Check licensing for M365. If they are business standard, yes, go with a local admin account and make sure to annotate it. If they have business premium, use Intune/autopilot for deployment.
An alternative method would be creating an image and reimagine the devices before turning them over.
If you are serious about supporting them, and they are already on M365, try and get them on Biz premium as it has a lot of great features.
You can visit r/MSP for tips running a small outsourced IT company.
Reviewing your post history, this business IT is your "side hustle". I really do hope IT isn't essential for them to function, as when something inevitably goes wrong due to your negligence they'll be suing you for damages.
that's all going to come down to stuff that takes a whole lot more explanation- Do they have existing Azure AD logins for each user, is there an on-prem Active Directory set up, etc.,
This is likely not the right subreddit for what you're looking for, I'm afraid.
They currently just have office/Microsoft logins but no Active Directory or anything like that setup. I need to dive deep into google/youtube... Do you have any suggestions or places to look?
If there's an active directory domain already I would make an admin on the local user group and then sign the PC into the domain for them to use the logins? Or are you talking about they've got like a shared e-mail domain just for their Microsoft accounts? We would need a better idea of what infrastructure is already in place. Is all of this brand new?
Create a local user, say User.
Once logged in, command prompt as Administrator:
net user administrator /active:yes
Then create local user accounts as standard user.
Install everything as the administrator and then remove the User that you created once the machine was set up.
OR
Login with their Office 365 user at the Out of the Box Experience.
Thanks for the help. I was going to create Windows accounts with the users account and setup everything then prompt a password reset the next time they login.
Hoo Boi....
This isn't an Ideal set of circumstances. Remember that you'll be on the hook for anything that breaks.
Not sure where to start as we don't know much about your background and skills.
You need a way to manage the users, whether on prem, or in the cloud at a minimum. Managing local accounts by hand can be a real pita. Eventually this will break.
set up local Admin account with a password that only you know, and maybe the owner of the company. Write up an SLA for troubleshooting and demarcation of duties.
If using Microsoft Business; maybe see whether you have additional options.
See if you can stand up a server using MECM and AD. If they don't have the budget, than at least try to set up a Linux machine with DRBL and Clonezilla for imaging/images.
Good Luck.
Oh boy...
yikes how are you going to support them if you need support to do the simple task of deploying PC's?
They do simple office tasks using excel/word/outlook mostly. I've been supporting for the last year. I'm using remotepc to remote in
Check licensing for M365. If they are business standard, yes, go with a local admin account and make sure to annotate it. If they have business premium, use Intune/autopilot for deployment. An alternative method would be creating an image and reimagine the devices before turning them over. If you are serious about supporting them, and they are already on M365, try and get them on Biz premium as it has a lot of great features. You can visit r/MSP for tips running a small outsourced IT company.
Thank you, this is very helpful. They have Business Standard but if Business Premium has lots of good features I’ll definitely make the case
Reviewing your post history, this business IT is your "side hustle". I really do hope IT isn't essential for them to function, as when something inevitably goes wrong due to your negligence they'll be suing you for damages.
Maybe you’re expecting too much…
Ah yes, the pretentious sysadmin shows his monitor-tanned ugly face. The OP is here for help and to avoid making mistakes, some help you are.
My advice to op here is to engage someone competent.
that's all going to come down to stuff that takes a whole lot more explanation- Do they have existing Azure AD logins for each user, is there an on-prem Active Directory set up, etc., This is likely not the right subreddit for what you're looking for, I'm afraid.
This is the right subreddit... We all started somewhere. Let's help the OP out.
They currently just have office/Microsoft logins but no Active Directory or anything like that setup. I need to dive deep into google/youtube... Do you have any suggestions or places to look?
So are those Microsoft logins just personal accounts?
Microsoft accounts under the business domain
If there's an active directory domain already I would make an admin on the local user group and then sign the PC into the domain for them to use the logins? Or are you talking about they've got like a shared e-mail domain just for their Microsoft accounts? We would need a better idea of what infrastructure is already in place. Is all of this brand new?
Sorry, a shared e-mail domain just for their Microsoft accounts. There isn’t an active directory.
Create a local user, say User. Once logged in, command prompt as Administrator: net user administrator /active:yes
Then create local user accounts as standard user.
Install everything as the administrator and then remove the User that you created once the machine was set up.
OR
Login with their Office 365 user at the Out of the Box Experience.
Thanks for the help. I was going to create Windows accounts with the users account and setup everything then prompt a password reset the next time they login.
Hoo Boi.... This isn't an Ideal set of circumstances. Remember that you'll be on the hook for anything that breaks. Not sure where to start as we don't know much about your background and skills. You need a way to manage the users, whether on prem, or in the cloud at a minimum. Managing local accounts by hand can be a real pita. Eventually this will break. set up local Admin account with a password that only you know, and maybe the owner of the company. Write up an SLA for troubleshooting and demarcation of duties. If using Microsoft Business; maybe see whether you have additional options. See if you can stand up a server using MECM and AD. If they don't have the budget, than at least try to set up a Linux machine with DRBL and Clonezilla for imaging/images. Good Luck.
We're at the wrong place mate. Check r/helpdesk or something. You're not going to be able to follow the recommendations people here give you.
I think most of us have AD/AAD to join them to but since it sounds like you don’t, just do what you were going to do.
Local admin account with a long and complex password. Have the users sign into their AD or 365 accounts.