Provide Admin Access to Windows 365 Cloud PC using User Settings Policy

Let’s have a quick look at the option to provide admin access to Windows 365 Cloud PC using Intune user settings policy. Windows 365 service delivers personalized desktops in the cloud. Microsoft announced the general availability of Windows 365 on the 2nd of August 2021.

You can use the user settings policy to add assigned users to the local administrator on all their cloud PCs. The admin access might be required to support some of the developer use case scenarios. If you have a use case to add a generic admin account to Cloud PCs, you can deploy PowerShell scripts using Intune.

Deploy User Settings Policy to Windows 365 Cloud PC

You can deploy the user settings policy to Windows 365 cloud PC. Let’s have a quick walkthrough of this policy to add users to the local administrator group on their Cloud PCs.

  • Login to Microsoft Endpoint Manager portal.
  • Navigate to Devices -> Windows 365 node.
  • Click on +Add button to create user settings policy.
Provide Admin Access to Windows 365 Cloud PC using User Settings Policy
Provide Admin Access to Windows 365 Cloud PC using User Settings Policy

Enabling this settings policy elevates end users to a local administrator on all their cloud PCs. On the settings page, you have two options.

Patch My PC
  • Enter the Name of the User Settings Policy.
  • Select the option to enable or disable local admin policy.
    • On option is selected.
  • Click on Next button to continue.
Provide Admin Access to Windows 365 Cloud PC using User Settings Policy
Provide Admin Access to Windows 365 Cloud PC using User Settings Policy

I have added the W365 Users Azure AD group, where I have two users as members. I used the same group during the Windows 365 provisioning guide. You can click on the Next button to continue to the validation and confirmation page.

Provide Admin Access to Windows 365 Cloud PC using User Settings Policy
Provide Admin Access to Windows 365 Cloud PC using User Settings Policy

As you can see in the below screenshot, the validation is passed for the user settings policy. Click on Create button to complete the user settings creation process from Intune MEM portal.

Provide Admin Access to Windows 365 Cloud PC using User Settings Policy
Provide Admin Access to Windows 365 Cloud PC using User Settings Policy

Results

The following is the screenshot from a Cloud PC before applying the user settings policy to add assigned users to the local administrative group on their Cloud PCs. So, you can’t see any user added to the local administrators group.

1E Nomad
Provide Admin Access to Windows 365 Cloud PC using User Settings Policy 1
Before User Settings Policy Deployment

After applying the user settings policy, you can see that MEMCM/anoopb user is added to the local administrators group. This user got admin access on the assigned Cloud PC. The policy to elevate admin permissions for an assigned user on the respective Cloud PC is useful.

Provide Admin Access to Windows 365 Cloud PC using User Settings Policy 2
After the User Settings policy Deployment

Resources

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.