Intune change primary user powershell. Intune Primary user and Azure AD device owner.

Intune change primary user powershell We are having a similar scenario as explained above - where the primary user (also device enrolled user) would not be using the device, instead another Azure AD user (who is not the primary user of the device) will be using the device in KIOSK mode. Learn more here: Change a device's primary user. Right now, We have about less than 1000 devices that doesn't have the proper Primary user in Intune. Through the gui when you change a primary user on any machine and hit save it will show on the overview page that the primary user has been changed, then if you refresh the overview page it shows that the Enrolled by field is changing as well. This would free up the manual process of reassigning users in Intune for proper use of Company Portal, and compliance policies. To set primary user, it is a manual process for each devcice: Access the Intune Admin Center: Start by logging into the Microsoft Intune admin center. Get existing member of the group. AUTHOR. Aquí nos gustaría mostrarte una descripción, pero el sitio web que estás mirando no lo permite. Not sure why the enrolling user is a requirement in that policy. Im an intune admin and have a task to change the primary user based on the last logged on user. You signed in with another tab or window. This user only has There are scripts which can run in a runbook to change the primary user. If that’s not an option you may be able to set primary user via the AutoPilot registration (page that shows all your AP devices and profiles) In this section we will look at how you can delete the primary user of all device / a list of devices automatically via a powershell script. For more information, see Change a device's primary user. More specifically about the recently introduced functionality to change or remove the primary user of a Windows device. But if you get that data you should be able to just loop trough the devices Where can I practice PowerShell safely without changing anything on The Set-IntuneDevicePrimaryUser. The README A PowerShell script to change the Primary User of all Windows 10 Devices in an Intune Tenant to the last logged in user of the device If there is no primary user or the $UDAMultiplier is higher than a set number (1. PowerShell includes a command-line shell, object-oriented scripting language, and a set of tools for executing scripts/cmdlets and managing modules. Making sure that all devices are company owned refines management and identification, as well as enabling Intune to perform additional As far as automating, easiest way to set the primary user is to have the primary user enroll. 5 in this case), the script makes a GET request to return the user ID of the user, and then makes a POST request to update the primary user on the In this section we will look at how you can delete the primary user of all device / a list of devices automatically via a powershell script. Basically, our helpdesk techs are assigned as the Primary User to about 1/3+ of our computers and that's not really working out. I can't change the primary user, and my idea was to disconnect myself and sign them in using their own Microsoft business account so @Michael DiGregorio, Thanks for posting in Q&A. We will also Those examples are pure web-request and if you are new or have limited experience managing Intune with Powershell I would probably recommend looking at the Intune Powershell SDK instead. There is no single PowerShell command to change the owner. In some cases, the Intune primary user may be different from the Azure AD Device’s Owner property (viewable under Devices > Azure AD Devices). Create a local group "Device Owners" using the Intune Configuration profile. Changing the primary user enables the administrator to switch the primary user of a device from one user to another user, or to switch a The “set primary user” only lets the sneakers change the primary user after deployment, but that defeats the purpose of whiteglove deploying all applications, including the specifically user assigned apps. This user is also used to license the device. Show and map the user to the device in that users Device management website 4. We've built a custom loaning center application where we'd need to replace the primary user whenever a device is checked out Hi All I wanted to query how it is possible I can set the settings so that the last logged user to use the device will now be assigned the Primary owner. To change or remove the Primary user of a device, you require the permission Managed devices/Set primary user. Let’s learn AVD assign to a different user and unassign user options available in Azure portal UI and An Immy partner has suggested this as a request: A hugely valuable cloud script for all MSPs would be to update the Intune computer with the Immy primary user logic. Add the primary Hello We have a small number of computers enrolled in Intune which have the option to change the primary user greyed out. This repository of PowerShell sample scripts show how to access Intune service resources. That means as long as the enrollment user ist still the primary user (nobody changed the primary user in Intune) the enrollment user equals the primary user. What I am trying to do: When enrolling a computer using a "WCD"-package (ppkg / provisioning package) and the user is scoped to be auto-enrolled into Intune then the device is listed with a "Primary User" of "NONE" in Intune since the device is enrolled by a package / bulk-enrollment. Shift + F10 once connected to a network and enroll it with PowerShell https://docs Ideally the user sets up the device on their own and If this is for Intune managed devices, for reasons of security and digital hygiene, the best practice is to reset the device, then have the new user go through the AutoPilot process. Is this possible to change? Non Hybrid Azure w InTune - enrolling MacOS devices via the Company Portal App, I am converting them to "Corporate" from "Personal. Once a user is enrolled with the User account type Standard on a Win10 device I would like to know what the best way is to change that user to local Administrator afterwards. Intune has a spot to upload a CSV/manually type serial numbers to identify them as corporate, which should theoretically change any personals to corporate. Some script Changing the primary user of the device doesn't make any changes to local group membership such as adding or removing users from the "Administrators" local group. NOTE! – Also, Intune primary user change shall help you to change the OWNER of the device in Azure AD. I've created the user account and assigned it as a primary user on a device that is Autopilot joined. So we have 2 different Windows Autopilot Deployment profiles. The Azure AD Device owner is added during a device’s registration into Azure Active Directory. Map a licensed Intune user to the device 2. se) Automated script to update primary users - Microsoft Q&A. Select Change Primary User; A search box will appear on your left. :( I need a simple instructions please along @Arif Usman In order to change the device owner, you would need to first add another owner to the device and then remove the existing user. I have the following script, CSV, XML, etc. 11. Thanks Intune is a Mobile Device Management service that is part of Microsoft's Enterprise Mobility + Security Simong_1984. Reference docs: intune-devices-manageddevice. I did some testing though and it doesn't look like it's working. Hi all, Yep same here, have to keep up with the API change log constantly to see if we could finally migrate off all our MSOL scripts Reply reply If the most frequently signed in user to a device over a specified time period is not configured as the current primary user in Intune, we can then set the correct primary user via Graph API. Select a new user and choose Select. Don't call it InTune. 0 Schema: BETA. Therefore the device is now marked as non-compliant by the built-in compliancy policy because of the "Enrolled user exists" check. Documentation for Intune and Microsoft Graph can be found here Intune Graph Documentation. Right now I need a privileged user with the intune admin entra role on standby all the time to do (re)configure the assigned user. Asking for help, clarification, or responding to other answers. The only time I could see it being an issue is if you have software scoped to specific user groups. Find more, search Will set the primary user for devices in Intune with default settings 5. I have modified it a bit to run locally on a server, but the key parts are still from his script Managed_Blog/Microsoft Graph/Intune The Primary Users list shows users who are already primary users of this device, and the method by which each user-device relationship was assigned. please make sure to change the primary user. The primary user is used within Microsoft Intune to map a licensed user to a device. Good news, changing the Primary 📚 Removing Primary User from Intune devices | remove Intune primary user | remove a primary user from an Intune device | Set intune primary user none👉 Unlo In the autopilot policy, allow all users logged in to be administrators by default. Does Intune eventually reassign the primary user of a device? The techs have been logging into every computer they image, and ofcourse the device Where can I practice PowerShell safely without changing anything on my computer? upvotes Need Help: Bulk Change Intune primary User with last logged in user script . I enrolled it with an admin account. currently, the enrolled device is set up by IT and it sometimes shows a user that has left the organisation or IT admin etc as the primary owner we want it set so that when a new user logs in and uses the device it is automatically switched Hello All, I ran into issues where our Technicians who reimage and deploy laptop/workstations to our users gets assigned as Primary user on the device. I can do this just fine in the GUI, but with 1000 to do. Essentially, we have a lot of devices which have the incorrect primary user set, primarily from IT setup which we has since changed. I am sharing the cmdlets below: Open PowerShell as Administrator and run Install-module AzureADPreview. 1 and 7. Would you be kind enough to help me out This repository of PowerShell sample scripts show how to access Intune service resources. Let’s see how can you change Windows 10 Primary user (Change Primary User for Windows devices) from the Intune portal. To do so, go to Intune > Devices > All devices > choose a device > Properties > Primary User. 📚 Bulk Update Primary User for Intune Devices | Bulk Change Intune primary User | Change Intune primary User | Intune device's primary user change In Bulk Select Change Primary User; A search box will appear on your left. Hello all, I am trying to remove the primary user from a large number of devices ( about 300 ) but intune within the portal does not seem to allow Skip to main content Open menu Open navigation Go to Reddit Home However, I've run into problems with the status of installs not appearing correctly and through some digging found that its likely to do with the fact the Primary User is me, and not the user currently logged in. Change Intune Primary UPN. Log Analytics is an awesome tool for data collection and reporting purposes, but I also learned that we can leverage the Log Analytics API to run Kusto queries in PowerShell to get The script looks great. Nothing natively. COMPANYNAME. How can we change the Enrolled User without re-installing the device? Introduction. Intune Primary user and Azure AD device owner. I can see the owner updated in Azure, but the primary didn’t. Intune is a Mobile Device Management service that is part of Microsoft's Enterprise Mobility + Security offering. You can delete user accounts by following these steps: When you onboard your Windows device in Intune, the device is automatically associated with the user registering the device; this user is called Primary User. I dont have much exp with Intune related PS scripting. Until now, it was not possible to change the primary user, unless unregistering and re registering the device using another user account. Can anyone help me with this question/observation? I'm testing deployment of a completely new-to-Intune machines to a completely new-to-the-company user. 5. The Issue is, that I can't change the primary user - option is greyed out Just for understanding: the primary user is the user who got the device from IT department. Hi Intune_Support_Team . We had the same problem with "Change Primary User" grayed out in Intune. To set primary user, it is a manual process for each devcice: Access the Intune Admin Center: Start by logging into the Microsoft Intune admin You can change the primary user either from the Microsoft Endpoint Manager admin center under All devices > Device > Properties > Change We hope this helps your understanding of how Intune and If an Intune device is not enrolled as a shared device or kiosk device, it always has a primary user. Select the correct User. By using the Beta version of the Graph API, it's possible to query an endpoint to get the Primary User's email address, but that requires a separate query to be run for every device, which isn't feasible for us as we have a large amount of devices. But you can get the Primary User via the following API. The Primary User property in Intune is used when: 1. Navigate to Devices and All Devices; Select the Devices you want to change primary user; Navigate to Properties for this device; Click Change Primary User below the We noticed it yesterday but not sure when it started but it definitely wasn't always the case. ps1 script configures the primary user of an Intune device to the user with the highest number of sign-ins to the device. I haven't tried it yet but logging in as a different user then running the portal software will change it 9. See relevant content for deviceadvice. If the design Intune is to wipe the device when the user changes, why can we change the primary user? Intuneを運用しているのですが、2020年1月現在GUI上でプライマリユーザーを変更することができません。これとても困るのです・・・登録はキッティング時に情シスで対応しているため、情シスメン We're struggling with finding a way to use the Graph API to re-assign a primary user to a device in Intune. Hello, Is there a way to change the primary owner of a device to someone else if the device is already registered under someone else without resetting? Apparently we need to enroll this to intune. anyone have a good way to grab the primary user of an intune device if multiple users have logged in, with powershell? Been trying the REST API, and MsGraph but can't seem to figure it out (I would prefer the MSgraph cmdlets (Get-IntuneManagedDevice) I have a machine that’s Azure AD joined. As we understand it these are Shared computers but we cant see any way of confirming this. 12. It may be happening in other instances too. ADMIN MOD Powershell to Set Device Primary User Hi all, I'm trying to set the primary user of a device using the scripts in this I should point out I'm unable to change it via the Endpoint Manager Since Intune auto assigns a pimay user when we enroll a device into Inune we will be needing to remove that primary user in bulk as we add more systems to Intune. We currently have a Windows 10 Desktop Device Enrolled in Intune that was enrolled by a user that is not exists anymore. The new user has a Office 365 e3 account. Use of these APIs in production applications is not supported. I noticed the issue was due to having local user accounts on an Azure AD-connected PC. Not saying there isn't one, but I've never heard or seen any tickets regarding primary user issues related to company portal or software installs. There are scripts out there that every time they run, will locate the last user of a computer and make them the primary user. Since we can't login for enrollment with an account with MFA enabled we must change to correct user after enrollment. 1. Based on my checking, the API you request cannot get primary user. After I remove the local account, I can change the primary user in Intune. When the device switches to another user. Get local admin group informations. Microsoft released AVD reassign unassign a personal Virtual desktop capability, which is Generally Available now. 0 2025-04-09 Changed all requests to use invoke-mggraphrequets and support Powershell 5. I would probably look at your process though, Update Intune Primary User with PowerShell or Azure Automation - Mr T-Bone´s Blog (tbone. Hi there, I searched for this issue about hours without any working solution. In the Git hub repository from microsoft there is a script which shows how to change and How to set primary user. This can be changed manually on each device directly in the Intune portal after enrollment. They demonstrate this by making HTTPS RESTful API requests to the Microsoft Graph API from PowerShell. Why does it matter? So if the intention is for the primary user to also be the enrolling user why do enrollment managers even exist. Sign in to the Microsoft Endpoint Manager Admin Center. 4. You signed out in another tab or window. First of all enrolled users as showed in the below picture is not always the primary users. Background is it that all our notebook with a STandradt user were fueled with Windows, and I would now like to akualiseren these users. ? How to set primary user. Whoever logs in to the device usually registers it but it’s not that cut and dry. https://github. When enrolling devices into Microsoft Intune using the Company Portal, the devices end up enrolling as personal owned. I'd like to be able to run a powershell script on the machine itself to remove the primary user if possible. ps1" which can be used to set primary user. We have added a new administrator Run the script in a PowerShell environment with administrator privileges. Please turn off your ad blocker. Enrolled User After some research I couldn’t find the primary user information on the device, but the initial enrollment user information is available 💪. Changing the primary user enables the administrator to Here is a report of Intune related Graph functions, including one to update the primary user - either by name, or to set the primary user to the last user who logged on. com/microsoftgraph/powershell-intune The primary user is used within Microsoft Intune to map a licensed user to a device. Remove all members except Administrator . Additionally refer to this Intune Graph API with PowerShell that can help you get all This repository of PowerShell sample scripts show how to access Intune service resources. 1 Microsoft. Choose Devices > All devices > choose a device > Properties > Change primary user. We We need to get the email of the device's Primary User, which isn't included in the API response at all. This script should meet your requirements by processing all Windows Intune managed devices, identifying the last logged-on user for each, and After researching, I find a link has a script named "Win10_PrimaryUser_Set. General Question When using an administrative account to enroll to intune (Join this device to Microsoft Entra ID), and then letting the end-user log in to the computer, the machine is marked with the Primary UPN as the administrative user, rather than the end-user. The primary user of a device can be updated for devices Windows 10 devices that are Azure AD Joined or Hybrid Azure AD Joined. ) In this blog post, I will show you how to retrieve that information from Intune and export it. 13. I’m trying to change the primary user but the button is greyed out. Only difference is that in 1 profile the User account type is Standard and the other is Administrator. Collaborate outside of code Code Search. Changing the primary user doesn't change the "Enrolled by" user in Intune. Set up primary devices for a user In the Configuration Manager console, go to the Assets and Compliance workspace, and select the Users node. Not sure if the RegisteredUser and RegisteredOwner correspond to Primary User and Enrolled By in Intune since I don't have any objects in my enviroment where they are different right now. This creates a relation between the device and the user. - mi Change a device's primary user. In the final chapter (for now) of our Graph series, we put together everything that's been reviewed so far to build a function to automatically clean up Intu With PowerShell and Graph, technically yes. PowerShell is a cross-platform (Windows, Linux, and macOS) Updating Primary User Intune via MSGraph . What am I missing? Is it possible to change the primary user of an IOS device enrolled in Intune? The option is greyed out on the device and if we attempt to login to comp portal with a different account it fails. ), REST APIs, and object models. I want to Change the Intune Primary User via PowerShell and found this Guide: Dynamically Update Primary Users on Intune Managed Devices. Reload to refresh your session. Get the admin account name (the name may change depending of the OS language) 10. . " The Change Primary User is grayed out. I want to script updating the primary user of Intune Managed devices as devices have been swapped between users, or built by one and used by another. The data I have already collected (Devic ID, User ID, etc) and now I'm just looking for a Powershell command / script that can update the primary user. PowerShell: v. In PowerShell, I’ve updated the registered owner/user to the new user. Is it possible to change the primary user with Powershell? If yes, with which Powershell module? Azuread or MSgraph? does anyone know maybe the corresponding Powershell command? or do you know a good article? Thanks a lot r/PowerShell r/Intune r/AZURE r/microsoft r/m365 Unable to change the primary user from endpoint manager, because that option has greyed out for some devices The user machines are hydrird joined machines, for some of the devices I am able to change it, but some devices it's greyed out. Create a script that will be executed on the computer, which will somehow be able to find out who the Primary user is on this device and add its ID to the local group ("Device Owners"). - mi You can change the Primary User for Windows hybrid and Azure AD Joined devices. (They have some shared devices. Easier to map user to device in Endpoint manager and Azure See more With the June (2006) Intune service release, you can now change a device's primary user for co-managed Windows devices. Manage code changes Discussions. We can get the primary users associated with the managed APIs under the /beta version in Microsoft Graph are subject to change. We change primary users constantly and haven't seen issue. io. In the Git hub repository from microsoft there is a script which shows how to change and delete the primary user for a single device. You switched accounts on another tab or window. Thanks for contributing an answer to Stack Overflow! Please be sure to answer the question. Here's a presentation I did back in April on how to manage Intune using Powershell that hopefully will get you started. Contribute to svdbusse/IntuneScripts development by creating an account on GitHub. Want get the primary user of a device, search no more! In this post we will have a look at how to use Microsoft Graph and PowerShell to accomplish this. The script requires the name of a group that contains Intune devices or a comma-separated value file with 2 column headers: IntuneDeviceId and DisplayName. what could be the reason for it. Tbone Granheden @MrTbone_se. Refresh your changes to make sure Intune took them; The assignee has now been assigned *Note anybody can register a device. The main goal for this is to update each device's primary user with the last logged on user, making it run on an Azure automation every couple of weeks. Graph: v. If you have this module installed already, you can skip this step. I would prefer to run a test version of the script first One of our customers wanted to know per device which the real Primary User was and the user logon date of every user that used that device. Hi! I'm piloting Intune and successfully getting deeper into the weeds. Coligo AB Introduction: In Intune world of device management, the concept of the primary user plays a crucial role, especially when it comes to application deployments. 😅 Getting the primary user of a device sounds easy enough, but there are scenarios where it could be hard to do it natively. Provide details and share your research! But avoid . In this blog post, we will explore the significance of the primary user and how it affects the installation of applications using the company portal in Intune. For those who may not agree with this practice, there is now an option to change or remove the primary user on the Property view for the device. This works as well but has some restrictions. Show and map the user to the device in that users Company Portal app 3. It sounds like this is happening because they are configuring devices after autopilot using their own credentials which Intune automatically assigns as the Primary User. fluqf vgzfvq pivcs zssksug imddel ttcb tnow topo aefydput luwbo voisch sbaeo ymhsl qdbpr knoyr