June 8, 2015

Local Administrator Password Solution (LAPS)

Local passwords is a headache of system administrator life. Especially when you are new on position. You sleep and think about decency of previous system administrator. You think how he left the company. Was it good or not. You do not know what to expect. Then you understand that you have excel file with all system passwords stored in a cloud (sarcasm /:). Also you notice that local admin password is the same for all systems. Are you going to change local password on all systems? Using PowerShell/WMI or some third party software? Logon locally and change it? Not good idea and waste time at all.

Here is solution from Microsoft called Local Administrator Password Solution. It checks password expiration, generates new password and forces it to workstations. It stores data in Active Directory and protects it by ACLs.

BTW do not store passwords in excel. Do not store any security information in dropbox, onedrive, icloud etc. At least use KeePass or something like that.

No comments:

Post a Comment