that is a standard user, that user will not have administrator access and therefore will not have ability to install and configure anything because they don't have permissions. If the device is MEM enrolled (customer would need to have auto enrollment enabled when the device performs AADJ) then MEM admin will be able to have full management capabilities.
0 Likes
Reply