Azure Domain Services Support for LAPS
Allow (or automatically install) LAPS within Azure Domain Services since this is the Microsoft supported standard for local administrator accounts.
This is currently in planning for enabling it for Azure AD joined devices, NOT for AAD DS
This functionality for normal Azure AD joined devices is crucial for efficient saving of local admin password.
Please, make this available soon!
Is there an update available?
Kurt P commented
I would totally be willing to participate in Beta/Private Preview of this if you are looking for AAD Joined organizations to participate!
Victor Meyer commented
Please can somebody comment on why this isn't supported for AAD:DS yet? Is this a schema issue or an RODC / Writeable DC issue? Thanks.
Brian Knackstedt commented
Is there any update regarding LAPS and Azure AD joined Windows 10 devices?
Dear Azure AD Team,
Is there any update regarding LAPS and Azure AD?
Our servers are all Azure AD DS joined and I would like to implement LAPS on those servers if possible. Is there any guidlines or preview i can use?
Thanks in advance.
As no update or FR ticket number provided, we've raised this with our TAM in hopes of, at least, some assurance a solution is actively being developed for AAD joined devices.
Have you checked out SYNERGIX Seva ( Secrets Vault ) software ? It is something you're looking for. It is free for EDU and NFP for managing built-in ( S-500 ) administrator account
Any update on this? We would LOVE the ability for this amazing simple secure process to work with Azure AD joined devices. We love LAPS on premise, but machine needs line of sight to DC, which is less and less often.
We would love to see LAPS in Azure please. There is a lot of demand for a mobile password solution.
Synergix Secrets Vault 2019
PASSWORD ROTATION AS A SERVICE
- Alternative solution for Microsoft LAPS
Supports Azure AD DS, Azure AD, On Premises PLUS Workgroup joined computers
Windows 7 SP1, 8.x, 10, Windows Server 2008 /R2, 2012/R2, 2016 and 2019
MacOS UNIX support coming soon
+ System Information
+ Security Event Forwarding
Secrets Vault 2019 is free* for EDU !
* Contact email@example.com to get offer details for Edu and license key
We have organizations requesting for LAPS in AAD to meet “Local admin password change policy - 90 days” for AAD only joined devices. Please consider in your release.
There are two different asks as part of this suggestion, one for AAD Domain Services and another for AAD joined devices
We're considering this as an ask for AAD joined devices that currently in planning as that seems to be most needed capability. For AAD DS, please create another suggestion
Yuyo Chou commented
Would love to have it so we can have it for the AutoPilot AAD joined machines.
Luke Quarrie commented
Any update on this Windows people? It seems like a no brainer to put it into AAD as everyone seems to want.
For Local Admin Password Rotation in AAD too, same .. Secrets Vault by Synergix is a candidate solution. https://www.synergix.com. So AAD, Azure AD and on prem ... all covered by one software.
Johannes Schwartz commented
It's especially important for AAD Domain Servces joined servers, as these are often enough migrated workloads and should not suffer the bad practice of the same local admin password.
Any update on this? We would want it for Azure AD joined (hybrid too). Ideally, a part of AAD Intune and/or co-management.
OK "Under Review" since December 6, 2018. ANy updates on this?
Chris Farley commented
I want this for AAD Domain Services. I think it would only require the schema to be extended on the domain. If that was done as part of the DS template, then we would have the option to use it.