We have an azure ad joined client, where after the succefull join the user admin rights have been removed. As always the global administrator account should have automatically added to the local admin groups. But it did not. Now we have no local admins. Built in admin is disabled. At azure AD I do not have the "Additional local administrators on Azure AD joined devices" as here suggested: https://docs.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin I found that this is option is a premium edition capability available through products such as Azure AD Premium or the Enterprise Mobility Suite (EMS). So what could we do without this? Any help would be welcome
Asked
Active
Viewed 2,326 times
2
-
Cant you just log on with a domain admin account on the pc and create a new local user which you put in the local admin group ? – Silbee May 25 '20 at 11:59
-
I can log in with global admin still i can not create a new user, permission denied error message i got. – petersonal May 25 '20 at 13:43