2/15/2024 0 Comments Microsoft security account managerTo start configuring these settings, you can create multiple rules to manage which built-in local group you wish to change, the group action to take, and the method to select the users. Select Create Policy and choose Windows 10 and later as the platform and Local user group membership as the template. To access these new settings, sign in to the Microsoft Endpoint Manager admin center and select Endpoint security > Account protection. Previously, these settings were only able to be configured through PowerShell script, custom OMA-URI policies, or GPO. The new settings are derived from the Policy configuration service provider (CSP) LocalUsersAndGroups and come as a built-in template in the Account protection section of Endpoint security. For example, the Administrators local group has broad rights, so it is important to lock down the groups to a set of exclusively defined ones via the policy. This allows IT admins to granularly manage the membership of built-in groups on the Windows platform to ensure users have the correct privileges. This comes with a built-in template in the Endpoint security node where you can add, remove, or replace users and user groups to the built-in local groups on the targeted device. We are pleased to announce a new experience to configure local user group membership settings for Windows devices. By Laura Arrizza – Program Manager II | Microsoft Endpoint Manager – Intune
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |