Many customers have asked me in passing when Windows LAPS will be supported for managed devices joined to an Entra AD Domain Services domain (formerly known as Azure AD Domain Services). All I can share for now is that the owning team is aware of this ask and it is in their backlog. Please up-vote this feature to add your support!
It would also be helpful if you are willing to PM me with your company name and the # of EADDS\AADDS devices that would be Windows LAPS-enabled once the support is available.
Overview of Microsoft Entra Domain Services - Microsoft Entra ID | Microsoft Learn
thanks,
Jay
13 Comments
So, if I have Microsoft Entra Domain Services to manage Windows Servers and Microsoft Intune to manage users' endpoints. The LAPS will be available to endpoints only? No workaround to register windows servers with Microsoft Intune or Entra ID to gain the LAPS?
Hi, Is there any update on this? We would like to use LAPS in our EDS environment.
Cheers!
- JaySimmons
Microsoft
Hi chanlerone ,
Regrettably there are no updates. I have been periodically nudging the Entra AD Domain Service team on this request for well over a year. That team is open to the request, but has unable to get any actual traction so far due to other priorities (security, etc).
Note that I don't work on that team - it might be more effective to ping them directly in an Entra-specific forum, in order to keep the pressure on.
thx,
Jay
JaySimmons Thanks for chiming in.
chanlerone as Jay mentioned, we've had this on our backlog for a while. We've been bogged down with security related priorities in the last semester. This feature work is slated to begin later this year, while we are unable to share the exact start date, we can commit that the work will begin in the next semester (July - Dec 2025).
We are aware that this feature has been anticipated for a while; we are doing out best to ensure that we meet the timeline communicated above.
Thank you.
Charles
Hi Julien_Mitard,
I'm in the PM team with Entra Domain Services. We still have this in our backlog and have prioritized it as soon as we have capacity. The engineering team has been focusing on security hardening efforts in the last semester. We will be reviewing this in our planning for next quarter.
Thank you.
Any news regarding this missing feature? Would be nice being able to enable LAPS in Microsoft Entra Domain Services Instance.
Hello, is there any news regarding this topic ?
- JaySimmons
Hi DE-Robin - sorry nothing to share at this time.
Any news? 🙂
- JaySimmons
Hi Jacob_V - sorry, no updates to share at this time. I'm sharing your feedback with the Entra Domain Services team though.
JaySimmons hoping to hear some good news on this as we too have customers who want to move to native Entra ID and were curious when this would allow us to enable LAPS on Entra Domain Services joined devices.
Hello Jay,
I am a happy customer of Entra domain services because I hope I reduce the risk of outdated or misconfigured AD DS in my environment.
Maybe the upvotes are missing because it was really hard to find your request 🙂
I think there is more out there.
Best regards
Robin
- JaySimmonsStatus changed:NewtoIn the backlog
