There are two types of Administrators that can be added to Windows Intune
- Tenant Administrators
- Service Administrators
Windows Intune
Tenant Administrator:
Tenant Administrators have full administrative rights to
the Windows Intune administrator console. They can perform all operations in
the console, including adding or deleting Windows Intune service
administrators. In addition, they can assign other tenant administrators.
The first account you create when you register for Intune automatically becomes a Tenant Administrator.
It is recommended that
you create a least one extra Tenant Administrator Account to help delegate
tasks and ensure you don’t get locked out of your Windows Intune account if you
forget your password.
Note that Tenant Administrators must be assigned in the Windows Intune account portal
https://account.manage.microsoft.com
You cannot use the Windows Intune administrator console to assign a Tenant Administrator.
https://account.manage.microsoft.com
You cannot use the Windows Intune administrator console to assign a Tenant Administrator.
Navigate to Management > Users. Click New > User
Enter the user details
Assign the user to be "Global Administrator" and set user location
Add user to Windows Intune User Group (built-in group)
Enter email address that account details are to be sent to.
Account has been created. Temporary password is assigned. This can be changed.
Windows Intune Service Administrator:
These are accounts for general everyday Intune administration. Service Administrators have the following two levels of
console access:
- Full access: These Service Administrators have full administrative rights to the Windows Intune administrator console and can perform all operations in the console, including adding or deleting other Service Administrators.
- Read-only access: These Service Administrators have read-only rights and cannot modify data in the console; they can only view data in the console and run reports.
You can create Service Administrators by using the Windows Intune administrator console. These administrators must have a user ID and password, and they must be a member of the Windows Intune user group. If an individual does not have a user ID, a Tenant Administrator must create one by using the Windows Intune account portal and then ensure that the individual is a member of the Windows Intune user group.
As before open the Windows Intune account portal to create the account.
Enter the account details
Choose not to assign a role - this is not a Tenant Administrator
The account has been created and can be viewed in the Intune account portal
Open the Intune Admin portal
New account is available in the All Users Group
Click Administrator Management > Service Administrators. Click Add
Enter UserID and required Access permissions
Service Administrator has now been created.
No comments:
Post a Comment