![]() ![]() Snippet from Policy Creation - Naming Account Protection Policy Snippet from Endpoint Security, Account Protection Node, Policy Creation ViewĪs always, first step is naming policy as well as giving a description. Selecting Local admin password solution (Windows LAPS) from profile list will start policy creation wizard. As you notice, there are different account protection policy options such as Local User Group Membership or Account Protection as well as Local Admin Password Solution (Windows LAPS). Snippet from Endpoint Security, Account Protection Viewįirst option will be selecting platform for the policy, and the second option will be policy type itself. Clicking on “Create Policy” button will present policy creation wizard. Local Admin Password Solution policies can be configured from Endpoint Security Node, Account Protection view. Snippet from Azure Active Directory Devices Node, Device Settings ViewĪfter enabling feature on the tenant level, we can proceed with policy creation. ![]() Option to enable Azure AD Local Administrator Password Solution (LAPS) will be available for configuration. Rotating local administrator passwords manuallyĮnable Azure AD Local Administrator Password FeatureĮnabling Local administrator password settings in tenant level can be done in Azure AD portal, Devices node, Device settings view.Accessing local administrator passwords that are backed up.Enabling local administrator password feature on tenant level.Pre-requisites for enabling Windows LAPS may change in the future, so it is always a good idea to check online documentation first but the tasks we will cover in this post are as follows: In this blog post, I’ll walk you through basic policy configuration and core Windows LAPS functionalities such as accessing local administrator passwords from different consoles and manually triggering password rotation. This article on the other hand will focus on native cloud deployment for Windows 10/11 clients that does not have legacy LAPS client installed, managed through Intune and either Hybrid Azure AD Joined or Azure AD Joined. It also has interoperability with legacy LAPS solution. It has support for two main scenarios for backing up local administrator password such as storing passwords in Azure AD and Windows Server AD. As you may have heard Windows LAPS feature is released to Public Preview in the last week of April. ![]()
0 Comments
Leave a Reply. |