How to Change Primary User in Intune

In this blog post, you will learn how to change Primary user in Intune. Each Intune managed device has a property called User device affinity also referred to as Primary user. A device can have 0 to 1 primary users. When a device does not have any primary users assigned, it’s referred to as a Shared device.

What is a Primary User

In Intune, the Primary user is the person mapped to a device as its main licensed user. It ties the device to user in reports for troubleshooting scenario. A primary user is automatically assigned after a device is enrolled into Intune. It’s determined by the enrollment method: Who is assigned as the Primary User?

Prerequisites

  • Entra joined or Entra hybrid joined device.

Important Points

  • Supported on Windows devices only. Enrollment is required to assign a new primary user on iOS and Android devices.
  • Change of Primary user is not supported on Entra registered devices. It’s only applicable to Entra joined and Entra hybrid joined devices.
  • It may take up to 10 minutes for primary user change to get propagated to Intune and Entra ID.
  • Managed devices/Set primary user RBAC role is required for changing the Primary user. For more details about creating a Custom RBAC role, refer to the link: How To Create Custom RBAC Role In Intune.
  • Changing a Primary user does not change the local administrator group membership on user’s device.
  • Primary user must be assigned an Intune license.

Changing Primary User

As an administrator, you can change the primary user on Windows devices by following below steps:

  • Sign in to the Intune admin center > Devices > Windows > Windows devices.
  • Click on a Windows device and then click on Properties.
  • Click Change primary user button.
  • Select the new primary user and click Select button. Finally, click Save to save the changes.

Impact of Changing the Primary User of an Intune Device

  • When you sign in to the Company Portal app, it expects that you are a Primary user. If you are not a Primary user, then you will get a warning:

This device is already assigned to someone in your organization. Contact company support about becoming the primary device user. You can continue to use Company Portal, but functionality is limited.

  • If you remove the primary user (so it’s “Shared”), users can still install available apps, but self-service actions like uninstall, reset/rename/retire aren’t available.

Leave a Comment