New LAPS in Azure AD - how the end user can read his password?

Djordje Novakovic 626 Reputation points
2023-07-11T11:42:54.2533333+00:00

Hello,

New LAPS in Azure AD is perfect for IT admin's side.

However, what is the best way for the end user to read local admin password?

Do we need to use new powershell LAPS module and call Graph API.

In our environment users need to have that password when doing some admin actions.

Thanks

Microsoft Security | Intune | Other
0 comments No comments
{count} votes

Accepted answer
  1. Crystal-MSFT 53,991 Reputation points Microsoft External Staff
    2023-07-12T02:05:32.8366667+00:00

    @Djordje Novakovic, Thanks for posting in Q&A. Based as I know, Intune administrators with sufficient role-based administrative control (RBAC) permissions can view information about a device's local admin account and its current password.

    https://learn.microsoft.com/en-us/mem/intune/protect/windows-laps-overview

    To check this, you can find the device and check the information under "Local admin password".

    User's image

    Hope the above information can help.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.