Backup accounts and passwords – You can choose to have devices back up their account and password in either Azure Active Directory (Azure AD) in the cloud, or your on-premises Active Directory.You can also use the Intune admin center to manually rotate the password for a device as a device action. Rotate passwords – With policy you can have devices automatically rotate the local admin account passwords on a schedule.Set password requirements – Define password requirements including complexity and length for the local administrator account on a device.Intune support for Windows LAPS includes the following capabilities: Intune's use of the CSP replaces the use of Legacy Microsoft LAPS or other LAPS management solutions, with CSP based taking precedence over other LAPS management sources. Intune LAPS policy manages the settings available from the Windows LAPS CSP. Managing LAPS with Intune can also help improve security for remote help desk scenarios and recover devices that are otherwise inaccessible. Use of Intune LAPS policies helps you protect Windows devices from attacks that are aimed at exploiting local user accounts like pass-the-hash or lateral-traversal attacks. You can also view details about the managed local admin accounts in the Intune Admin center, and manually rotate their account passwords outside of a scheduled rotation. Schedule rotation of those account passwords to help keep them safe.Back up a local admin account from devices to your Active Directory (AD) or Azure AD.Enforce password requirements for local admin accounts.You can use Microsoft Intune endpoint security policies for account protection to manage LAPS on devices that have enrolled with Intune. Windows devices include Windows Local Administrator Password Solution ( LAPS), a built-in solution to help manage local admin accounts. Securing this account is an important step in securing your organization. Every Windows machine has a built-in local administrator account that can’t be deleted, and which has full permissions to the device.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |