You need to ensure that Admin1 can join computers to Azure AD and follow the principle of least privilege. What should you do?

Last Updated on November 6, 2021 by Admin 2

Your company has a Microsoft 365 subscription.

A new user named Admin1 is responsible for deploying Windows 10 to computers and joining the computers to Microsoft Azure Active Directory (Azure AD).

Admin1 successfully joins computers to Azure AD.

Several days later, Admin1 receives the following error message: “This user is not authorized to enroll. You can try to do this again or contact your system administrator with the error code (0x801c0003).”

You need to ensure that Admin1 can join computers to Azure AD and follow the principle of least privilege.

What should you do?

  • Assign the Global administrator role to Admin1.
  • Modify the Device settings in Azure AD.
  • Assign the Cloud device administrator role to Admin1.
  • Modify the User settings in Azure AD.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments