Share via

Azure AD Device Owners.

Anonymous
2022-12-14T13:54:37.207+00:00

Hi Techies,
I have a doubt regarding azure ad device owners.
While going through documentation I have seen a point that all device owners by default will have local administrator privilege.
But in my case, I have a scenario where a device owner is not having local administrator privilege.

270526-image1.png

270527-image.png

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,569 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
25,048 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dillon Silzer 57,826 Reputation points Volunteer Moderator
    2022-12-14T16:11:40.66+00:00

    Hi @Anonymous

    Device owners do not gain local administrator privileges.

    Please read the following documentation for managing local administrators:

    How to manage the local administrators group on Azure AD joined devices

    https://learn.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin

    ----------------------------------

    If this is helpful please accept answer.

    1 person found this answer helpful.
  2. Jason Sandys 31,406 Reputation points Microsoft Employee Moderator
    2022-12-14T20:01:41.9+00:00

    While going through documentation I have seen a point that all device owners by default will have local administrator privilege.

    Can you provide a reference link to this please?

  3. Akshay-MSFT 17,951 Reputation points Microsoft Employee Moderator
    2022-12-16T12:46:12.317+00:00

    Hello @Anonymous ,

    Kindly validate if the impacted user has Azure AD P1 or P2 license. If yes then try following:

    • Create a local admin on the device.
    • Launch CMD in administrator mode.
    • Run "dsregcmd /leave"
    • Sign in with a local account on the device.

    Please do let me know if you have any queries in the comments section.

    Thanks,
    Akshay Kaushik

    Please "Accept the answer", "Upvote" and rate your experience if the suggestion works as per your business need. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.