Administrator account name: name of the local account you want to manage password for. DO NOT configure when you use built-in admin account. Built-in admin account is auto-detected by well-known SID, even when renamed DO configure when you use custom local admin account Counter Measure: Enable this setting and add the list of local administrators to the list. Potential Impact: Local administrator passwords are changed as managed. Fix: (1) GPO: Computer Configuration\Administrative Templates\LAPS\Name of administrator account to manage (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft Services\AdmPwd!AdminAccountName