Cyber attacks have become part of everyday life. It is important to protect each entry point and local administrator accounts. Every Windows computer has a built-in local administrator account that cannot be deleted and has all rights over the local system. Securing local administrator is very important in securing the entire organization. Windows LAPS allows us to rotate local administrator accounts according to the configured policies and store local passwords in the local active directory or directly in Microsoft Entra ID.

In the session we will look at how to install LAPS in the local active directory and how to configure the policies for LAPS maneged devices. We will also touch on the configuration of security policies for "account protection" inside Intune portal and store the passwords in Microsoft Entra ID, which is in public preview mode from April 2023.