Conflicts can also prevent the backup of the managed local admin account and password to your tenants Directory. Devices that receive multiple Intune policies that include conflicting settings can fail to process policy. The Windows LAPS CSP supports a single configuration for each LAPS setting on a device. Instead, they manage an account that’s already on the device.Ĭonfigure and assign LAPS policies carefully. Intune’s LAPS policies do not create new accounts or passwords. However, when Administrator Account Name is left blank, the policy defaults to the devices built-in local admin account that is identified by its well-known relative identifier (RID).
If the account name specified in the policy isn’t present on the device, no account is managed. Intune policy can specify which local admin account it applies to by use of the policy setting Administrator Account Name. Windows LAPS allows for the management of a single local administrator account per device. Windows LAPS CSP configurations take precedence over, and overwrite, any existing configurations from other LAPS sources, like GPOs or the Legacy Microsoft LAPS tool. Intune policies manage LAPS by using the Windows LAPS configuration service provider (CSP). Intune’s provides support to configure Windows LAPS on devices through the Local admin password solution (Windows LAPS) (preview) profile, available through endpoint security policies for account protection. Frequently asked questions that can provide insight to configuring and using Intune LAPS policy.The role-based admin control (RBAC) permissions your account needs to have to manage LAPS policy.The perquisites for using Intune policies for LAPS.An overview of Intune’s Windows LAPS policy and capabilities.Manually rotate the password for the managed account.īefore creating policies, be familiar with the information in Microsoft Intune support for Windows LAPS, which includes:.View a device’s local admin account details.Create and assign Intune LAPS policy to devices.When you’re ready to manage the Windows Local Administrator Password Solution ( Windows LAPS) on Windows devices you manage with Microsoft Intune, the information in this article can help you use the Intune admin center to:
0 kommentar(er)
