Add a Admin user to Administrators Group

Inspired by:
Michael Mardahl | https://www.iphase.dk
Jordan Russel | http://www.jrsoftware.org/

Sources:
https://www.iphase.dk/local-administrators-on-aad-joined-devices/
http://www.jrsoftware.org/
https://www.exemsi.com/download/

Create a folder named Add_Local_Admin
In Add_Local_Admin create three folders:
_Inno
_Intunewin
Install

Download PSAppDeployToolkit and extract

Copy Toolkit files to Install

Create a Add_Local_Admin.ps1 file and save in Add_Local_Admin\Install\Files

New-LocalUser -Name "Admin" -Description "Admin." -NoPassword
net user Admin PASSWORD123@
wmic useraccount where "Name='Admin'" set PasswordExpires=false
net user "Admin" /PasswordChg:No
Add-LocalGroupMember -Group "Administrators" -Member "Admin"

Change on line 2 PASSWORD123@ to what password you want

Create a Unistall.ps1 file and save in Add_Local_Admin\Install\Files

Remove-LocalGroupMember -Group "Administrators" -Member "Admin"
Remove-LocalUser -Name "Admin"

Edit in the Add_Local_Admin\Install the Deploy-Application.ps1 file

Line: 64 to 76
Add # on line 120
Add # on line 123
Add # on line 160
Add # on line 163
Add below line 140 the script.

$destinationFolder = join-path $envProgramFilesX86 "\Add_Local_Admin"
New-Folder -Path $destinationFolder
Copy-File -Path "$dirFiles\*.*" -Destination $destinationFolder\Files
$myParameters = '-ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File "{0}"' -f "$destinationFolder\Files\Add_Local_Admin.ps1"
Execute-Process -Path 'powershell.exe' -Parameters $myParameters -WindowStyle 'hidden'
Remove-Item -Path "$destinationFolder\Files\Add_Local_Admin.ps1"

Below line 185 add the below code

$destinationFolder = join-path $envProgramFilesX86 "\Add_Local_Admin"
$myParameters = '-ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File "{0}"' -f "$destinationFolder\Files\Unistall.ps1"
Execute-Process -Path 'powershell.exe' -Parameters $myParameters -WindowStyle 'hidden'

Making Add_Local_Admin.exe

Download Inno Setup and install the software

Create in Notepad++ a file Add_Local_Admin.iss and save to _Inno folder
Copy and paste the below code 

; Script generated by the Inno Script Studio Wizard.
; SEE THE DOCUMENTATION FOR DETAILS ON CREATING INNO SETUP SCRIPT FILES!

[Setup]
; NOTE: The value of AppId uniquely identifies this application.
; Do not use the same AppId value in installers for other applications.
; (To generate a new GUID, click Tools | Generate GUID inside the IDE.)
AppId={
AppName=Add_Local_Admin
AppVersion=1.0
AppPublisher=knowledgebase.it
AppPublisherURL=https://knowledgebase.it
AppSupportURL=https://knowledgebase.it
AppUpdatesURL=https://knowledgebase.it
DefaultDirName={autopf}\Add_Local_Admin
DisableDirPage=yes
DefaultGroupName=Add_Local_Admin
DisableProgramGroupPage=yes
OutputDir="C:\Add_Local_Admin\_Intunewin"
OutputBaseFilename=Add_Local_Admin
Compression=lzma
SolidCompression=yes

[Files]
Source: "C:\Add_Local_Admin\Install\*"; DestDir: "{app}"; Flags: ignoreversion recursesubdirs createallsubdirs
; NOTE: Don't use "Flags: ignoreversion" on any shared system files

[Run]
Filename: "{app}\Deploy-Application.exe"; Parameters: "Install"; WorkingDir: "{app}"; Flags: waituntilterminated hidewizard runhidden

[UninstallRun]
Filename: "{app}\Deploy-Application.exe"; Parameters: "Uninstall"; WorkingDir: "{app}"; Flags: waituntilterminated hidewizard runhidden

[UninstallDelete]
Type: filesandordirs; Name: "{app}*"

Open Inno Setup Compiler and generate a App id on line 8

Run the script (F9)

Making Add_Local_Admin.intunewin

Create a install.cmd file and save in Add_Local_Admin\_Intunewin

Add_Local_Admin.exe /VERYSILENT /SUPPRESSMSGBOXES

Create a Uninstall.cmd file and save in Add_Local_Admin\_Intunewin 

@ECHO OFF
SET ThisScriptsDirectory=%~dp0
SET PowerShellScriptPath=%ThisScriptsDirectory%Unistall.ps1
PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""%PowerShellScriptPath%""' -Verb RunAs}";

Create a Uninstall.ps1 file and save in Add_Local_Admin_Intunewin 

$program = "C:\Program Files (x86)"
& $program\Add_Local_Admin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES

Download IntuneWinAppUtil.exe

Open cmd with admin rights and go to IntuneWinAppUtil.exe

Upload Add_Local_Admin.intunewin

https://portal.azure.com/#blade/Microsoft_Intune_Apps/MainMenu/1/selectedMenuItem/Overview

Microsoft Intune > Client apps > Apps
App type: Windows app (Win32)
Name: Add_Local_Admin
Description: Add a Admin user to Administrators Group
Pubisher: Knowledgebase
Category: Computer management
Display this as a featured app in the Company Portal: Yes or No
Upload a logo
Wait for complete upload
Install command: Install.cmd
Unistall command:  Uninstall.cmd
Install behavior: System
Operating system architecture: 64-bit
Minimum operating system: Windows 10 1607
Detection rules>
Rule type: File
Path: C:\Program Files (x86)\
File or folder: Add_Local_Admin
Detection method: File or folder exists
Associated with a 32-bit app on 64-bit clients: Yes

Assign a group in Assignments