Workflow: Manage local admin permissions

Problem

Employees often require local administrator access for one-time tasks, such as installing software or adjusting system settings. Manually managing these permissions can be time-consuming and increases the risk of admin rights remaining active beyond the necessary period.

Solution

This workflow streamlines the process of granting and revoking temporary local administrator privileges. It enables L1 support agents to initiate the request directly from the Amplify or Device view, ensuring quick and efficient access.

Manager approval is obtained through an automated Microsoft Teams message, eliminating the need for manual authorization steps. Once approved, the system automatically triggers a remote action to add the requester to the local administrators group.

After a predefined duration, the workflow ensures these privileges are revoked without requiring further manual intervention.

All actions are logged in the IT service management (ITSM) ticketing system, maintaining a complete audit trail for compliance and security purposes.

Benefits and outcome

By implementing this workflow, you:

• Reduce the manual workload for IT teams by automating admin rights management.

• Ensure timely revocation of admin privileges, minimizing security risks.

• Maintain a detailed record of admin privilege changes within the ITSM system.

• Provide a streamlined and responsive process for users requiring temporary admin access.

Getting started with "Manage local admin permissions"

Configure and start using this library pack by following these links:

• Usage guide: Manage local admin permission for standard users.

• Configuration guide: Manage local admin permission only accessible to users with an administrator role.