High Level Plan of Local Administrator Password Solution (LAPS)
Hello All,
Hope this post finds you in good health and spirit.
High Level Plan of Local Administrator Password Solution (LAPS)
This post is regarding high level plan of Local Administrator Password Solution (LAPS) configuration in domain Network.
Microsoft’s LAPS is a useful tool for automatically managing Windows computer local Administrator passwords. LAPS stores the password for each computer’s local administrator account in Active Directory, secured in a confidential attribute in the computer’s corresponding Active Directory object.LAPS helps to reduce the workload and help local administrator or desktop team to manage local administrator password in active directory for a number of machines.
The solution is built on Active Directory infrastructure. LAPS uses a Group Policy client-side extension (CSE) that you install on managed computers to perform all management tasks.
The following steps need to be performed to configure LAPS
- Install Microsoft LAPS on domain joined server
- AD preparation – Schema extension
- Change Computer object permissions
- Assign permissions to the group for password access
- Installation of GP CSE via MSI installation on clients to be managed
- Group policy configuration
- Testing
Its not necessary to install the LAPS on domain controller only, As per best MS practice We should install LAPS on one of member servers and make it as the management computer instead of Domain Controller, and install AD DS management tool on this management computer and only need the domain administrator credential to manage the LAPS from this server.
So, that’s all in this blog. I will meet you soon with some other stuff. Have a nice day !!!
Recommended content
RODC Installation Guide- Step by step guide to install read only domain controller
RODC Filtered Attribute Set
Installing and configuring a RODC in Windows Server-2012
How to find the GUID of Domain Controller
Understanding Group Policy Preferences
Group Policy Verification Tool GPOTool Exe
Group Policy Health Check on Specific Domain Controller
Netlogon Folder in Active Directory
Custom Attributes in Active Directory
Tombstone Lifetime of My Active Directory Forest
Computers AD Site From the Command Line
Active Directory Database Integrity
Disabling and Enabling the Outbound Replication
DFS Replication Service Stopped Replication
Strict Replication Consistency
The replication operation failed because of a schema mismatch between the servers involved
Troubleshooting ad replication error 8418 the replication operation failed because of a schema mismatch between the servers
Replication information in txt file
Repadmin Replsummary
Enabling the outbound replication
Guys please don’t forget to like and share the post.Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them .
You can also share the feedback on below windows techno email id.
If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.
