We found an article from Prajwal Desai where he discusses how to create a Windows local admin account using Microsoft Intune. This can be achieved through the use of either a PowerShell script or a custom profile in Intune. The local administrator account that comes pre-installed on Windows devices is often disabled for security reasons, but there are situations where creating a temporary admin account using Intune can be useful for troubleshooting or emergencies.

There are two main approaches to creating a local admin account on Windows devices using Intune:

  1. OMA-URI Settings: This method involves configuring Account CSP settings in Intune to create a local administrator account and add it to the Administrators group on Windows devices. It is recommended for its reliability and ease of deployment.
  2. PowerShell Script: While a PowerShell script can also create a local admin account and customize properties such as password expiration, it may be less reliable and more complex to troubleshoot.

The article provides step-by-step instructions on how to create a local admin account using OMA-URI settings in Intune. It covers creating the custom profile, configuring OMA-URI settings for creating the account and setting the password, and adding the account to the local Administrators group.

The Accounts configuration service provider (CSP) is used to manage the local administrator account, and it’s important to note that this policy applies to Windows devices running specific editions, such as Enterprise, Pro, Education, and Business editions. Additionally, devices must be enrolled in Intune before the policy can be applied.

The article concludes by explaining how to monitor the status of the local admin account policy in Intune, including identifying devices where the policy has been successfully applied and troubleshooting any errors that may occur during deployment.

Despite encountering a specific error code during their testing, the author confirms that the local admin account was successfully created on Windows devices according to the Intune policy settings.

In summary, the article provides a comprehensive guide on creating a Windows local admin account using Microsoft Intune, offering both OMA-URI and PowerShell methods, along with practical insights into the deployment process.

Prajwal Desai