<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	
	>
<channel>
	<title>
	Comments on: Restrict which users can logon into a Windows 10 device with Microsoft Intune	</title>
	<atom:link href="https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/feed/" rel="self" type="application/rss+xml" />
	<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/</link>
	<description>Intune, Windows, Office 365, Microsoft 365, Azure, Automation</description>
	<lastBuildDate>Fri, 30 Jan 2026 22:44:44 +0000</lastBuildDate>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	
	<item>
		<title>
		By: Chris		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-260713</link>

		<dc:creator><![CDATA[Chris]]></dc:creator>
		<pubDate>Fri, 30 Jan 2026 22:44:44 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-260713</guid>

					<description><![CDATA[After assigning the profile (configuration policy) to a security group, will removing the security group revert the settings and return to normal or will I have to create another config policy to fix that?]]></description>
			<content:encoded><![CDATA[<p>After assigning the profile (configuration policy) to a security group, will removing the security group revert the settings and return to normal or will I have to create another config policy to fix that?</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Suzane		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-219841</link>

		<dc:creator><![CDATA[Suzane]]></dc:creator>
		<pubDate>Tue, 14 May 2024 13:51:01 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-219841</guid>

					<description><![CDATA[In reply to &lt;a href=&quot;https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-213066&quot;&gt;Devin&lt;/a&gt;.

Intune has this built in now. No need to create a custom profile.  https://www.petervanderwoude.nl/post/restricting-the-local-log-on-to-specific-users/ You can point to groups instead of users.   Just add one user or group per line and you will be fine.]]></description>
			<content:encoded><![CDATA[<p>In reply to <a href="https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-213066">Devin</a>.</p>
<p>Intune has this built in now. No need to create a custom profile.  <a href="https://www.petervanderwoude.nl/post/restricting-the-local-log-on-to-specific-users/" rel="nofollow ugc">https://www.petervanderwoude.nl/post/restricting-the-local-log-on-to-specific-users/</a> You can point to groups instead of users.   Just add one user or group per line and you will be fine.</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Devin		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-213066</link>

		<dc:creator><![CDATA[Devin]]></dc:creator>
		<pubDate>Fri, 26 Jan 2024 15:55:54 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-213066</guid>

					<description><![CDATA[In reply to &lt;a href=&quot;https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-208664&quot;&gt;Juan Zapata&lt;/a&gt;.

I also need a way to apply this to a specific group, rather than each machine and individual user. I have 61 machines that I need to restrict login to with any account other than the ones in a specific group, and don&#039;t want to go through and create a configuration profile for each one]]></description>
			<content:encoded><![CDATA[<p>In reply to <a href="https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-208664">Juan Zapata</a>.</p>
<p>I also need a way to apply this to a specific group, rather than each machine and individual user. I have 61 machines that I need to restrict login to with any account other than the ones in a specific group, and don&#8217;t want to go through and create a configuration profile for each one</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Juan Zapata		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-208664</link>

		<dc:creator><![CDATA[Juan Zapata]]></dc:creator>
		<pubDate>Thu, 09 Nov 2023 17:23:58 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-208664</guid>

					<description><![CDATA[Hello Peter. Can this be applied to a group as well?  Meaning, allow local account to login and anybody in group &quot;CloudAdmins&quot; and restrict anyone else from logging in?
Also, can the message &quot;The sign-in method you&#039;re using....&quot; be customized to say something different?]]></description>
			<content:encoded><![CDATA[<p>Hello Peter. Can this be applied to a group as well?  Meaning, allow local account to login and anybody in group &#8220;CloudAdmins&#8221; and restrict anyone else from logging in?<br />
Also, can the message &#8220;The sign-in method you&#8217;re using&#8230;.&#8221; be customized to say something different?</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Adrian Nagy		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-202542</link>

		<dc:creator><![CDATA[Adrian Nagy]]></dc:creator>
		<pubDate>Wed, 21 Jun 2023 16:53:40 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-202542</guid>

					<description><![CDATA[Hi Peter,

Thank you for this; it really helped me. But the question is, how do we reverse this? E.g., we only allow user1@aad.com to log in and block everyone else, let&#039;s say user2@aad.com; how do we revert this to allow user2@aad.com to log in again after being blocked by this?]]></description>
			<content:encoded><![CDATA[<p>Hi Peter,</p>
<p>Thank you for this; it really helped me. But the question is, how do we reverse this? E.g., we only allow <a href="mailto:user1@aad.com">user1@aad.com</a> to log in and block everyone else, let&#8217;s say <a href="mailto:user2@aad.com">user2@aad.com</a>; how do we revert this to allow <a href="mailto:user2@aad.com">user2@aad.com</a> to log in again after being blocked by this?</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: David		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-196360</link>

		<dc:creator><![CDATA[David]]></dc:creator>
		<pubDate>Tue, 07 Mar 2023 18:45:11 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-196360</guid>

					<description><![CDATA[In reply to &lt;a href=&quot;https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-165263&quot;&gt;Dan&lt;/a&gt;.

I am getting the same error message. Were you able to resolve this issue? If so, can you let me know what method was used? Thank you!]]></description>
			<content:encoded><![CDATA[<p>In reply to <a href="https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-165263">Dan</a>.</p>
<p>I am getting the same error message. Were you able to resolve this issue? If so, can you let me know what method was used? Thank you!</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Tony		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-193867</link>

		<dc:creator><![CDATA[Tony]]></dc:creator>
		<pubDate>Thu, 12 Jan 2023 22:17:46 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-193867</guid>

					<description><![CDATA[Your method leaves out assignments.
We have 400 laptops and want to limit the logins to ONLY the primary user.

So this method suggests we need 400 profiles and 400 groups containing one laptop each.

Wow!  MS really need to provide a proper solution.]]></description>
			<content:encoded><![CDATA[<p>Your method leaves out assignments.<br />
We have 400 laptops and want to limit the logins to ONLY the primary user.</p>
<p>So this method suggests we need 400 profiles and 400 groups containing one laptop each.</p>
<p>Wow!  MS really need to provide a proper solution.</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Jon		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-189603</link>

		<dc:creator><![CDATA[Jon]]></dc:creator>
		<pubDate>Wed, 28 Sep 2022 18:23:43 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-189603</guid>

					<description><![CDATA[In reply to &lt;a href=&quot;https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-103482&quot;&gt;Peter Klapwijk&lt;/a&gt;.

Hi Peter,

I am not sure the exact value that needs to go in it says AdministratorsAzureAD\user@xyz.com. What is the question mark symbol betweek Administrators and AzureAD and can I specify this policy as user@xyz.com or how do I do this for all user? Let us say I login to the device as User1 and User3 my User1 is jon.doe@xyz.com and User3 is don.king@xyz.com.

How would I put this value for all users? I do not want to be specific and it cannot be as it has to be generic for all users. I hope I am clear in that I asking for?]]></description>
			<content:encoded><![CDATA[<p>In reply to <a href="https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-103482">Peter Klapwijk</a>.</p>
<p>Hi Peter,</p>
<p>I am not sure the exact value that needs to go in it says AdministratorsAzureAD\user@xyz.com. What is the question mark symbol betweek Administrators and AzureAD and can I specify this policy as <a href="mailto:user@xyz.com">user@xyz.com</a> or how do I do this for all user? Let us say I login to the device as User1 and User3 my User1 is <a href="mailto:jon.doe@xyz.com">jon.doe@xyz.com</a> and User3 is <a href="mailto:don.king@xyz.com">don.king@xyz.com</a>.</p>
<p>How would I put this value for all users? I do not want to be specific and it cannot be as it has to be generic for all users. I hope I am clear in that I asking for?</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Remy Rouinvy		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-185772</link>

		<dc:creator><![CDATA[Remy Rouinvy]]></dc:creator>
		<pubDate>Mon, 18 Jul 2022 09:52:56 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-185772</guid>

					<description><![CDATA[Hi

Do you know if this works on Windows Holographic ?
I&#039;ve tried but have no success at all, the policy doesn&#039;t seem to be affected to the device on Intune..]]></description>
			<content:encoded><![CDATA[<p>Hi</p>
<p>Do you know if this works on Windows Holographic ?<br />
I&#8217;ve tried but have no success at all, the policy doesn&#8217;t seem to be affected to the device on Intune..</p>
]]></content:encoded>
		
			</item>
		<item>
		<title>
		By: Rigor Mortis		</title>
		<link>https://inthecloud247.com/restrict-which-users-can-logon-into-a-windows-10-device-with-microsoft-intune/#comment-185369</link>

		<dc:creator><![CDATA[Rigor Mortis]]></dc:creator>
		<pubDate>Mon, 11 Jul 2022 06:11:13 +0000</pubDate>
		<guid isPermaLink="false">https://inthecloud247.com/?p=5047#comment-185369</guid>

					<description><![CDATA[Nice Post. I tried it with our environment and confirmed this works. However, I am getting the error 0x87d1fde8 even if I use the CDATA or not. Hopefully, you can help me how to resolve the reporting error. Thank you.]]></description>
			<content:encoded><![CDATA[<p>Nice Post. I tried it with our environment and confirmed this works. However, I am getting the error 0x87d1fde8 even if I use the CDATA or not. Hopefully, you can help me how to resolve the reporting error. Thank you.</p>
]]></content:encoded>
		
			</item>
	</channel>
</rss>
