Announcing Windows LAPS management through Microsoft Intune.Here are additional content links to get started: Government clouds (GCC High and DoD) at release. LAPS will be available in all Intune environments, including U.S. Here's a walkthrough of this exciting evolution: View the password itself with the right permissions and see schedules for the last and next rotations.Choose to manually rotate the local admin password on a device outside the scheduled rotation.Monitor success using Intune's native reports.Create settings related to password complexity, rotation schedule, and target them to devices in their environment.Configure a policy to choose which directory they want to back up the local admin password.IT admins can use the first-class management experiences built into Microsoft Intune to configure cloud LAPS for a new set of capabilities. You don't need to deploy a client for it. The new solution is built into Windows, which enables improved servicing opportunities and support. It offers a fine-grained security model for securing passwords stored in Windows Server Active Directory and support for the Azure role-based access control model for securing passwords stored in Azure Active Directory. Windows LAPS provides protection against pass-the-hash and lateral-traversal attacks, improved security for remote help desk scenarios, and the ability to sign in to and recover otherwise inaccessible devices. One customer summed it up nicely: "I'm probably more excited about LAPS than any feature rolled out in the last year." It's a development that's been years in the making and anticipated by millions of Windows customers. The new Windows LAPS, now generally available, enables all the legacy LAPS features and functionality also to be supported through the cloud. But until now, LAPS has only worked on-prem - a major roadblock for enterprises looking to move to the cloud. Windows Local Administrator Password Solution is finally hereĮnterprises have long relied on the widely adopted Microsoft LAPS on-premises solution, which stores and manages the local admin password through the MSFT directory. Comment on this post or connect with me on LinkedIn. And third, new macOS software update policy settings allow end users more choice in scheduling updates while maintaining admin oversight.Īs you dive into these new features, let me know what you think. In another important development, Intune now offers IT pros the ability to add Google accounts to Android Enterprise personally owned devices. First, we're announcing the long-awaited Windows Local Administrator Password Solution (LAPS), which brings the popular security capabilities of on-premises LAPS to the cloud. New month, big news! For the April (2304) service release, we're excited to bring improvements to the security and user experience for three of the platforms we support for management – Windows, Android, and Mac.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |