Share via

Intune - Run program as on prem admin/user

GonWild 426 Reputation points
2023-03-31T08:58:30.3066667+00:00

Hi, we got win11, AAD joined only, with cloud kerberos trust. Works great. However when trying to open certain local programs (like the configuration manager console), as a different user (on prem admin), windows security promt wont accept SAM accountname and password. (wrong username or password). It looks to be asking for email, which the on prem user doesnt have. Trying <doman\username> instead, but getting the error.

Is this just one of the limitations we gotta live with, or is there a workaround? (I could always RDP to a client that has these tools)

User's image

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,988 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,743 questions
0 comments
Accepted answer
  1. Pavel yannara Mirochnitchenko 12,411 Reputation points MVP
    2023-03-31T14:32:17.9266667+00:00

    So your computer accounts are AAD only but User accounts Hybrid? .

    Have you tried with FQDN, like ADDOMAIN.local\admin ?
    Can you ping your AD domain, DNS resolution works?

    Actually SCCM console delegation to workstation is a pain, with CM you need to add computer accunt as well to CM server local admins or so, so this specific need probably would not work. But you should access network shares with AAD machines still.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest