Search This Blog

Tuesday, December 24, 2019

Delegate just the wipe permissions in Microsoft Intune (solved "An error occured while GET")

Microsoft Intune supports granular permission delegation with RBAC.
If you want to delegate just the Wipe permissions, the you need to:

  1. Open the Intune Management portal
  2. Click Tenant Administration - Roles - All roles - Create
  3. The in the Permissions section add these 
    1. Managed Devices - Read
    2. Remote Tasks - Wipe
  4. Once completed go to the newly created role and click the Assignments section and assign the role to a user or preferably to group.
Also, the accounts, which will be delegated Wipe permissions, need to have Intune licence assigned.

Keep in mind that if you won't grant the Managed Devices read permissions the you will get error "An error occurred while GET" and you will not be able to wipe the devices:

No comments:

Post a Comment