DeployWindows

Creating local users with Intune

Just a quick post regaring creating local user account with MDM, Microsoft Intune. Got a couple of questions regarding possibility to create local user accounts with Intune, and that is possible with custom URIs.

Please give it a like if simple posts like this are useful.

Create a new Device configuration profile for Windows 10 and later of profile type Custom.

Add two OMA-URI Settings

2019-05-13_22-30-08 create user

Name
Account Type

Description
User account type

OMA-URI
./Device/Vendor/MSFT/Accounts/Users/kioskUser/LocalUserGroup

Value
1 (Integer) for Standard user
2 (Integer) for Local administrator

Name
Password

Description
Create user and password

OMA-URI
./Device/Vendor/MSFT/Accounts/Users/kioskUser/Password

Value
123 (String) This is the password

 

Create the profile and add preferably assign it to a group containing Azure AD devices, such as a group containing the same devices as an Autopilot profile.

 

Reference

https://docs.microsoft.com/en-us/windows/client-management/mdm/accounts-csp

 

Posted

in

, ,

by

Mattias

Tags:

, , , ,

Comments

6 responses to “Creating local users with Intune”

  1. François

    Great way to create local accounts, I worked pretty well for me thank you for this.
    Would you happen to know the values to enable “Password never expires” and Disable “User must change password at next logon” ?

    Thank you!

    Like

    Reply
  2. OmerUCLER

    We created local users on Intune but receieved error message -2016281112 (Remediation failed)
    What should i do to avoid getting the error?

    Liked by 1 person

    Reply
    1. Mattias Fors

      This can be many reasons.. most often it is misspelled by mistake, or use of not allowed characters.
      Also have a look in the eventlog, that could give a better idea of what the problem is

      Like

    2. Robert

      It’s likely because this is an add request that doesn’t get any feedback once executed. I received the same error and the accounts were successfully created.

      @Mattias if I update the password using the method you used to create the accounts will the change be reflected on the end device?

      Like

  3. Miguel S

    Anyway to have it set to never expire using CSP

    Like

    Reply
    1. Mattias Fors

      Unfortunately not possible by using CSP today

      Like

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.