Event banner
Uplevel security with Endpoint Privilege Management + Windows LAPS
Event Ended
Tuesday, Nov 28, 2023, 07:00 AM PSTEvent details
It's simple. Running devices as standard user can help lower your attack surface. Let's talk about the threats we face today, the keys to implementing "just enough" access for your users with Microso...
Char_Cheesman
Updated Dec 27, 2024
LWilsonNovice
Nov 28, 2023Copper Contributor
Is there a built-in bare minimum permissions for users to retrieve the LAPS password from Intune?
- LauraArrizzaNov 28, 2023
Microsoft
To retrieve the LAPS password for a given device via the Intune portal or Entra portal, an admin needs to have specific permissions that allow this. You must have one of the following Microsoft Entra permissions:
- microsoft.directory/deviceLocalCredentials/password/read to read LAPS metadata and passwords.
- microsoft.directory/deviceLocalCredentials/standard/read to read LAPS metadata excluding passwords.
More details here: https://learn.microsoft.com/en-us/mem/intune/protect/windows-laps-overview#role-based-access-controls-for-laps