Share via

Set up new computer

Masja Brayer 0 Reputation points
2026-01-06T11:15:51.1233333+00:00

We purchased a new laptop and during the initial setup it was signed in using a work (Microsoft 365) account instead of a personal account.

After the setup was completed, every system change now requires administrator approval. We tried entering the credentials of our Microsoft 365 Global Admin, but this does not work.

We also assigned multiple admin roles to the user in Microsoft 365, but the user still does not have local administrator rights on the laptop.

The IT specialist then removed the device from Microsoft / Azure AD, but this also did not resolve the issue, because the laptop cannot be reset without local admin credentials.

Goal / Request

We need one of the following:

  • Recover or identify the local administrator credentials, or
  • Make the current laptop owner a local administrator,

so that we can reset the device and reconfigure it using a personal Microsoft account instead of a work account, to avoid admin approval requirements in the future.

Windows for business | Windows 365 Business
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Domic Vo 23,645 Reputation points Independent Advisor
    2026-01-06T11:47:33.02+00:00

    Hello Masja Brayer,

    What has happened here is that the laptop was provisioned as an Azure AD–joined device during the initial setup. In that mode, the first account used to sign in is treated as a cloud identity, but it does not automatically become a local administrator unless Intune or Azure AD policies explicitly grant that role. Assigning Microsoft 365 admin roles (Global Admin, etc.) in the tenant does not translate into local administrator rights on the Windows device. That is why you are blocked from performing system changes and cannot reset the machine without local admin credentials.

    Once the device was removed from Azure AD, the link between the cloud identity and the local profile was broken, but the underlying problem remains: there is no valid local administrator account available to authorize changes. Without one, you cannot reset or reconfigure the device.

    The only supported way forward is to use a local administrator account that was created during setup. If none was created, you will need to perform a full Windows reset or clean installation. Since you cannot trigger a reset from within Windows without admin rights, you must boot into the Windows Recovery Environment. Restart the laptop and hold Shift + Restart or boot from installation media. From there, choose Troubleshoot > Reset this PC. This process does not require local admin credentials because it is executed outside the OS. It will wipe the current configuration and allow you to set up the device again, this time with a personal Microsoft account or a local account as administrator.

    If you want to avoid this situation in the future, make sure that during initial setup you select “Set up for personal use” instead of “Set up for work or school.” That ensures the first account created is a local administrator tied to your personal Microsoft account. If you must use a work account but still want local admin rights, configure Intune or Azure AD to automatically add the first user to the local Administrators group (Device settings > Additional local administrators).

    I hope you've found something useful here. If it helps you get more insight into the issue, it's appreciated to accept the answer. Should you have more questions, feel free to leave a message. Have a nice day!

    Domic Vo.

    Was this answer helpful?

    0 comments

  2. AI answer

    2026-01-06T11:16:07.4033333+00:00

    To resolve the issue of lacking local administrator rights on your new laptop, you can try the following steps:

    1. Create a New Local Administrator Account: If you have access to another administrator account on the device, you can create a new local user account and grant it administrator privileges. This can be done through the Control Panel or Settings.
    2. Use Safe Mode: Restart the laptop and boot into Safe Mode. Sometimes, you can access the built-in Administrator account in Safe Mode, which may allow you to create a new local account with admin rights.
    3. Reset the Device: If the above options do not work, you may need to perform a factory reset. This typically requires local admin credentials, but if you can access recovery options, you might be able to reset the device without them.
    4. Contact IT Support: If the device is managed by your organization, contacting your IT department may provide additional options or tools they have for regaining access.
    5. Reinstall Windows: As a last resort, you can create a bootable USB drive with Windows installation media and perform a clean installation. This will erase all data on the device, so ensure that you back up any important files if possible.

    These steps should help you regain local administrator access or reset the device to configure it with a personal Microsoft account.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.