Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure Active Directory?

← Azure Active Directory

Azure Domain Services Support for LAPS

Allow (or automatically install) LAPS within Azure Domain Services since this is the Microsoft supported standard for local administrator accounts.

LAPS: https://technet.microsoft.com/en-us/library/security/3062591.aspx

505 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Bill McIlhargey shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

63 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Brad commented  ·   ·  Flag as inappropriate

    Only Azure AD, having Azure Active Directory Domain Services as a requirement would be too expensive it not currently using AADS. :)

    When is the release date?

  • Brad commented  ·   ·  Flag as inappropriate

    Only Azure AD, having Azure Active Directory Domain Services as a requirement would be too expensive it not currently using AADS. :)

  • SB commented  ·   ·  Flag as inappropriate

    We definitely want this on AAD joined devices. But why not have both? ;)

  • James R commented  ·   ·  Flag as inappropriate

    I’m looking for this for AAD joined machines. I would be happy to see this as an Intune feature or AAD. I’m currently reviewing our setup and looking if moving to AAD is right for us. LAPS is something that I need to consider.

  • Steve commented  ·   ·  Flag as inappropriate

    Having it directly in AAD would be even better than having it in Azure Domain Services or InTune!

  • Anonymous commented  ·   ·  Flag as inappropriate

    This is fantastic news. Please release this ASAP! Very excited that this is now on the agenda :)

  • John commented  ·   ·  Flag as inappropriate

    Awesome news! Yes, I would like this feature for AAD joined Windows 10 machines. It would be great to manage it through Intune.

    My scenario is the ability to change the local admin passwords. Currently, I'm using Intune OMA-URI to create a local admin account and set the password, BUT I cannot change the password once it has been set (using this method).

    I find the need to change the local admin passwords is necessary. I have 2 frequent scenarios for this need: 1) good security practice and 2) IT admin turnover.

  • Dhirendra commented  ·   ·  Flag as inappropriate

    Is there new development on this? or MS scrapped this beautiful idea? any other solution from MS for LAPS on AAD

  • Bryan commented  ·   ·  Flag as inappropriate

    I concur as well, and I there are two scenarios I'd like to see: First, for machines in AAD Domain Services. Second, for AAD-joined Windows clients. In both cases, I'd like an easy way to expose this, much like in Windows Admin Center. As Mateusz pointed out, it would be great to have this as something that could be integrated in third-party solutions (TeamViewer, for example).

1 3

Azure Active Directory: Azure AD Join

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice