Educause Security Discussion mailing list archives
Re: Microsoft LAPS
From: Harry Hoffman <00000033be3f81d5-dmarc-request () LISTSERV EDUCAUSE EDU>
Date: Fri, 19 Jul 2019 06:30:16 +0700
Just curious. We’ve run into an issue where we need to restore a backup of a system and the local admin password is now out of sync with LAPS. Have others run into this? And if so what’s your procedure for handling it? Cheers, Harry On Fri, Jul 19, 2019 at 3:02 AM Brian T. Huntley <bhuntley () clarkson edu> wrote:
We've been running it on all domain-joined machines for a couple of years now. Rollout was a snap and it's been glitch-free (*knocks on head*). The only scenario we've had challenges with is when a machine ends up in some weird state where it think's it's fallen out of the domain but LAPS has nevertheless continued to roll over the password. I think it's happened twice. Our desktop folks chalked it up to yet another layer of badness on a machine that was probably already ripe for a re-image. Brian Brian T. Huntley, CISSP Director of Network Services and Information Security Office of Information Technology Clarkson University 315.268.6723 On Thu, Jul 18, 2019 at 8:18 AM Manjak, Martin <mmanjak () albany edu> wrote:Walter, We rolled it out this spring to central IT supported systems. That success enabled us to promote it to the two other domains that are part of our forest and they are adopting it as well. Next step is to inventory all the other accounts that are members of the local admin group and see what we can do to clean those up. Marty Manjak CISO University at Albany *From:* The EDUCAUSE Security Community Group Listserv < SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *WALTER KERNER *Sent:* Wednesday, July 17, 2019 5:24 PM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Microsoft LAPS Hi all. I found a thread from 2 years ago asking about Microsoft LAPS for local admin control. Is anyone using it? How do you like it? Any other suggestions for admin password management? Thanks Walter Walter Kerner Assistant Vice President and CISO 212 217 3415 [image: blue and black logo two lines png]
Current thread:
- Re: Microsoft LAPS, (continued)
- Re: Microsoft LAPS Pete, Andrew (Jul 17)
- Re: Microsoft LAPS Jonathan Andrew Wince (Jul 17)
- Re: Microsoft LAPS King, Ronald A. (Jul 17)
- Re: Microsoft LAPS Jonathan Andrew Wince (Jul 17)
- Re: Microsoft LAPS Richard Applebee (Jul 17)
- Re: Microsoft LAPS Joey Rego (Jul 17)
- Re: Microsoft LAPS Seth A. Shestack (Jul 18)
- Re: Microsoft LAPS Clark Gaylord (Jul 18)
- Re: Microsoft LAPS Joey Rego (Jul 18)
- Re: Microsoft LAPS Manjak, Martin (Jul 18)
- Re: Microsoft LAPS Brian T. Huntley (Jul 18)
- Re: Microsoft LAPS Harry Hoffman (Jul 18)
- Re: Microsoft LAPS McCrone, Kevin (Jul 19)
- Re: Microsoft LAPS Brian T. Huntley (Jul 18)
- Re: Microsoft LAPS Pete, Andrew (Jul 17)
- Re: Microsoft LAPS Dave Broucek (Jul 19)