AzEntraIdRolesAdvertizer

last sync: 2025-Apr-29 17:09:03 Etc/UTC

Azure AD Joined Device Local Administrator - 9f06204d-73c1-4d4c-880a-6edb90606fd8
Entra Id Role definition

Display name Azure AD Joined Device Local Administrator
Id 9f06204d-73c1-4d4c-880a-6edb90606fd8
Description Users assigned to this role are added to the local administrators group on Microsoft Entra joined devices.
Detailed description Users with this role become local machine administrators on all Windows 10 devices that are joined to Microsoft Entra ID. They do not have the ability to manage devices objects in Microsoft Entra ID.
Categories devices
isPrivileged False
EntraOps Tier Level ControlPlane
#Resource Actions unique 54
#Resource Actions Operations unique 54
#Resource Actions privileged 0
#Resource Actions direct 2
Resource Actions inherited True
#Resource Actions inherited 54
Resource Actions inherited from Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b)
#Resource Actions overlap direct&inherited 2
Resource Actions overlap direct&inherited microsoft.directory/groupSettings/standard/read
microsoft.directory/groupSettingTemplates/standard/read
#Resource Actions inherited to 0 other Entra Id Roles
Resource Actions inherited to n/a
#Resource Actions conditioned 0
#Resource Actions unconditioned 54
#NameSpaces 1
NameSpaces microsoft.directory: 54
Actions read: 54
Operations actionVerbs GET: 54
Resource Actions where Consent Policy applies 0
Resource Actions / Consent Policy n/a
JSON enriched
JSON raw (v1.0 endpoint)
GET /roleManagement/directory/roleDefinitions/{id}
JSON raw (beta endpoint)
GET /roleManagement/directory/roleDefinitions/{id}