HTMD Community | Intune and Windows LAPS Deep Dive plus Basic Troubleshooting @htmdcommunity | Uploaded 10 months ago | Updated October 05 2023
Intune and Windows LAPS Deep Dive Basic Troubleshooting. HTMD Monthly User Group recording Windows Local Administrator Password Solution (LAPS) by Debabrata Pati.
#intune #msintune #microsoftintune #howtomanagedevices #htmdcommunity #windows11 #windowslaps
==
Related Blog posts
Windows LAPS Role-Based Access Controls using Intune - https://www.anoopcnair.com/windows-laps-role-based-access-controls-intune/
Setup New Windows LAPs using Intune Policies Local Admin Password Management Policy - https://www.anoopcnair.com/windows-laps-using-intune-local-admin-password/
Windows LAPS Configurations from Azure AD and Intune - https://www.anoopcnair.com/windows-laps-azure-ad-and-intune/
Microsoft Intune 2304 April Update Windows LAPS Management - https://www.anoopcnair.com/intune-2304-april-update-laps-management/
New Built-in LAPs Client for Windows 11 and 10 | Conflict with Old Version of LAPs - https://www.anoopcnair.com/new-built-in-laps-client-for-windows-11-and-10/
Azure AD LAPs Group Policy Settings for Windows 11 | Intune Policy for LAPs - https://www.anoopcnair.com/azure-ad-laps-group-policy-settings-windows-11/
Old LAPS for Windows 10 11 Privileged Access Management - https://www.anoopcnair.com/laps-for-windows-10/
==
Introduction to Windows LAPS
LAPS stands for Local Administrator Password Solution.
The local admin account password is set during the OS installation of a device, but it is difficult to change all the device passwords. By using Windows LAPS, you can change it easily.
Windows LAPS is a feature of Windows that automatically backup the password of the local administrator account for AD and Azure AD joined devices.
Using LAPS, we can set unique local admin passwords for each device.
Password can be saved on AD (AD joined device) or Azure AD (AAD joined device).
==
Pre-Requisite for LAPS Deployment? Pre-Requisite for New Windows LAPS Deployment?
Windows 10 20H2 (19042.2846)
Windows 10 21H2 (19044.2846)
Windows 10 22H2 (19045.2846)
Windows 11 21H2 (22621.1555)
Windows 11 22H2 (22000.1817)
Windows Server 2022 and Windows Server Core 2022
Windows Server 2019
The License Requirement for new Windows LAPs implementation is Intune subscription β Microsoft Intune Plan 1.
==
Enable LAPS in Azure AD?
Sign in to the entra.microsoft.com
Navigate to Azure Active Directory - Device - Device Settings
Under Local Administrator settings select βYesβ Enable Azure AD Local Administrator Password Solution (LAPS).
==
Configuration Profile to Rename and Enable Local Admin Account?
Accounts Enable Administrator Account Status - Enable.
Accounts Rename Administrator Account - Provide the custom account name
https://www.youtube.com/watch?v=cP-Q5c6iI_w
==
How to Deploy New Windows LAPS Using Intune?
Login into https://intune.Microsoft.com
Navigate to Endpoint Security - Account Protection
Click on Create policy
Select the platform Windows 10 and later and select the profile Local admin password solution (Windows LAPS) - click on Create
==
Provide the name of the profile - Next.
In Configuration settings set the configuration to the requirement.
Click Next to assign the scope tag - Next, assign to the group - Review the settings - Create.
==
Verify the policy assigned successfully from Intune portal.
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Policies\LAPS
==
View LAPS Password from Intune?
Local Admin Password from Device Properties?
==
Rotate LAPS Password from Intune?
There is an option in Intune admin centre remote actions menu to Rotate Local Admin Password.
==
View LAPS Password from Entra ID - Devices?
Local Administrator Password Recovery option from Entra.Microsoft.com portal.
==
More Blog posts related to SCCM/Intune/Windows 11/Cloud PC/AVD/Hyper-V/Cloud/IT Pro/Azure -
β https://www.anoopcnair.com/windows-365/
π Stay Connected - https://howtomanagedevices.com/stay-connected/ π https://howtomanagedevices.com/sccm/1791/how-to-manage-devices-live-digital-events-weekend-learning/
#CloudPC #Windows365 #W365
https://howtomanagedevices.com/
Learn SCCM Read https://www.anoopcnair.com/sccm/
https://www.anoopcnair.com/learn-sccm-intune/
Learn Intune Read - https://www.anoopcnair.com/intune/
https://www.anoopcnair.com/learn-microsoft-intune/
Learn Windows 10 Read - https://www.anoopcnair.com/windows-10/
Learn Hyper-V Read - https://www.anoopcnair.com/hyperv-2/
Learn About Cloud Read - https://www.anoopcnair.com/cloud/
Learn about Azure Read - https://www.anoopcnair.com/cloud/azure/
Learn About IT Pros Events - https://www.anoopcnair.com/itpro/
Learn about me - https://www.anoopcnair.com/about/
#SCCM #ConfigMgr #SCCMVideos #SCCMTutorials #SCCMStudyVideos #SCCMFreeTraining #SCCMTraining #HowtoManageDevices
#Intune #MicrosoftIntune #IntuneVideos #IntuneTutorials #IntuneGuide #IntuneStudy #MSIntune #IntuneTraining #HowtoManageDevices
Intune and Windows LAPS Deep Dive Basic Troubleshooting. HTMD Monthly User Group recording Windows Local Administrator Password Solution (LAPS) by Debabrata Pati.
#intune #msintune #microsoftintune #howtomanagedevices #htmdcommunity #windows11 #windowslaps
==
Related Blog posts
Windows LAPS Role-Based Access Controls using Intune - https://www.anoopcnair.com/windows-laps-role-based-access-controls-intune/
Setup New Windows LAPs using Intune Policies Local Admin Password Management Policy - https://www.anoopcnair.com/windows-laps-using-intune-local-admin-password/
Windows LAPS Configurations from Azure AD and Intune - https://www.anoopcnair.com/windows-laps-azure-ad-and-intune/
Microsoft Intune 2304 April Update Windows LAPS Management - https://www.anoopcnair.com/intune-2304-april-update-laps-management/
New Built-in LAPs Client for Windows 11 and 10 | Conflict with Old Version of LAPs - https://www.anoopcnair.com/new-built-in-laps-client-for-windows-11-and-10/
Azure AD LAPs Group Policy Settings for Windows 11 | Intune Policy for LAPs - https://www.anoopcnair.com/azure-ad-laps-group-policy-settings-windows-11/
Old LAPS for Windows 10 11 Privileged Access Management - https://www.anoopcnair.com/laps-for-windows-10/
==
Introduction to Windows LAPS
LAPS stands for Local Administrator Password Solution.
The local admin account password is set during the OS installation of a device, but it is difficult to change all the device passwords. By using Windows LAPS, you can change it easily.
Windows LAPS is a feature of Windows that automatically backup the password of the local administrator account for AD and Azure AD joined devices.
Using LAPS, we can set unique local admin passwords for each device.
Password can be saved on AD (AD joined device) or Azure AD (AAD joined device).
==
Pre-Requisite for LAPS Deployment? Pre-Requisite for New Windows LAPS Deployment?
Windows 10 20H2 (19042.2846)
Windows 10 21H2 (19044.2846)
Windows 10 22H2 (19045.2846)
Windows 11 21H2 (22621.1555)
Windows 11 22H2 (22000.1817)
Windows Server 2022 and Windows Server Core 2022
Windows Server 2019
The License Requirement for new Windows LAPs implementation is Intune subscription β Microsoft Intune Plan 1.
==
Enable LAPS in Azure AD?
Sign in to the entra.microsoft.com
Navigate to Azure Active Directory - Device - Device Settings
Under Local Administrator settings select βYesβ Enable Azure AD Local Administrator Password Solution (LAPS).
==
Configuration Profile to Rename and Enable Local Admin Account?
Accounts Enable Administrator Account Status - Enable.
Accounts Rename Administrator Account - Provide the custom account name
https://www.youtube.com/watch?v=cP-Q5c6iI_w
==
How to Deploy New Windows LAPS Using Intune?
Login into https://intune.Microsoft.com
Navigate to Endpoint Security - Account Protection
Click on Create policy
Select the platform Windows 10 and later and select the profile Local admin password solution (Windows LAPS) - click on Create
==
Provide the name of the profile - Next.
In Configuration settings set the configuration to the requirement.
Click Next to assign the scope tag - Next, assign to the group - Review the settings - Create.
==
Verify the policy assigned successfully from Intune portal.
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Policies\LAPS
==
View LAPS Password from Intune?
Local Admin Password from Device Properties?
==
Rotate LAPS Password from Intune?
There is an option in Intune admin centre remote actions menu to Rotate Local Admin Password.
==
View LAPS Password from Entra ID - Devices?
Local Administrator Password Recovery option from Entra.Microsoft.com portal.
==
More Blog posts related to SCCM/Intune/Windows 11/Cloud PC/AVD/Hyper-V/Cloud/IT Pro/Azure -
β https://www.anoopcnair.com/windows-365/
π Stay Connected - https://howtomanagedevices.com/stay-connected/ π https://howtomanagedevices.com/sccm/1791/how-to-manage-devices-live-digital-events-weekend-learning/
#CloudPC #Windows365 #W365
https://howtomanagedevices.com/
Learn SCCM Read https://www.anoopcnair.com/sccm/
https://www.anoopcnair.com/learn-sccm-intune/
Learn Intune Read - https://www.anoopcnair.com/intune/
https://www.anoopcnair.com/learn-microsoft-intune/
Learn Windows 10 Read - https://www.anoopcnair.com/windows-10/
Learn Hyper-V Read - https://www.anoopcnair.com/hyperv-2/
Learn About Cloud Read - https://www.anoopcnair.com/cloud/
Learn about Azure Read - https://www.anoopcnair.com/cloud/azure/
Learn About IT Pros Events - https://www.anoopcnair.com/itpro/
Learn about me - https://www.anoopcnair.com/about/
#SCCM #ConfigMgr #SCCMVideos #SCCMTutorials #SCCMStudyVideos #SCCMFreeTraining #SCCMTraining #HowtoManageDevices
#Intune #MicrosoftIntune #IntuneVideos #IntuneTutorials #IntuneGuide #IntuneStudy #MSIntune #IntuneTraining #HowtoManageDevices