Share via

Intune - The input method you're trying to use isn't allowed. To learn more, contact your network administrator.

Marcelo Pissinati - LDB 0 Reputation points
2024-10-11T10:14:39.6133333+00:00

After migrating my hardening policy from AD onprem to Intune, all machines started to present:

The input method you're trying to use isn't allowed. To learn more, contact your network administrator.

I undid the entire configuration, even so some problems happen again.

It deleted the Users group from Allow local logon.

I appreciate if there is anyone who has gone through this.

Regards,

Marcelo

Windows for business Windows Client for IT Pros Directory services Active Directory
Microsoft Security Intune Other

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 53,981 Reputation points Microsoft External Staff
    2024-10-14T01:31:00.6466667+00:00

    @Marcelo Pissinati - LDB, Thanks for posting in Q&A. From your description, it seems the error comes after we delete the Users group from "Allow local logon".

    For Users group, this is a built-in group which include authenticated users.

    To let users can login, we can add it back. To do this, we can follow the steps in the following link:

    1. Go to Intune admin center, Devices->Configuration, click Create, New Policy, Platform: Windows 10 and late. Profile type: Settings Catalog. click create.
    2. Type profile name, Add settings, find "Allow Local Log On" setting and add back the Users group to make it work. User's image

    For SID of the group, here is a link you can refer.

    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-identifiers

    1. Under assignment, add the affected device group under include to assign this policy to the affected devices.
    2. Sync policy to the device and wait for some time and see if it can work after the policy is applied.

    Here is a link list the steps for your reference.

    https://inthecloud247.com/using-a-sid-for-user-rights-in-the-intune-settings-catalog/

    Note: non-Microsoft link, just for the reference.

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.