Just a quick post regaring creating local user account with MDM, Microsoft Intune. Got a couple of questions regarding possibility to create local user accounts with Intune, and that is possible with custom URIs.
Please give it a like if simple posts like this are useful.
Create a new Device configuration profile for Windows 10 and later of profile type Custom.
Add two OMA-URI Settings
Name
Account Type
Description
User account type
OMA-URI
./Device/Vendor/MSFT/Accounts/Users/kioskUser/LocalUserGroup
Value
1 (Integer) for Standard user
2 (Integer) for Local administrator
Name
Password
Description
Create user and password
OMA-URI
./Device/Vendor/MSFT/Accounts/Users/kioskUser/Password
Value
123 (String) This is the password
Create the profile and add preferably assign it to a group containing Azure AD devices, such as a group containing the same devices as an Autopilot profile.
Reference
https://docs.microsoft.com/en-us/windows/client-management/mdm/accounts-csp
DeployWindows 
Great way to create local accounts, I worked pretty well for me thank you for this.
Would you happen to know the values to enable “Password never expires” and Disable “User must change password at next logon” ?
Thank you!
LikeLike
We created local users on Intune but receieved error message -2016281112 (Remediation failed)
What should i do to avoid getting the error?
LikeLiked by 1 person
This can be many reasons.. most often it is misspelled by mistake, or use of not allowed characters.
Also have a look in the eventlog, that could give a better idea of what the problem is
LikeLike
It’s likely because this is an add request that doesn’t get any feedback once executed. I received the same error and the accounts were successfully created.
@Mattias if I update the password using the method you used to create the accounts will the change be reflected on the end device?
LikeLike
Anyway to have it set to never expire using CSP
LikeLike
Unfortunately not possible by using CSP today
LikeLike