Beginning mid-April 2025, admins will need the 'Intune Service Administrator' RBAC permission to configure device limit enrollment restrictions. Without this permission, the policies will be read-only. Review and update your RBAC assignments accordingly.
Beginning mid-April 2025, or soon after, admins will be required to have the ‘Intune Service Administrator’ role-based access control (RBAC) permission to configure device limit enrollment restrictions policy.
How this will affect your organization:
Admins managing these policies will be required to have the ‘Intune Service Administrator’ RBAC permission to update the device limit enrollment restrictions policy. (Devices > Enroll devices > Device limit restrictions). If they do not have this permission, these policies will be read-only.
What you need to do to prepare:
Review your RBAC assignments and update as needed to allow admins permission to update device limit restrictions.
Additional information:
Create device limit restrictions - Microsoft Intune | Microsoft Learn
Role-based access control (RBAC) with Microsoft Intune