In Windows 11, “Local Security Authority / LSA” may not be enabled depending on the environment. In this article,Here’s how to turn on Protect Local Security Authority.
First of all, regarding “Protect Local Security Authority”, until April 2023, “Settings” → “Privacy and Security” → “Windows Security” → Select “Open Windows Security” → “Device Security” → ” I was able to set it from “Details of core isolation”, but after April 2023, the setting screen is no longer displayed.
This screen is no longer displayed after April 2023
But it’s working in the background. To check if it’s running in the background, open Event Viewer, go to Windows Logs > System, and see “LSASS.exe was started as a level 4 protected process. ” (Source: Wininit / Event ID: 12), the protection is working.
If there is this item, it works properly in the background
There is no problem if there are the above items, but depending on the environment, there may be no above items and it may not be running in the background. If the above item does not exist, set the registry and restart the PC to enable “Protection of Local Security Authority”.
The procedure for setting the registry is as follows.
Start Registry Editor (Press[Windows]+[R]keys, enter “regedit” and enter) Open “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa” Check if there is “RunAsPPL” on the right side.If not, right-click on the right side, select New → DWORD (32-bit) Value, type RunAsPPL, enter, double-click RunAsPPL, and select Value data (V)” and enter “2”
【キー】HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
【DWORD】RunAsPPL
[Value]2
If you restart your PC with this, an event (Source: Wininit / Event ID: 12) will be displayed in the Event Viewer stating “LSASS.exe was started as a process protected at level 4.” , “Protect Local Security Authority” should be enabled.
If this doesn’t work, add a DWORD called “RunAsPPLBoot” and set the value to “2”.
【キー】HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
【DWORD】RunAsPPLBoot
[Value]2
Now restart your PC and “Protect Local Security Authority” should be enabled.