Back to all tools
PS ScriptSecurity

Intune Make Enrollment User Admin

This Intune-deployable script elevates the enrollment user to a local administrator on Windows devices. Packaged as an .INTUNEWIN app, it is deployed through Microsoft Intune to targeted users with install and uninstall commands to grant or revoke admin rights after enrollment. It uses a requirements check for detection and can be reconfigured later, providing an Autopilot-like capability fully managed by Intune.

Works with
WindowsWin32 Apps
Created by
Niklas Rast
Niklas Rast
GitHub

Security Analysis

6of 6
All Checks Passed

3 files scanned on Jan 8, 2026

No Obfuscated Code
No Remote Execution
No Credential Theft
No Data Exfiltration
No Malicious Patterns
No Hardcoded Secrets
AI Analysis

The code primarily enables privilege elevation for an enrollment admin scenario (adding the user to Administrators). No credential theft or data exfiltration detected. Primary security considerations are the privilege escalation risk, potential execution-policy bypass, and error-suppression practices; mitigate with strict authorization, signing, and improved error handling.

Screenshots1 / 3

Swipe to see more

You might also like

PS Script

IntuneStatefulDeviceFingerprinting

KuShu-Shimon Intune Stateful Device Fingerprinting (ISDF) provides a tamper-resistant device fingerprint for enrolled Windows devices, enforced via Intune Custom Compliance and DPAPI-encrypted baselines. In Cloud mode it attests fingerprints to Entra ID through APIM and a Logic App to enable trusted device filters, dynamic groups, and stronger Conditional Access policies. The solution collects on-device signals, stores encrypted baselines, self-heals missing keys, and reports ISDF booleans for compliant state.

Graham HildGraham Hild
Desktop App

Run as Domain User

A wrapper app that uses ShellRunAs to launch a target executable under a defined Active Directory domain user from non-domain-joined Windows devices. It enables cloud-managed devices to run legacy on-prem tools (RSAT) by prompting for domain credentials and launching the configured app with elevated rights. It relies on simple domain.txt and app.txt configuration and is packaged for Intune with explicit install/uninstall commands and a Start Menu entry.

Niklas RastNiklas Rast
PS Script

Intune App Factory

Intune App Factory is a set of PowerShell scripts run in an Azure DevOps Pipeline that automatically detects, downloads, packages, and publishes onboarded applications as Win32 apps to Microsoft Intune, ensuring up-to-date deployments. It supports onboarding via manifests, integrates the PowerShell App Deployment Toolkit, and automates version checks from Winget, Evergreen, or Storage Account sources to streamline packaging and publishing.

Nickolaj AndersenNickolaj Andersen
PS Script

IntuneFirewallMigration

IntuneFirewallMigration is a public-preview tool that migrates Group Policy and local firewall rules into Intune as Settings Catalog policies. It supports selecting specific firewall profiles (Domain, Private, Public) and importing only inbound or outbound rules, using Microsoft.Graph.Authentication with Invoke-MgGraphRequest. The script disables telemetry, requires Graph permissions (DeviceManagementConfiguration.ReadWrite.All), and works with PowerShell 5 or 7 to modernize firewall management in Intune.

Nick BentonNick Benton