How can we improve Windows Azure security and compliance?

Additional local administrators on Azure AD joined devices

In Azure there is a list that can be created for Additional local administrators on Azure AD joined devices. However, after creating a list and when I go back to modify it, it remove the previous user list and I must recreate the list from scratch each time I need to either add/remove a user. This is definitely a design flaw. Also We should be able to view the current list, not "User and xx others"

Ideally we should be able to grant local admin rights directly to the device that is Azure Joined instead of a all or nothing approach. Right now I have some users that should not have local admin rights to the CTO device. This is very bad.

3 votes
Vote
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Julien HACQUARD commented  ·   ·  Flag as inappropriate

    Anyway it doesn't add any account on my existing devices. I suppose this is only for a new Azure AD Join experience and nothing happends to the old ones unfortunately. :(

  • Kris commented  ·   ·  Flag as inappropriate

    This seems to be fixed, at least in the demo tenant I'm using for a project. I had experienced this behavior before, but today I can click Add Members and it retains the list, and let's me add to it.

    Unfortunately the reason I was in it is that I can't even get this feature to work in my tenant, it doesn't add any local admins to my Azure AD Joined devices.

Feedback and Knowledge Base