We’re currently evaluating implementing LAPS, and I was curious as to who has done it recently and your experiences in undertaking it.
Solved
Implementation of laps
Best answer by jack.smith
What I liked about it
- easy to implement into AD
- Use AD group to scope access
- GPO to scope what devices use LAPS
- easy to deploy with Automox
- for devices on network all the time, works great
- retrieve password with GUI or PowerShell
What I didn't’ like
- Resetting password requires rebooting device
- Only works on domain joined devices
- Reporting is manual effort
- Lack of logs for troubleshooting
Here is a worklet and process that helped me get through using it all.
+1What I liked about it
- easy to implement into AD
- Use AD group to scope access
- GPO to scope what devices use LAPS
- easy to deploy with Automox
- for devices on network all the time, works great
- retrieve password with GUI or PowerShell
What I didn't’ like
- Resetting password requires rebooting device
- Only works on domain joined devices
- Reporting is manual effort
- Lack of logs for troubleshooting
Here is a worklet and process that helped me get through using it all.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.