Intro
Elevating local accounts is something that pop-ups up from time-to-time, as I have been migrating my clients away from local and domain accounts and towards AzureAD, I find myself having to confirm the best way to elevate certain accounts to local admin, my usual process of going to lusrmgr.msc is no longer effective with AzureAD accounts.
Method
I use command prompt for this:
- Open an administrator command prompt or PowerShell window.
- Input the following command:
net localgroup administrators AzureAD\[Primary-Email-Of-AAD-User] /add
For example:
That’s it!
If you have issues:
- Ensure you are using an administrative command prompt window.
- Doublecheck the email address / username of the AzureAD user