Educause Security Discussion mailing list archives

Re: Microsoft LAPS

From: Jonathan Andrew Wince <Jonathan.Wince () NAU EDU>
Date: Wed, 17 Jul 2019 21:33:56 +0000

A few years ago we did an investigation into LAPS, and we opted for a GPO and PowerShell combination that was provided 
by SANS. I would recommend checking out their posting about it:

https://cyber-defense.sans.org/blog/2013/08/01/reset-local-administrator-password-automatically-with-a-different-password-across-the-enterprise

Jonathan A Wince
NAU ITS – Identity and Access Management
Information Security Analyst
Jonathan.Wince () nau edu<mailto:Jonathan.Wince () nau edu>
Phone: 928-523-1005



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of "Pete, Andrew" 
<000000d06e28c017-dmarc-request () LISTSERV EDUCAUSE EDU>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wednesday, July 17, 2019 at 2:30 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Microsoft LAPS

We haven’t implemented it yet but I’ve got it on the list of things to dig into more.  I know Harvard is using it.  
They had a session at NERCOMP this year about AD security.  Here’s a link to the presentation.

https://events.educause.edu/special-topic-events/nercomp-annual-conference/2019/agenda/creating-a-security-fortress-in-your-active-directory-environment<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fevents.educause.edu%2Fspecial-topic-events%2Fnercomp-annual-conference%2F2019%2Fagenda%2Fcreating-a-security-fortress-in-your-active-directory-environment&data=02%7C01%7CJonathan.Wince%40NAU.EDU%7C2fe910abeeea4b0c584b08d70afdf978%7C27d49e9f89e14aa099a3d35b57b2ba03%7C0%7C0%7C636989958235236134&sdata=8wU5v7jYy8IgDJg2zQXoZpx812dm%2F0hu85vEk4lVVK4%3D&reserved=0>


Andrew Pete
Information Security Architect

New England Institute of Technology
One New England Tech Boulevard
East Greenwich, RI 02818-1205
401-780-4460 (Direct)
apete () neit edu<mailto:apete () neit edu>

[NEIT_Full_Stack_H_White_BG_PNG1]



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of WALTER KERNER
Sent: Wednesday, July 17, 2019 5:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Microsoft LAPS


This message originated outside of New England Institute of Technology. Use caution when opening attachments, clicking 
links or responding to requests for information.
Hi all.  I found a thread from 2 years ago asking about Microsoft LAPS for local admin control.  Is anyone using it?  
How do you like it?  Any other suggestions for admin password management?  Thanks



Walter

Walter Kerner
Assistant Vice President and CISO
212 217 3415
[blue and black logo two lines png]

Current thread:

Microsoft LAPS WALTER KERNER (Jul 17)
- Re: Microsoft LAPS Pete, Andrew (Jul 17)
  - Re: Microsoft LAPS Jonathan Andrew Wince (Jul 17)
    - Re: Microsoft LAPS King, Ronald A. (Jul 17)
- Re: Microsoft LAPS Richard Applebee (Jul 17)
- Re: Microsoft LAPS Joey Rego (Jul 17)
- Re: Microsoft LAPS Seth A. Shestack (Jul 18)
  - Re: Microsoft LAPS Clark Gaylord (Jul 18)
- Re: Microsoft LAPS Joey Rego (Jul 18)
- Re: Microsoft LAPS Manjak, Martin (Jul 18)
  - Re: Microsoft LAPS Brian T. Huntley (Jul 18)
    - Re: Microsoft LAPS Harry Hoffman (Jul 18)
    - Re: Microsoft LAPS McCrone, Kevin (Jul 19)

(Thread continues...)