Capability to Create local user within LAPS policy

Capability to Create local user within LAPS policy



 May 03 2023
6 Comments (6 New)
Working on it

Currently LAPS by default act on built-in local administrator user. If you want to have a new one you have to crate using different method. I think the possibility to specify a custom administrator account and have Intune create it will be very helpfull.

Status changed to: Needs more info

@vontier - can you please comment on why the Accounts CSP is not suitable for this purpose?   Or are you asking for a more integrated solution where messing with the Accounts CSP is never required?


I am looking at adding an automatic local account mgmt feature for Windows LAPS, but it won't be ready anytime soon.  There is IMO a potential here to create a confusing mess of overlapping policy responsibilities and I want to make sure that we come up with a clean solution.

Brass Contributor

Hello thanks for look at it.

I'm asking for a more integrated solution, so that we can manage even new user creation in the same LAPS policy. Just to have a single policy to manage and not multiple.

Status changed to: In the backlog

Hi @vontier (and others in this thread):


Please check out the new Windows LAPS "automatic account management mode" feature (and other new features!) that dropped in today's 26040 Canary build:


Announcing Windows 11 Insider Preview Build 26040 (Canary Channel)


I am actively seeking feedback on all of these features - just let me know.



Status changed to: Working on it