This Microsoft Intune article will show how to add users to the local administrators’ group using Intune.
By default, On Autopilot machines, users are not part of the local administrators’ group and don’t have permission to change the systems.
We can make specific users or group local admins to allow a group of users besides the Microsoft 365 Global Administrators to make system changes.
This post will show how to use Microsoft Intune to add users to each machine’s local administrators’ group.
Add Users to Local Admins Group
To complete this task, we need to create an Account Protection policy and apply it to all the machines we need to add local admins.
To create a policy, Open Microsoft Intune
Click on Endpoint Security
Under the Manage section, click on Account Protection
Click on Create Policy
Select Windows 10 as the platform
In the profile section, select Local user group membership
Use the Configuration settings and select Administrators and select the Users or Groups
Assign the policy to computers and wait for the settings to apply.