Policy
Name of administrator account to manage
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10
This policy setting specifies a custom Administrator account name to manage the password for. If this policy setting is enabled, LAPS will manage the password for a local account with this name. If this policy setting is disabled or not configured, LAPS will manage the password for the well known Administrator account. DO NOT enable this policy setting to manage the built-in administrator account. The built-in administrator account is auto-detected by well-known SID and does not depend on the account name. See https://go.microsoft.com/fwlink/?linkid=2188435 for more information.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Administrator account name ID TEXT_AdminAccountName | text | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\LAPS\AdministratorAccountName Type REG_SZ | None |
Other policies in this category
Explore related policies at the same level.
- ComputerConfigure authorized password decryptorsAt least Microsoft Windows 10 or later
- ComputerConfigure automatic account managementAt least Microsoft Windows 10 or later
- ComputerConfigure password backup directoryAt least Microsoft Windows 10 or later
- ComputerConfigure size of encrypted password historyAt least Microsoft Windows 10 or later
- ComputerDo not allow password expiration time longer than required by policyAt least Microsoft Windows 10 or later
- ComputerEnable password backup for DSRM accountsAt least Microsoft Windows 10 or later
- ComputerEnable password encryptionAt least Microsoft Windows 10 or later
- ComputerPassword SettingsAt least Microsoft Windows 10 or later
- ComputerPost-authentication actionsAt least Microsoft Windows 10 or later