Share via

Intune - The input method you're trying to use isn't allowed. To learn more, contact your network administrator.

Marcelo Pissinati - LDB 0 Reputation points
2024-10-11T10:14:39.6133333+00:00

After migrating my hardening policy from AD onprem to Intune, all machines started to present:

The input method you're trying to use isn't allowed. To learn more, contact your network administrator.

I undid the entire configuration, even so some problems happen again.

It deleted the Users group from Allow local logon.

I appreciate if there is anyone who has gone through this.

Regards,

Marcelo

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,663 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,222 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 49,436 Reputation points Microsoft Vendor
    2024-10-14T01:31:00.6466667+00:00

    @Marcelo Pissinati - LDB, Thanks for posting in Q&A. From your description, it seems the error comes after we delete the Users group from "Allow local logon".

    For Users group, this is a built-in group which include authenticated users.

    To let users can login, we can add it back. To do this, we can follow the steps in the following link:

    1. Go to Intune admin center, Devices->Configuration, click Create, New Policy, Platform: Windows 10 and late. Profile type: Settings Catalog. click create.
    2. Type profile name, Add settings, find "Allow Local Log On" setting and add back the Users group to make it work. User's image

    For SID of the group, here is a link you can refer.

    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-identifiers

    1. Under assignment, add the affected device group under include to assign this policy to the affected devices.
    2. Sync policy to the device and wait for some time and see if it can work after the policy is applied.

    Here is a link list the steps for your reference.

    https://inthecloud247.com/using-a-sid-for-user-rights-in-the-intune-settings-catalog/

    Note: non-Microsoft link, just for the reference.

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.