This document provides a brief explanation on how to create a Local admin password solutions (LAPS) Policy in Azure or Intune enrolled Windows 10/11 Devices.
LAPS policies provide the configuration and allow for Active Directory only joined windows machines to continue to store the credential in their directory but for Intune and Azure AD only joined devices the password can be stored within Azure Active Directory.
Prerequisites
>Devices should be enabled with Local Admin or built-in Administrator account.
>Autopilot enrolled devices Create Local Admin Using Intune
>Devices should be enrolled in Azure AD or Intune.
>Devices should be updated with April 2023 Cumulative Update.
Enable Local Admin Password Settings
Navigate to > portal.azure.com / Azure Active Directory
Create Windows LAPS Policy
Navigate to > endpoint.microsoft.com
Local Administrator Password Recovery
Navigate to > endpoint.microsoft.com
