In this blog post, you will learn how to change Primary user in Intune. Each Intune managed device has a property called User device affinity also referred to as Primary user. A device can have 0 to 1 primary users. When a device does not have any primary users assigned, it’s referred to as a Shared device.
What is a Primary User
In Intune, the Primary user is the person mapped to a device as its main licensed user. It ties the device to user in reports for troubleshooting scenario. A primary user is automatically assigned after a device is enrolled into Intune. It’s determined by the enrollment method: Who is assigned as the Primary User?
Prerequisites
- Entra joined or Entra hybrid joined device.
Important Points
- Supported on Windows devices only. Enrollment is required to assign a new primary user on iOS and Android devices.
- Change of Primary user is not supported on Entra registered devices. It’s only applicable to Entra joined and Entra hybrid joined devices.
- It may take up to 10 minutes for primary user change to get propagated to Intune and Entra ID.
- Managed devices/Set primary user RBAC role is required for changing the Primary user. For more details about creating a Custom RBAC role, refer to the link: How To Create Custom RBAC Role In Intune.
- Changing a Primary user does not change the local administrator group membership on user’s device.
- Primary user must be assigned an Intune license.
Changing Primary User
As an administrator, you can change the primary user on Windows devices by following below steps:
- Sign in to the Intune admin center > Devices > Windows > Windows devices.
- Click on a Windows device and then click on Properties.
- Click Change primary user button.
- Select the new primary user and click Select button. Finally, click Save to save the changes.
Impact of Changing the Primary User of an Intune Device
- When you sign in to the Company Portal app, it expects that you are a Primary user. If you are not a Primary user, then you will get a warning:
This device is already assigned to someone in your organization. Contact company support about becoming the primary device user. You can continue to use Company Portal, but functionality is limited.
- If you remove the primary user (so it’s “Shared”), users can still install available apps, but self-service actions like uninstall, reset/rename/retire aren’t available.