This is Part 2 of How to Restrict the Login to Dedicated Users with Microsoft Intune. Where Part 1 covered the standard CSP-based approach, Part 2 walks through the more advanced configurations — including dynamic group filtering, Conditional Access integration, and the gotchas you only discover after rolling out to a thousand devices.
Hello everyone, after several months of inactivity I would like to post regularly new content here on my blog. I start here with a topic which I have already blogged last year. This post is about how to restrict who can log on to Windows via Intune. Intune has a cool new feature that allows you to manage the members of local groups. In how to restrict the login to dedicated users with intune I did this restriction with a configuration profile and put a Microsoft Entra ID user into the local group via a custom profile and an OMA-URI. Now Microsoft has added a new CSP that allows you to do this in a much more elegant way. How to use this I explain now in this blog post.
Read More »