Configure Windows LAPS in Intune

Поделиться
HTML-код
  • Опубликовано: 22 дек 2024

Комментарии • 35

  • @webclanka4490
    @webclanka4490 Месяц назад +2

    Marvelous, learned more than LAPS. Thanks Sir!

  • @aRiflip
    @aRiflip 10 месяцев назад +2

    Great video. Keep up the good work

  • @baclm555
    @baclm555 4 месяца назад +1

    Amazing video ! as usual !! great description and details !

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  4 месяца назад +1

      Thank you so much, love to read comments like this :)

  • @Catonkey1
    @Catonkey1 7 месяцев назад +1

    Thanks for the video, I did originally just rename the built in local admin, but thought I'd come back to this and create a separate account like yourself.

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  7 месяцев назад

      Thanks for taking time to comment!
      Rename helps a bit, but yeah "hackers" know the SID of the account so they will still find it.

  • @hoskyseriousinvestor
    @hoskyseriousinvestor 4 месяца назад +1

    excellent video 🎉 congratulations and thanks for sharing it with the "errors" and necessary steps for the success.

  • @seifeddinemareghni
    @seifeddinemareghni 10 месяцев назад +2

    perfect as usual thanks

  • @Today-is-a-present
    @Today-is-a-present Месяц назад +1

    Excellent video.

  • @mohammadaqashahi4807
    @mohammadaqashahi4807 10 месяцев назад +1

    Great video
    Instead of creating the policy for adding the account to local administrators I would add another line to the script to directly add the new local account to local admins group.

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  10 месяцев назад +1

      Thanks Mohammad, I agree with you 100% to extend the script and add to the admin group instead, I think I even mentioned that in the video, but the main purpose to do it by Intune was to show that specific feature, but I'm all with you that it is better to solve all in one place, the script!

    • @HeyRadu
      @HeyRadu 10 месяцев назад +1

      @@IntuneVitaDoctrinais this the PS command ?
      Add-LocalGroupMember -Group "Administrators" -Member "JBNAdmin"

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  10 месяцев назад

      @HeyRadu thanks, yes that is 100% the line that could had been added to save some trouble later (trouble I by purpose added to show one more Intune feature) :)

  • @unkownuser2320
    @unkownuser2320 10 месяцев назад +1

    Excellent kindly let me know how to know global administrator is added as local administrator and members of global administrators will able to login on windows computers. Intune administrators will be added as local administrator on windows devices

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  10 месяцев назад +1

      Go back in the video to 00:19:26 and choose "Users/Groups" (instead of Manual as I do in the video), and then you can click on "Select users/groups" and browse your Entra ID for the user or group you want to add to the local administrator's group.

  • @shankhan-xm1yp
    @shankhan-xm1yp 8 месяцев назад +1

    Hi another great video. I just got one question Im trying to add another keyboard layout through powershell script but even on policy dashboard it showing successful but deployment is not working any idea why?

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  8 месяцев назад

      Thanks, hmmm not sure, but adding another keyboard layout is a USER setting, do you deploy the script running under USER context? If you for example have it running under SYSTEM context you will get success but no user will see the new keyboard.

  • @HeyRadu
    @HeyRadu 9 месяцев назад +1

    Great video, any idea on why some devices never receive the LAPS policy and how to force this ? Thank you.

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  9 месяцев назад

      thanks, it can take a cycle to get it, but if longer than 8 hours and device is online and all it is strange. If you open the LAPS 'policy' and then click Report and check 'Check-in status' what does it says there? empty?

    • @HeyRadu
      @HeyRadu 9 месяцев назад +1

      @@IntuneVitaDoctrina
      From the EventViewer on the affected device(s), I can usually see right away the ID 10013 "LAPS failed to find the currently configured administrator account"
      I'm using a slightly different PS script (same detection + remediation) to add my own local admin account, but I've noticed that on some reinstalled devices (via Intune Autopilot) even if the name of the devices is changed, the script is not running on some of these devices, weird.
      Note: I've also remember that some devices are shared, so I don't know if the Intune scripts running is affected by this scenario.

  • @UmeshMathkar
    @UmeshMathkar 10 месяцев назад +1

    Hi, When will you make a video for iPhone management using Intune?

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  10 месяцев назад

      Hi Umesh, that was on my list, and then fell off, thanks for the reminder, it is going back to the list and I got Windows 365 video I want to do before and one Scheduled Task video and also iPhone/iPad management which would be a longer serie to cover all the aspects of management of those devices, it's coming but cannot say when :)

  • @unkownuser2320
    @unkownuser2320 8 месяцев назад +1

    what is the use of Laps and it is free. if we use Account protection what is the disadvantages

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  8 месяцев назад

      LAPS is free, I would say the use is if you want a unique password of local administrator account per device.

  • @ashwinikumarsccm307
    @ashwinikumarsccm307 10 месяцев назад +1

    Excellent videoes 🎉❤❤❤❤

  • @DouglasSouza-pk3fd
    @DouglasSouza-pk3fd 5 месяцев назад +1

    Genio da informatica.

  • @DaysofIresh
    @DaysofIresh 9 месяцев назад +1

    Always beginner-friendly!

    • @IntuneVitaDoctrina
      @IntuneVitaDoctrina  9 месяцев назад

      Thanks, yeah we are all beginner until we have worked a bit with it :)