Add Local Administrators to Windows 11 Machines Using Microsoft Intune

This Microsoft Intune article will show how to add users to the local administrators’ group using Intune.

By default, On Autopilot machines, users are not part of the local administrators’ group and don’t have permission to change the systems.

We can make specific users or group local admins to allow a group of users besides the Microsoft 365 Global Administrators to make system changes.

This post will show how to use Microsoft Intune to add users to each machine’s local administrators’ group.

Add Users to Local Admins Group

To complete this task, we need to create an Account Protection policy and apply it to all the machines we need to add local admins.

To create a policy, Open Microsoft Intune

Click on Endpoint Security

Under the Manage section, click on Account Protection

Click on Create Policy

Select Windows 10 as the platform

In the profile section, select Local user group membership

Use the Configuration settings and select Administrators and select the Users or Groups

Assign the policy to computers and wait for the settings to apply.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.