@Abdul Azeez , From your description, it seems you have added an Azure AD account into the local administrators group to get local admin permission on the Azure AD joined devices. And you think it is not secure and want to control the Azure AD account which has local admin permission. If there's any misunderstanding, feel free to let us know.
I notice you have run script to make the enrolled user as standard user on the device. In General, Intune Autopilot Profile can choose the user's account type as standard user for enrolled user. Next time, you can set the profile and enroll with Autopilot to make it easy.
https://learn.microsoft.com/en-us/mem/autopilot/profiles
Meanwhile, Azure AD account is managed by Azure AD. If you want to make the account secure, you can change the specific Azure AD account password frequently. To do this, you can use "reset Password" in the following link:
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-reset-password-azure-portal
In addition, there are some policies can control AAD user account and password in AAD. You can read it to see if it can help you.
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy
As we are not familiar with AAD account and password, if you have more questions about it, to find the right support, you can open a new thread and add "Azure-active-directory" to get more help.
Thanks for your understanding.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.