Share via

There Entra ID Admin issues not allowing a Help Desk Admin to make local changes on a device.

Feehan, Andrew 0 Reputation points
2025-01-22T18:03:19.72+00:00

Hello,

We have three admins in our environment. Two of us are global admins and one is all but global admin. We have started adding our devices as an Entra ID joined device.

Me and another Global Admin have admin privileges to allow installations of programs and other setting changes on the device, but the third admin's credentials do not work. What should I check first to see why his account is not working to approve app installations. I would say his matter the most since he is the help desk, first line of defense.

Any help would be greatly appreciated.

Thanks!

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,475 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,012 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 112.4K Reputation points MVP
    2025-01-22T18:19:40.34+00:00

    You need to make sure his account is added to the list of additional local admin under Device settings in the portal. Alternatively, add them directly to the Device administrators Entra ID role. Here's the corresponding documentation article: https://learn.microsoft.com/en-us/entra/identity/devices/manage-device-identities#configure-device-settings

    0 comments
  2. Thameur-BOURBITA 35,336 Reputation points
    2025-01-22T18:24:37.82+00:00

    Hi @Feehan, Andrew

    If I well undestood your question , you should add the role Microsoft Entra Joined Device Local Administrator to the third admin account in Entra ID.

    Microsoft Entra Joined Device Local

    Please don't forget to accept helpful anwer

    0 comments
  3. Crystal-MSFT 51,226 Reputation points Microsoft Vendor
    2025-01-23T02:05:19.3966667+00:00

    Hi @Feehan, Andrew, It sounds like the third admin's account might be missing local admin permission on these Microsoft Entra Joined device. You can follow the suggestions provided by Vasil and Thameur-BOURBITA to grant local administrator permission on these devices for the third admin to see if it works.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.