Forum Discussion
Local admin account creation error
Yep. We're not implementing LAPS at this time. We're directed to stay with the local managed password. I noticed the title of this thread was "Local admin account creation error" and AB21805 stated perfectly what the result is, namely, that the process works but Intune reports an error.
At that point rahuljindal-MVP commented that it was a "Known bug related to the CSP. GET function not supported so the compliance is never reported as success. But the local admin account will apply."
So, my question was, where did he see documentation of this "Known Bug" from Microsoft. I'd like to provide this to our Stakeholders so they can be confident that this is in fact a known bug.
If those stakeholders can read the documentation 🙂 ... I am explaining "the why" on my own blog about this error
https://call4cloud.nl/2021/12/i-kill-remediation-errors/
So looking at the Users/UserName/Password. It is telling us that the supported operation is Add and the GET operation is not supported. Also to add... in my opinion its not a bug, its just how it was designed.... Otherwise we could use the csp to fetch passwords?
And the link to the official ms doc mentioning it
https://learn.microsoft.com/en-us/windows/client-management/mdm/accounts-csp
- Awesome. Thank you guys so much for this!
- So I wonder what use is this? We wish to use that CSP and configuraiton profile to create a new local admin and set the password and this works but now our devices always shows as having a config error. I guess is the onyl secure method of doing this so I'll have to live with it 😞
