Plan for Change: Intune Service Administrator role will be required for device limit restrictions

Originally posted by Microsoft Mar 18, 2025 Uncategorized 0 Comments

Beginning mid-April 2025, admins will need the ‘Intune Service Administrator’ RBAC permission to configure device limit enrollment restrictions. Without this permission, the policies will be read-only. Review and update your RBAC assignments accordingly.

Beginning mid-April 2025, or soon after, admins will be required to have the ‘Intune Service Administrator’ role-based access control (RBAC) permission to configure device limit enrollment restrictions policy.

How this will affect your organization:

Admins managing these policies will be required to have the ‘Intune Service Administrator’ RBAC permission to update the device limit enrollment restrictions policy. (Devices > Enroll devices > Device limit restrictions). If they do not have this permission, these policies will be read-only.

What you need to do to prepare:

Review your RBAC assignments and update as needed to allow admins permission to update device limit restrictions.

Additional information:

Create device limit restrictions – Microsoft Intune | Microsoft Learn

Role-based access control (RBAC) with Microsoft Intune 

Message ID: MC1034571

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: