Currently LAPS by default act on built-in local administrator user. If you want to have a new one you have to crate using different method. I think the possibility to specify a custom administrator account and have Intune create it will be very helpfull.
7 Comments
- JaySimmons
Microsoft
Status changed:Working on ittoCompletedHello - please see the new "Automatic account management" policy, now available in Windows 11 24H2 and Windows Server 2025.
- JaySimmonsStatus changed:In the backlogtoWorking on it
- JaySimmons
Hi vontier (and others in this thread):
Please check out the new Windows LAPS "automatic account management mode" feature (and other new features!) that dropped in today's 26040 Canary build:
Announcing Windows 11 Insider Preview Build 26040 (Canary Channel)
I am actively seeking feedback on all of these features - just let me know.
Jay
- JaySimmonsStatus changed:Needs more infotoIn the backlog
Hello thanks for look at it.
I'm asking for a more integrated solution, so that we can manage even new user creation in the same LAPS policy. Just to have a single policy to manage and not multiple.
- JaySimmons
vontier - can you please comment on why the Accounts CSP is not suitable for this purpose? Or are you asking for a more integrated solution where messing with the Accounts CSP is never required?
I am looking at adding an automatic local account mgmt feature for Windows LAPS, but it won't be ready anytime soon. There is IMO a potential here to create a confusing mess of overlapping policy responsibilities and I want to make sure that we come up with a clean solution.
- JaySimmonsStatus changed:NewtoNeeds more info
