Add local Administrator to Intune enrolled devices

How to easly add an EntraID account as local administrator on Intune enrolled Windows device/s:

1. Log in to Intune and select "Endpoint Securtiy"

2. Click on "Account Protection"

3. Select Create New Policy, plattform WIndows 10 and Later

4. As profile, select Local group membership and click Create

5. Give the policy a name, click next
   

Now you can Add /Remove users meberships of differnt local groups.

In this scenario choose Administrators - Add(update) and User/groups.
Select which user/s you want to add and assign this policy to a singel computer or a group of computers.

Wait for the sync to happen (or force a sync) and that's it! The selected users are now local administrators on the assigned computers.

Go for it ! 😊