Educause Security Discussion mailing list archives

Re: Microsoft LAPS

From: "Seth A. Shestack" <shestack () TEMPLE EDU>
Date: Thu, 18 Jul 2019 10:17:46 +0000

We have been using LAPS for several years.
It is used by both our desktop support and server administration groups.
LAPS has enabled us to have a randomized account password that is different on each machine, reset whenever used and at 
specific intervals.

Before LAPS each of these groups had an account they would place in the Administrators group of every device they 
managed with the same password.
Basically an extremely weak security foundation.

Regards
Seth

Seth Shestack
Deputy CISO
Executive Director, Information Security and Privacy
Temple University
1805 N Broad St
Wachman Hall 762
Philadelphia PA 19122
215-204-5884
Shestack () temple edu



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of WALTER KERNER
Sent: Wednesday, July 17, 2019 5:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Microsoft LAPS

Hi all.  I found a thread from 2 years ago asking about Microsoft LAPS for local admin control.  Is anyone using it?  
How do you like it?  Any other suggestions for admin password management?  Thanks



Walter

Walter Kerner
Assistant Vice President and CISO
212 217 3415
[blue and black logo two lines png]

Current thread:

Microsoft LAPS WALTER KERNER (Jul 17)
- Re: Microsoft LAPS Pete, Andrew (Jul 17)
  - Re: Microsoft LAPS Jonathan Andrew Wince (Jul 17)
    - Re: Microsoft LAPS King, Ronald A. (Jul 17)
- Re: Microsoft LAPS Richard Applebee (Jul 17)
- Re: Microsoft LAPS Joey Rego (Jul 17)
- Re: Microsoft LAPS Seth A. Shestack (Jul 18)
  - Re: Microsoft LAPS Clark Gaylord (Jul 18)
- Re: Microsoft LAPS Joey Rego (Jul 18)
- Re: Microsoft LAPS Manjak, Martin (Jul 18)
  - Re: Microsoft LAPS Brian T. Huntley (Jul 18)
    - Re: Microsoft LAPS Harry Hoffman (Jul 18)
    - Re: Microsoft LAPS McCrone, Kevin (Jul 19)
- Re: Microsoft LAPS Dave Broucek (Jul 19)