Microsoft publishes lengthy yet helpful guide on how to setup Windows LAPS via Intune
Around three weeks ago, Microsoft announced the availability of Windows LAPS (Local Administrator Password Solution) capabilities via the month’s Patch Tuesday. The feature is available on Windows 10, Windows 11, and also on servers. At the time, Microsoft didn’t share much details on the new LAPS, though today, it has went in-depth and shared how Microsoft Intune can be used for local password management.
Atıl Gürcan, who is a Senior Program Manager, Microsoft 365 CxP (Customer Experience Platform), writes in a Tech Community blog post:
As you may have heard; Windows LAPS feature is released to Public Preview in the last week of April. It has support for two main scenarios for backing up local administrator password such as storing passwords in Azure AD and Windows Server AD. It also has interoperability with legacy LAPS solution. This article on the other hand; will focus on native cloud deployment for Windows 10/11 clients that does not have legacy LAPS client installed, managed through Intune and either Hybrid Azure AD Joined or Azure AD Joined.
In this blog post, I’ll walk you through basic policy configuration and core Windows LAPS functionalities such as accessing local administrator passwords from different consoles and manually triggering password rotation.
The walkthrough covers:
-
Enabling Azure AD Local Administrator Password Feature
-
Creating Local Admin Password Policy
-
Monitoring Policy Application
-
Accessing Local Admin Passwords
You can check the guide article on Microsoft’s official website here.
Leave a Reply