Getting started with Windows LAPS for Microsoft Entra
Last updated
Was this helpful?
Last updated
Was this helpful?
This quick-start guide will provide you with all the information you need to get up-and-running with using Lithnet Access Manager to access LAPS passwords created by the new Windows LAPS agent.
Make sure your test machines have installed the April 2023 Windows updates, which include the new LAPS capability.
Follow the first steps in Microsoft's to enable LAPS via Intune CSP.
You don't need to complete the steps after configuring the policy and testing the LAPS client locally.
Before configuring Access Manager, it's a good idea to make sure that LAPS is working natively first. Using the Microsoft Entra or Intune management portal, make sure you can see and retrieve the LAPS passwords for your test devices.
Once you are confident that it is all working, you can move onto the next step of installing Access Manager.
Now you can proceed with installing Access Manager itself. Our will walk you through the process.
If you just want to set up a quick test environment, you can use a single server deployment, with the built-in SQL Express engine, to simplify the deployment.
Once Access Manager is installed, you need to grant it the permissions it needs to read passwords from Microsoft Entra and assign access to your users.
Follow the steps in the to correctly delegate and assign user permissions.
Visit the Access Manager web app in the browser and request the LAPS password for your test computer. If you have configured the app correctly, you should be presented with the LAPS password for the machine.
Check out our for more help.