Restrict logon to Primary User

Gareth Roberts 186 Reputation points


We have a requirement to only allow the primary users of windows 10 intune enrolled laptops to be able to log in to their device, as well as administrators. The aim is to stop users from sharing laptops between themselves.

However this policy would need to be deployed to the entire user base.

Does anyone have a suggestion of how this could be achieved? I was hoping this scenario might have been documented by someone else in the past but so far I haven't been able to find anything.

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,090 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 31,121 Reputation points Microsoft Employee

    There is nothing directly built-in to achieve this today. There are a handful of community provided methods to do this though -- all involve running scripts on the endpoints. A quick web search should net you these methods -- I found these after a few seconds: and

    1 person found this answer helpful.
    0 comments No comments