I am trying to get a basic understanding of the support mechanics of Microsoft Intune for managing/troubleshooting issues on Windows 10 end user devices (Laptops). Assuming in a given scenario whereby your environment does not join your W10 end user devices to a local Active Directory domain, and therefore membership of the local groups on the device do not include domain support groups, e.g. localddomain\domain admins etc. Then how does a desktop support engineer gain administrative access to the Windows 10 device, are there batch of Intune groups that now govern admin access to end user devices? Can you provide a basic overview in laypersons terms for someone new to Intune.
Is there a new batch of support tools for managing Intune managed devices than traditional AD joined devices setup (via AD support groups). I don't see anything in terms of Intune/365 sounding groups if I run the net localgroup administrators command on one of the aforementioned devices. I take it the new management processes are quite a seismic change from traditional desktop support practice.