Link to home
Create AccountLog in
Avatar of tjie
tjieFlag for United States of America

asked on

How to assign an intune user as an administrator and joined the localgroup of a machine in Intune?

Hi,

This is a Windows 11, Microsoft 365 and Intune environment.

There is a Desktop machine named “Desktop#1” that has been used for a user A. 

[Note: User A’s info as follows: his name is Jack Brown, his username in Intune (or Azure) environment is jbrown@bobawater.com).]

This Desktop#1 was suddenly BAD. User A or any other permitted user, cannot access it anymore remotely (note: User A usually access the Desktop#1 by RDP). 

No Choice, I need to replace Desktop#1 with Desktop#2 (Brand new installation with Win 11, joining it to Intune)

When User A (jbrown@bobawater.com) RDP to Desktop#2, there is the following message: 

To sign remotely, you need the right to sign in through Remote Desktop Services. By default, members of the Remote Desktop User Group have this right. If the group you’re in does not have the right, or If the right has been removed from the Remote Desktop User Group, you need to be granted this right manually

I heard or read (from somebody) that I need to use the command prompt login as administrator to assign this user (jbrown@bobawater.com) as administrators (of this machine) and joined him to local group using the NET command.

When I go to command line as administrator, and type: NET, I got the followings: (here is the screen shots): 

User generated image

Note: For command line, I am a kind of naïve; I do not know except Ping and Ipconfig

Somebody can help to guide me to get:

1) What command should I use to assign User A(jbrown@bobawater.com) as administrator?

2) What command should I use to assign User A(jbrown@bobawater) in the localgroup?


Tjie

Avatar of Kyle Abrahams, PMP
Kyle Abrahams, PMP
Flag of United States of America image

Not sure Bout command line, but you can do this right from the ui.

Right click on the start menu, computer management.

From there should be groups, local groups.  Find the administrators user group, properties, and you can add any ad accounts or groups from there.

no you don't need to make the user an administrator.

you do need to use remote desktop services or at minimum add the users to the local remote desktop  users group


ASKER CERTIFIED SOLUTION
Avatar of tjie
tjie
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer