Latest Windows 11 Update Fixes Windows LAPS Interop Issues

Windows 11 2022 Update

Microsoft has released the optional April 2023 security patches for Windows 11 versions 21H2 and 22H2. The optional updates (KB5025298 and KB5025305) address interoperability issues between Windows LAPS and legacy LAPS policies.

Microsoft recently announced the native integration of Windows LAPS (Local Administrator Password Solution) on Windows 11, Windows 10, and Windows Server 2019. The tool allows IT Pros to manage passwords on Windows Server Active Directory-joined and Azure Active Directory-joined devices. It helps administrators to regularly rotate and backup passwords to on-premises Active Directory.

Microsoft highlighted that the native integration eliminates the need to download and install an MSI file to use the Windows LAPS tool. Moreover, Windows LAPS gets serviced monthly like all other Windows components.

However, many IT admins found that installing the latest Patch Tuesday updates break the new Windows LAPS and legacy LAPS tools. Microsoft acknowledged the issue and provided a temporary workaround solution. Thankfully, Microsoft has now released an update to address the Windows LAPS interoperability bug on Windows 11 PCs.

“This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy,” Microsoft explained.

Install Windows 11 preview updates to fix compatibility issues between Windows LAPS and legacy LAPS policies

If you’re running Windows 11 22H2 or Windows 11 21H2, you can install the update by going to Settings >> Update & Security >> Windows Update. Keep in mind that users who skip the updates will get these fixes with the May 2023 Patch Tuesday update for Windows 11.

In related news, Microsoft has announced a public preview of Windows Local Administrator Password Solution (LAPS) for Azure AD joined and hybrid Azure AD joined devices. The company says that IT admins can perform the initial Windows LAPS setup through the Azure Portal.