Security Recommendations for LAPS are outdated

ADM-Griffin2, Jay 151 Reputation points
2023-06-28T10:54:09.08+00:00

These recommendations in the Microsoft Secure Score seems to be ignoring the new Windows LAPS and looking at the old LAPS. When we changed over to the Windows LAPS, these recommendations started getting flagged. I thought Microsoft would eventually change them over, but they haven't yet.

Enable Local Admin password management

Remediation -- pointing to the old GPO settings....

Option 1 - Set the following Group Policy:
Computer Configuration\Policies\Administrative Templates\LAPS\Enable Local Admin Password Management
To the following value: Enable

Option 2 - Set the following registry value:
HKLM\SOFTWARE\Policies\Microsoft Services\AdmPwd\AdmPwdEnabled
To the following REG_DWORD value: 1

These appear to be the OLD GPO settings, not the new Windows LAPS.

I have Windows LAPS working and my Secure Score is still being flagged for this recommendation.

Protect and manage local admin passwords with Microsoft LAPS

This recommendation directs you to download the old LAPS client.

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,532 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,275 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
213 questions
{count} votes

4 answers

Sort by: Most helpful
  1. Michele Ariis 5 Reputation points
    2023-07-11T12:15:21.42+00:00

    I also have the same problem

    1 person found this answer helpful.

  2. Thomas Starkey 0 Reputation points
    2024-05-10T12:25:02.1766667+00:00

    Same issue here. Anyone got any update on bypassing this?

    0 comments No comments

  3. Michele Ariis 5 Reputation points
    2024-10-01T10:02:29.06+00:00

    any news on this issue?

    0 comments No comments

  4. Dimitris Komodromos 46 Reputation points
    2024-11-13T14:16:07.0633333+00:00

    Same issue here . Microsoft should update defender to check also for windows LAPS

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.