Please add support for passphrases on LAPS where we can use four words dash (-) separated. It makes supporting a device remotely way easier since the password cannot be copied and pasted over remote sessions on most cases. There is too much ambiguity on charactes like “lower case L” “capital case i” and “pipe” and others. Thanks ... View more

Many customers have asked for Windows LAPS to support a suitable replacement for the legacy LAPS UI (AdmPwd.UI.exe). Yes we have the new LAPS tab in ADUC but it seems many customers don't use ADUC that much, especially for helpdesk workers.  Also, ADUC does not have the ability to display password history (frankly there's just not enough UI real-estate left in that dialog).   I would really like to hear feedback from customers on what scenarios a new Windows LAPS UI should support. Off the top of my head, it should:   1. Support targeting of a specific forest 2. Support searching for a specific computer account by various name forms, or by object picker 3. Support setting of the password expiration timestamp 4. Support retrieving of both the current password and password history   A more exotic idea would be a "RDP Connect to device" button which would combine 1) pwd retrieval; 2) on-the-fly creation of an RDP shortcut with password; 3) launching the RDP client.     Looking forward to hearing other suggestions on this topic! :) ... View more

Would make things easier if Microsoft implement new Features for all supported OS Versions not only for the newest.    Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows 10 LTSC ... ... View more

Currently LAPS by default act on built-in local administrator user. If you want to have a new one you have to crate using different method. I think the possibility to specify a custom administrator account and have Intune create it will be very helpfull. ... View more

Create an opt-in configuration option that tells the LAPS service to not use certain characters in LAPS-generated passwords, such as o, O, 0, l, 1, etc. ... View more

Currently, you have to set LAPS at the OU level.  In a large organization with upwards of 500 OUs across multiple domains, that is a daunting task.  Allow it to be set at the Do main level will ease the burden on the staff for managing and maintaining this as we work through AD Consolidation. ... View more

we have set Post Authentication delays to 24 hours, and as per the action setting, password should be reset again, but it doesn't happen, can you fix this?   also please add the capability to to Create local user within LAPS policy   ... View more

DSRM password management works fine on DCs, but not on RODCs. Any chance this can be supported in the future? ... View more