How to Deploy Microsoft LAPS Using SCCM

In this short post we will see how to deploy Microsoft LAPS using SCCM. Microsoft LAPS can be deployed using various methods, one among them is using the Configuration Manager or SCCM.

The Local Administrator Password Solution (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset.

If you are planning to implement LAPS in your setup, the below topics should help you.

How to Deploy Microsoft LAPS using SCCM

To deploy LAPS using SCCM

  • Launch the SCCM console.
  • Navigate to Software Library, expand Application Management.
  • Right click Applications and click Create Application for LAPS.

How to deploy Microsoft LAPS using SCCM

In the Create Application Wizard, choose Manually specify the application information. Click Next.

How to deploy Microsoft LAPS using SCCM

Provide a name to the app and some other details, click on Next.

How to deploy Microsoft LAPS using SCCM

Click Next.

How to deploy Microsoft LAPS using SCCM

I will add both x64 and x86 LAPS msi files. Click Add.

How to deploy Microsoft LAPS using SCCM

Choose Automatically identify information about this deployment type from installation files. Choose the location of LAPS x64 msi file. Click Next.

How to deploy Microsoft LAPS using SCCM

The information is picked up from msi file. Click Next.

How to deploy Microsoft LAPS using SCCM

Provide a name to the deployment type and ensure the installation program is same as seen in the screenshot below. Click Next.

How to deploy Microsoft LAPS using SCCM

I have not specified any Requirements and dependencies for this app. So click Next and finally on the completion page click on Close.

How to deploy Microsoft LAPS using SCCM

So we have just imported the LAPS x64 msi. The next step is to import LAPS x86 msi file. Click on Add. You need to repeat the same steps as shown above to import the LAPS x86 msi file.

How to deploy Microsoft LAPS using SCCM

Once you import the LAPS x86, you will see both the msi files. Click Next.

How to deploy Microsoft LAPS using SCCM

On the completion screen, click on Close.

How to deploy Microsoft LAPS using SCCM

Installing Microsoft LAPS

Distribute the LAPS application to the SCCM distribution points. Deploy the Microsoft LAPS to the device collection. On the client machine, launch the software center. Under Applications, select the LAPS app and click Install.

How to deploy Microsoft LAPS using SCCM

The installation is very quick and within few seconds you will find the LAPS installed on the computer. To verify the LAPS installation, launch the control panel and click Programs and Features. If the installation is successful you will find the LAPS entry in the list of installed programs in Programs and Features.

Note – The uninstall command and detection methods are automatically added when you import the msi file. The uninstall option should also work fine. In case of install errors look for appenforce.log file for troubleshooting.

How to deploy Microsoft LAPS using SCCM

6 Comments

  1. Install just LAPS UI:

    msiexec /i “LAPS.x64.msi” ADDLOCAL=Management.UI ALLUSERS=1 /qn

  2. Avatar photo Russell Johnson says:

    Curious. Why not just define the deployment type automatically from the msi, instead of manually?

  3. Avatar photo Sarfraz Aslam says:

    Hi, is it possible that we can deploy LAPS “Package” instead of “Application”. What is the difference between Package and Application. Is there any limitations on both?

  4. Avatar photo Joseph Hoang says:

    Thanks but how do you also deploy the LAPS UI via SCCM? is there a MSI command line to include that feature?

  5. Avatar photo Steve Wells says:

    Do you not need to specify requirements for the apps so that they only deploy to the appropriate architecture?

    1. Yeah, you’re right. It also came to my mind and already did it in my lab.

Leave a Reply

Your email address will not be published. Required fields are marked *