Share via

MDM / Intune can't change primary user - it's greyed out!

PrimaryUser 6 Reputation points
2022-03-11T12:25:56.863+00:00

Hi there,

I searched for this issue about hours without any working solution.

The Issue is, that I can't change the primary user - option is greyed out

Just for understanding:

the primary user is the user who got the device from IT department.?
Enrolled by is the specific it support, who connect that device to mdm?

![182243-grafik.png]1

Looks like that this issue concerns only devices, which registered to MDM by hand (Windows-Search: Enroll in MDM only)

Can anyone confirm and exist already a solution for that issue?

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,441 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alec Hildreth 5 Reputation points
    2024-02-16T16:32:21.25+00:00

    Un-enrolling and re-enrolling (with a different account) fixed the issue for me (at least on the first device I have tried). Go into the Settings, Access Work or School page and Disconnect the device from MDM. Then rejoin it to MDM like you normally would. It will take a bit to check in to Intune. I ended up with a duplicate device in Intune and deleted the original, but I was able to assign a different primary user to the newly enrolled instance.

    1 person found this answer helpful.
    0 comments
  2. Aravinth Mathan 321 Reputation points
    2022-03-11T15:34:04.277+00:00

    Hello @PrimaryUser

    I would suggest you to verify below

    1. Make sure you have enough permission to modify objects in intune - preferably Intune admin role
    2. Only devices that are hybrid joined or azure ad joined are allowed to have primary user field modified. If the device is AAD registered, it's not allowed
    3. Primary user are populated during auto enrollment process, so ensure the user in question has auto enrollment policy applied.

    >INTUNE>Devices>enroll devices > auto enrollment> should be set to specific group and user has to be part of it or to all users

    Regards
    Aravinth M
    Please mark as answer if tt was helpful

    0 comments
  3. Lu Dai-MSFT 28,356 Reputation points
    2022-03-14T03:08:11.697+00:00

    @PrimaryUser Thanks for posting in our Q&A.

    Based on my understanding, the primary user can distinguish if the device is a "Shared Device". When there's no primary user assigned, the device is referred to as a "Shared Device".
    Intune automatically adds primary user to devices during or soon after enrollment.
    https://learn.microsoft.com/en-us/mem/intune/remote-actions/find-primary-user#who-is-assigned-as-the-primary-user

    "Enrolled by" is the user account we used to enroll the device to intune.

    As AravinthMathan said, we can't change the primary user if the device is AAD registered. For windows devices, if the device is Azure AD join (bulk enrollment token) or Azure AD join (Autopilot self-deploying mode), it doesn't have the Primary user.

    If possible, please tell us what the enrollment method did you use to enroll the windows device. The enrollment method is in the following article:
    https://learn.microsoft.com/en-us/mem/intune/enrollment/device-enrollment#windows-enrollment-methods

    If there is anything update, feel free to let is know.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.