Windows Local Administrator Password Solution (LAPS)
Вставка
- Опубліковано 5 лип 2024
- Solve handling all those local administrator passwords on Windows forever!
FAQ:
Can I target multiple policies to same machine to backup multiple admin accounts (e.g. built-in and a custom)?
No, we only support single account(logical when you consider only one password attribute on the device object) . So if you have two profiles targeting the same device, the one that gets delivers later will win. Also if the account is not existing on the device the client will not be able to rotate password. The account has to be present on the device.
Yes, you can buy this t-shirt :-) johns-t-shirts-store.creator-.... All profile to cure childhood cancer.
🔎 Looking for content on a particular topic? Search the channel. If I have something it will be there!
▬▬▬▬▬▬ C H A P T E R S ⏰ ▬▬▬▬▬▬
00:00 - Introduction
00:27 - Identity protection
03:28 - How are machines joined to identity provider
09:19 - The local administrator password
12:56 - Windows LAPS
18:22 - What is required
21:25 - How to enable
37:18 - How to use it!
45:45 - Limiting the scope of password read
50:51 - What is using legacy solution
51:34 - Closing
▬▬▬▬▬▬ K E Y L I N K S 🔗 ▬▬▬▬▬▬
► Whiteboard:
🔗 github.com/johnthebrit/Random...
► Windows LAPS documentation:
🔗 learn.microsoft.com/windows-s...
▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
📖 Recommended Learning Path for Azure
🔗 learn.onboardtoazure.com
🥇 Certification Content Repository
🔗 github.com/johnthebrit/Certif...
📅 Weekly Azure Update
🔗 • Azure Infrastructure U...
☁ Azure Master Class
🔗 • Microsoft Azure Master...
⚙ DevOps Master Class
🔗 • DevOps Master Class
💻 PowerShell Master Class
🔗 • PowerShell Master Class
🎓 Certification Cram Videos
🔗 • Microsoft Certificatio...
🧠 Mentoring Content
🔗 • Virtual Mentoring
❔ Questions? Maybe I answered it in my FAQ
🔗 savilltech.com/faq.html
👕 Cure Childhood Cancer Charity T-Shirt Channel Store
🔗 johns-t-shirts-store.creator-...
👂 Enable the subtitles and from there you can translate to your native language via the auto-translate feature in settings! • UA-cam Captions and A... for a demo of using this feature.
SUBSCRIBE ✅ / @ntfaqguy
#microsoft #azure #johnsavillstechnicaltraining #onboardtoazure #cloud
Handling those local administrator password the easy way! Please make sure to read the description for the chapters and key information about this video and others.
⚠ P L E A S E N O T E ⚠
🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there!
🕰 I don't discuss future content nor take requests for future content so please don't ask 😇
🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc.
👂 Translate the captions to your native language via the auto-translate feature in settings! ua-cam.com/video/v5b53-PgEmI/v-deo.html for a demo of using this feature.
Thanks for watching!
🤙
One item of note. All of the "built in" admin accounts for my azure joined machines are disabled by default. I was able to run a proactive remediation script to add a new local user with a custom username to all of my machines with a randomized password, then have the LAPS intune policy rotate the passwords for that custom user and store it when the machine phoned home. Works like a charm.
Your videos are so well explained that even my grand fathers can understand how azure works .
Very well put together. Thank you very much. Comprehensive, but not boring. Detailed, but just the right amount of information. I'll be back!
LAPS was always one of the initial things I would implement in a new environment. Great coverage for the new and improved version. Love how easy it is these days.
Great job man! Very well put together.
Thank you very much for sharing your knowledge, John. Such a quality video! 🤙
Nice video and easy explanation. Very well done! Thanks
Another great video...thanks John!
Another Great Demo and Very Timely. 🙂👍
I love your shirt. Thanks for the great info!
go buy one and support cure childhood cancer, link in description :-)
Great explanation John
Thank you, John. Now I understand LAPS.
Great video work as always! LOVE THAT SHIRT!!!! HA! 🤣
Defo a critical tool to implement, key in modern management for anyone running devices both on-prem, hybrid or cloud, LAPS does rock (the tricky part is in the detail, though get this right, you can scale it nicely, locally saved admin credentials on devices goes away - so key for security points, though the admin password rotation / with Bitlocker, gives you a well managed solution overall).
Very important video for me on this one John, top as always, hope it is a Bank Holiday where you are, (got the day off in the UK where I am, though I'm helping a friend roll out some devices... busy as always, have fun and thanks again!
no not here in US, work as usual :D Enjoy the day off!
@@NTFAQGuy I've got the work day off... though I'm working with a mate to help him on a little test project (so busy, keeps me out of trouble and am learning / so happy with that!) thanks! Hope you have a great day too)
Great video great view. Great sounds Windows. John
I recently deployed older version of LAPS. Now that newer Azure laps is out, I will definitely refer this for migration and expanding deployment scope
Good explanation! I actually made a little program to grab the LAPS password, mainly because I work in an environment where there are multiple domains, so using the MS provided tool doesn't really help me.
Thanks John
Thank you so much..!
Impressive intelligence and teaching skills on display.
I have learned so much from John over the years about the Windows platform....I am a better(and very knowledgable ) IT persson because of him.
I'm glad I can help. Best of luck in your continued journey!
i cannot think of a reason to not give a like!
Excellent :)