Microsoft
MicrosoftHi Karl Wester-Ebbinghaus - thanks for the kind words.
These improvements are implemented using a combination of code + associated policy settings (GCP, CSP\Intune). So you definitely need the Insider build to test these out.
If you apply any of the new settings to a current in-market OS (Win11\Win10\WS2022\WS2019), the new settings will be either ignored (all of the AutomaticAccount* settings) or reverted to a supported setting (PasswordComplexity).
One of the new features (image rollback detection) does require an on-premises AD schema update (re-run the Update-LapsADSchema cmdlet), but nothing will break if you forget to update the schema. See the following doc topic:
Windows LAPS OS image rollback detection and mitigation
I have no comments to make right now on backporting. I don't blame anyone for asking, but please realize that these features are literally "hot off the presses", so talking about backporting is premature. I welcome any and all customer feedback on whether the new features are solving the intended scenarios, feature quality, etc. Such feedback data will help us make future decisions.
thanks,
Jay