How to add AzureAD account to local administrators on Windows

AzureAD Logo


Elevating local accounts is something that pop-ups up from time-to-time, as I have been migrating my clients away from local and domain accounts and towards AzureAD, I find myself having to confirm the best way to elevate certain accounts to local admin, my usual process of going to lusrmgr.msc is no longer effective with AzureAD accounts.


I use command prompt for this:

  1. Open an administrator command prompt or PowerShell window.
  2. Input the following command:
    net localgroup administrators AzureAD\[Primary-Email-Of-AAD-User] /add

For example:

Adding AzureAD user to local administrators group on PowerShell

That’s it!

If you have issues:

  • Ensure you are using an administrative command prompt window.
  • Doublecheck the email address / username of the AzureAD user

Leave a Comment

Your email address will not be published. Required fields are marked *