How to add another user as local administrator on the machine that is joined to Azure AD?

By default only the person who joined the computer to Azure AD is granted local administrator rights. Adding someone as a 'primary user' in Intune does not grant them local admin access on the workstation. To add someone as local administrator on the machine that is joined to Azure AD, follow these steps:

  1. Ask the user to sign in to AAD, if they have never done it on this computer (this creates their local Windows profile).
  2. Sign in with local admin account.
  3. Launch the Command Prompt as administrator and type in the following command replacing "{uwinid}" with the actual UWin ID of the user:

    net localgroup Administrators UWINAD\{uwinid} /add

Details

Article ID: 62368
Created
Sun 9/16/18 3:52 PM
Modified
Wed 8/2/23 3:25 PM

Related Articles (1)

Setting up workstations for graduate students
Configuration/setup options for Windows 10 "corporate" computers that are used by graduate students.