Local and Domain Admin with AAD

Question

question

PhillipAndrewHopkins-1702 asked Apr 23, '22 PhillipAndrewHopkins-1702 commented Apr 24, '22

Local and Domain Admin with AAD

Hi everyone.

I'm looking for some advise on AAD and device domain / local Admin.

My customer has a personal device that is AAD registered, a local Admin account has been created however the credentials we hold are incorrect. So completing anything requiring Admin permission isn't possible.

My experience and knowledge of AAD is very limited but it seems reasonable to still be able to complete administrative tasks in AAD as you would with an on prem AD environment.

Can anyone help with this? I am at the point of completing a Windows refresh so that I can create a new local Admin account as part of the setup. If I can get Admin access via AAD that would be preferred.

Can I create a new local Admin account as an AAD administrator?

Everything I have researched is all based around AAD Joined devices, I can't seem to find information on AAD registered devices.

As always, thanks in advance for any advise offered.

Phill

azure-ad-domain-services

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2022-04-24T09:47:35.313Z

soysoliscarlos answered Apr 24, '22 PhillipAndrewHopkins-1702 commented Apr 24, '22

Hi @PhillipAndrewHopkins-1702

Thank you clarify,

Researching about administrating Azure AD registered devices, I found this:

Administrators can secure and further control these Azure AD registered devices using Mobile Device Management (MDM) tools like Microsoft Intune.

So, according to this, you will require to use an MDM if you want to administrate that personal device.

Hope this helps,
Carlos Solís Salazar

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

NOTE: To answer you as quickly as possible, please mention me in your reply.

· 1

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PhillipAndrewHopkins-1702 · Apr 24 at 10:58 PM

Hi Carlos.

Thank you for your time looking into my query, I'll take a look at those links and do some further research.

Thanks

0 ·

Answer 2 · 2022-04-23T11:21:09.57Z

soysoliscarlos answered Apr 23, '22 PhillipAndrewHopkins-1702 commented Apr 23, '22

Hi @

Thank you for asking this question on the Microsoft Q&A Platform.

I understand that you require "joining" your AD on-premises with your Azure AD, right?

You can install Azure AD Connect on your server https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect

Azure AD Connect is an on-premises Microsoft application that's designed to meet and accomplish your hybrid identity goals.

You can follow these steps https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-express

Hope this helps,
Carlos Solís Salazar

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

NOTE: To answer you as quickly as possible, please mention me in your reply.

· 1

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PhillipAndrewHopkins-1702 · Apr 23 at 04:41 PM

Hi.

Thanks for the quick response.

Not looking to join AD to AAD via the connector. The customer has no on premise hardware, they are all cloud based.

The users laptop is a personal device so is AAD registered only.

I need to install some software which requires Admin permission to complete, the local Admin account can't be used as the credentials we hold are wrong.

Can I use the Azure global Admin account to complete the software install on the users device?

Thanks

0 ·

question