"How to Enable the Built-in Local Administrator Account Using Intune?"

To create a USB block policy using Microsoft Intune, you can follow these steps:

1. Sign in to the Microsoft Endpoint Manager admin center:

• Go to https://endpoint.microsoft.com and sign in with your admin credentials.

1. Navigate to Endpoint security:

• In the Microsoft Endpoint Manager admin center, go to "Devices" > "Configuration" > "+ Create > +New Policy".

3. Choose platform and profile:

• Choose the platform (Windows 10 and later) and Profile Type (Settings Catalog) for which you want to create the policy for “Enable Built In Local Administrator Account”.

• Click on "Create".

4. Basics:

• Once clicked on "Create" wizard will start, here enter the Policy Name, and click next.

5. Configuration Settings:

• Follow below steps.

1. Here click on +Add Settings.

2. Select Local Policies Security Options

3. Click on Accounts Enable Administrator Account Status

4. Enable the Toggle bar next to Accounts Enable Administrator Account Status

5. Click Next.

6. Assign the policy:

• After configuring the policy, proceed to assign it to the appropriate device groups within your organization.

• You can choose to assign it to all devices, specific groups, or individual devices based on your organizational needs.

7. Review and create:

• Review the settings you've configured to ensure they align with your organization's security policies.

• Once you're satisfied, click "Create" to create the Enable Built In Administrator Account policy.

8. Monitor and troubleshoot:

• After the policy is created and assigned, monitor its deployment to ensure its effectively enabling the Built In Administrator Account on devices as intended.

• If any issues arise, use the Intune console to troubleshoot and make necessary adjustments to the policy.