Azure Domain Services Support for LAPS
Allow (or automatically install) LAPS within Azure Domain Services since this is the Microsoft supported standard for local administrator accounts.
LAPS: https://technet.microsoft.com/en-us/library/security/3062591.aspx

This is currently in planning for enabling it for Azure AD joined devices, NOT for AAD DS
59 comments
-
Anonymous commented
Our devices in Microsoft Security Center show as unsecure because of this not being configured even in Azure AD joined devices - it checks for a registry key that only works with LAPS. Would be nice if LAPS was configured so that we wouldn't have to ignore this setting on several hundred intune devices
Remediation options
Option 1 - Set the following Group Policy:
Computer Configuration\Policies\Administrative Templates\LAPS\Enable Local Admin Password Management
To the following value: EnableOption 2 - Set the following registry value:
HKLM\SOFTWARE\Policies\Microsoft Services\AdmPwd\AdmPwdEnabled
To the following REG_DWORD value: 1https://securitycenter.windows.com/security-recommendations/sca-_-scid-84?search=scid-84
-
Mahmud commented
There is no update at all on this, Hmmmm strange, this is not an option this must be implemented ASAP.
July 2019 planning for enabling it ????? today is Dec-2020, that is over a year now.
I hate promises that never even delivered.
-
Barone, Lou commented
Was hoping for ignite announcement on this but there wasnt one to my knowledge.
-
Hoang Nguyen Huu commented
Can keep us up to date on this
-
Kevin C commented
Update please....
-
Anonymous commented
@Azure AD Team, Any update on this?
-
Steffan commented
Last update from Admin over a year ago; any chance of an update ?
-
Brad commented
We need this. We are trying to follow the ASD essential 8, and we need this to ensure Admin is separate to user on our laptops.
https://www.cyber.gov.au/acsc/view-all-content/essential-eight/essential-eight-explained
-
Anonymous commented
This is much needed. Is there a update on the progress of this?
-
Christian Radice commented
Hello, is there any way we can get an update on the progress/timeline for this feature?
-
Rijt-van, Frank commented
Any update?
-
Anonymous commented
Any update on this ?
-
Sridharan AK commented
any beta /preview release available for testing?
-
alschneiter commented
Please move on with this
-
Anonymous J commented
This can't be an after thought for Enterprises in the cloud. Please prioritize this.
-
Anonymous commented
This is a critical need. When can we expect to have this functionality?
-
Ramu Venkitaramanan (Office) commented
Any update on this?
-
Taylor M commented
Can we please have an update regarding this? This is a MUST for enterprise.
-
M commented
This functionality for normal Azure AD joined devices is crucial for efficient saving of local admin password.
Please, make this available soon!
-
Anonymous commented
Hello,
Is there an update available?
Thanks!