Local admin account creation error

mbuonassissi-toyota
Copper Contributor
Aug 09, 2023
Mathg76

Yep. We're not implementing LAPS at this time. We're directed to stay with the local managed password. I noticed the title of this thread was "Local admin account creation error" and AB21805 stated perfectly what the result is, namely, that the process works but Intune reports an error.

At that point rahuljindal-MVP commented that it was a "Known bug related to the CSP. GET function not supported so the compliance is never reported as success. But the local admin account will apply."

So, my question was, where did he see documentation of this "Known Bug" from Microsoft. I'd like to provide this to our Stakeholders so they can be confident that this is in fact a known bug.
- Rudy_Ooms_MVP
  MVP
  Aug 10, 2023
  If those stakeholders can read the documentation 🙂 ... I am explaining "the why" on my own blog about this error
  https://call4cloud.nl/2021/12/i-kill-remediation-errors/
  
  So looking at the Users/UserName/Password. It is telling us that the supported operation is Add and the GET operation is not supported. Also to add... in my opinion its not a bug, its just how it was designed.... Otherwise we could use the csp to fetch passwords?
  
  And the link to the official ms doc mentioning it
  
  https://learn.microsoft.com/en-us/windows/client-management/mdm/accounts-csp
  - shocko
    Steel Contributor
    Sep 22, 2023
    So I wonder what use is this? We wish to use that CSP and configuraiton profile to create a new local admin and set the password and this works but now our devices always shows as having a config error. I guess is the onyl secure method of doing this so I'll have to live with it 😞
- rahuljindal-MVP
  Bronze Contributor
  Aug 09, 2023
  https://github.com/MicrosoftDocs/windows-itpro-docs/issues/1753
  - shocko
    Steel Contributor
    Sep 22, 2023
    I was looking for this! thanks

Forum Discussion

Resources