deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update windows-autopatch-register-devices.md

Browse Source
This commit is contained in:
Tiara Quan 2023-01-31 19:30:26 -08:00 committed by GitHub
parent 7d2d674760
commit 941f432ea0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
View File

@ -114,7 +114,7 @@ A role defines the set of permissions granted to users assigned to that role. Yo
For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference) and [Role-based access control (RBAC) with Microsoft Intune](/mem/intune/fundamentals/role-based-access-control).
If you want to assign less-privileged user accounts to perform specific tasks in the Windows Autopatch portal, such as register devices with the service, you can add these user accounts into one of the two Azure AD groups created during the tenant enrollment process:
If you want to assign less-privileged user accounts to perform specific tasks in the Windows Autopatch portal, such as register devices with the service, you can add these user accounts into one of the two Azure AD groups created during the [tenant enrollment](../prepare/windows-autopatch-enroll-tenant.md)process:
| Role | Discover devices | Modify columns | Refresh device list | Export to .CSV | Device actions |
| ----- | ----- | ----- | ----- | ----- | ----- |
@ -122,8 +122,7 @@ If you want to assign less-privileged user accounts to perform specific tasks in
| Modern Workplace Roles - Service Reader | No | Yes | Yes | Yes | No |
> [!TIP]
> If adding less-privileged user accounts into the **Modern Workplace Roles - Service Administrator** Azure AD group, it's also recommended to add the same users as owners of the **Windows Autopatch Device Registration** Azure AD group so these user accounts can add new devices as members of the group for registration purposes.
> See [assign an owner of member of a group in Azure AD](https://learn.microsoft.com/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group) for more details.
> If you're adding less-privileged user accounts into the **Modern Workplace Roles - Service Administrator** Azure AD group, it's recommended to add the same users as owners of the **Windows Autopatch Device Registration** Azure AD group. Owners of the **Windows Autopatch Device Registration** Azure AD group can add new devices as members of the group for registration purposes.<p>For more information, see [assign an owner of member of a group in Azure AD](https://learn.microsoft.com/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group).</p>
## Details about the device registration process