Thanks for the video, I did originally just rename the built in local admin, but thought I'd come back to this and create a separate account like yourself.
Great video Instead of creating the policy for adding the account to local administrators I would add another line to the script to directly add the new local account to local admins group.
Thanks Mohammad, I agree with you 100% to extend the script and add to the admin group instead, I think I even mentioned that in the video, but the main purpose to do it by Intune was to show that specific feature, but I'm all with you that it is better to solve all in one place, the script!
@HeyRadu thanks, yes that is 100% the line that could had been added to save some trouble later (trouble I by purpose added to show one more Intune feature) :)
Excellent kindly let me know how to know global administrator is added as local administrator and members of global administrators will able to login on windows computers. Intune administrators will be added as local administrator on windows devices
Go back in the video to 00:19:26 and choose "Users/Groups" (instead of Manual as I do in the video), and then you can click on "Select users/groups" and browse your Entra ID for the user or group you want to add to the local administrator's group.
Hi another great video. I just got one question Im trying to add another keyboard layout through powershell script but even on policy dashboard it showing successful but deployment is not working any idea why?
Thanks, hmmm not sure, but adding another keyboard layout is a USER setting, do you deploy the script running under USER context? If you for example have it running under SYSTEM context you will get success but no user will see the new keyboard.
thanks, it can take a cycle to get it, but if longer than 8 hours and device is online and all it is strange. If you open the LAPS 'policy' and then click Report and check 'Check-in status' what does it says there? empty?
@@IntuneVitaDoctrina From the EventViewer on the affected device(s), I can usually see right away the ID 10013 "LAPS failed to find the currently configured administrator account" I'm using a slightly different PS script (same detection + remediation) to add my own local admin account, but I've noticed that on some reinstalled devices (via Intune Autopilot) even if the name of the devices is changed, the script is not running on some of these devices, weird. Note: I've also remember that some devices are shared, so I don't know if the Intune scripts running is affected by this scenario.
Hi Umesh, that was on my list, and then fell off, thanks for the reminder, it is going back to the list and I got Windows 365 video I want to do before and one Scheduled Task video and also iPhone/iPad management which would be a longer serie to cover all the aspects of management of those devices, it's coming but cannot say when :)
Marvelous, learned more than LAPS. Thanks Sir!
Thank you so much for this comment :) happy to hear
Great video. Keep up the good work
Thank you very much Arison!
Amazing video ! as usual !! great description and details !
Thank you so much, love to read comments like this :)
Thanks for the video, I did originally just rename the built in local admin, but thought I'd come back to this and create a separate account like yourself.
Thanks for taking time to comment!
Rename helps a bit, but yeah "hackers" know the SID of the account so they will still find it.
excellent video 🎉 congratulations and thanks for sharing it with the "errors" and necessary steps for the success.
Thank you so much for your comment :)
perfect as usual thanks
Thank you so much Seifeddine for the support
Excellent video.
thank you so much for taking time to write this comment
Great video
Instead of creating the policy for adding the account to local administrators I would add another line to the script to directly add the new local account to local admins group.
Thanks Mohammad, I agree with you 100% to extend the script and add to the admin group instead, I think I even mentioned that in the video, but the main purpose to do it by Intune was to show that specific feature, but I'm all with you that it is better to solve all in one place, the script!
@@IntuneVitaDoctrinais this the PS command ?
Add-LocalGroupMember -Group "Administrators" -Member "JBNAdmin"
@HeyRadu thanks, yes that is 100% the line that could had been added to save some trouble later (trouble I by purpose added to show one more Intune feature) :)
Excellent kindly let me know how to know global administrator is added as local administrator and members of global administrators will able to login on windows computers. Intune administrators will be added as local administrator on windows devices
Go back in the video to 00:19:26 and choose "Users/Groups" (instead of Manual as I do in the video), and then you can click on "Select users/groups" and browse your Entra ID for the user or group you want to add to the local administrator's group.
Hi another great video. I just got one question Im trying to add another keyboard layout through powershell script but even on policy dashboard it showing successful but deployment is not working any idea why?
Thanks, hmmm not sure, but adding another keyboard layout is a USER setting, do you deploy the script running under USER context? If you for example have it running under SYSTEM context you will get success but no user will see the new keyboard.
Great video, any idea on why some devices never receive the LAPS policy and how to force this ? Thank you.
thanks, it can take a cycle to get it, but if longer than 8 hours and device is online and all it is strange. If you open the LAPS 'policy' and then click Report and check 'Check-in status' what does it says there? empty?
@@IntuneVitaDoctrina
From the EventViewer on the affected device(s), I can usually see right away the ID 10013 "LAPS failed to find the currently configured administrator account"
I'm using a slightly different PS script (same detection + remediation) to add my own local admin account, but I've noticed that on some reinstalled devices (via Intune Autopilot) even if the name of the devices is changed, the script is not running on some of these devices, weird.
Note: I've also remember that some devices are shared, so I don't know if the Intune scripts running is affected by this scenario.
Hi, When will you make a video for iPhone management using Intune?
Hi Umesh, that was on my list, and then fell off, thanks for the reminder, it is going back to the list and I got Windows 365 video I want to do before and one Scheduled Task video and also iPhone/iPad management which would be a longer serie to cover all the aspects of management of those devices, it's coming but cannot say when :)
what is the use of Laps and it is free. if we use Account protection what is the disadvantages
LAPS is free, I would say the use is if you want a unique password of local administrator account per device.
Excellent videoes 🎉❤❤❤❤
Thanks a lot Ashwini for your support
Genio da informatica.
Grazie mille
Always beginner-friendly!
Thanks, yeah we are all beginner until we have worked a bit with it :)