1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone using LAPS?

Discussion in 'Computer Security' started by Nyx, Oct 3, 2017.

  1. Nyx

    Nyx Byte Poster

    144
    10
    15
    Hi All,

    As per title, anyone has anything good/bad to say about LAPS? Especially interested in negatives really. It sounds great on paper but some real world feedback would help :)

    Thanks,
     
  2. JK2447
    Highly Decorated Member Award 500 Likes Award

    JK2447 Petabyte Poster Administrator

    Top Poster
    of the Month

    5,972
    540
    318
    Not using it never heard of it to be honest. What is it?
     
    Certifications: BSc (Hons), HND IT, HND Computing, ITIL-F, MBCS CITP, MCP (270,290,291,293,294,298,299,410,411,412) MCTS (401,620,624,652) MCSA:Security, MCSE: Security, Security+, CPTS, VCP4, CCA (XenApp6.5), MCSA 2012, VCP5, VCP6-NV, VSP, VTSP
    WIP: AWS Certified Solutions Architect - Associate
  3. FlashDangerpants

    FlashDangerpants Byte Poster

    100
    11
    39
    It's a program which extends the AD schema to give each computer account a local administrator password field. Then it gives each machine a unique local admin account so you can stop using the same one on all your computers (admit it, we're all guilty). the idea is that you end up with some password you can safely share with users that only works on the machine they have. If a tech needs the local admins for a specific laptop or whatever, they just go to AD to look it up.

    More details here. It's good.
     
    Certifications: MCITP Exchange 2010, MCSA Svr 2012
    WIP: Exchange 2013
    Nyx likes this.
  4. Nyx

    Nyx Byte Poster

    144
    10
    15
    Thanks Flash, should have added a link. We'll probably end up using it. I can't really find anyone not happy with LAPS - I guess it's not that popular yet.

    Not that it would make a domain secure, but after reading a bit on Pass the Hash attacks having same admin accounts on laptop's or servers seems suicidal...
     
  5. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,246
    322
    319
    I've seen a few corporate customers using it - no drama so far.
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010

Share This Page

Loading...