Local-Administrator-Password-Solution (LAPS) guide
The LAPS tool from Microsoft is designed to manage the local Administrator account password on Windows workstations and servers. In Academic Support (AS) departments it is automatically deployed for all managed workstations. (If you don’t have it installed, check in your Software Center for its status.) A different random password is set on each machine.
The local Administrator account should only be used when the network is inaccessible or domain access is unavailable. Your Nexus "bang" account should be the primary account used to log on to all systems.
Each AS group/department has a NEXUS security group applied to their department workstations granting administrator-level access and can be delegated the appropriate permissions so they can view and reset passwords for their systems.
Included in this article:
- 1 Deployment
- 2 Password settings
- 3 How to view and expire passwords
- 3.1 LAPS Console
- 3.1.1 To view a password
- 3.1.2 To expire a password
- 3.2 Windows PowerShell
- 3.2.1 To view a password
- 3.2.2 To expire a password
- 3.3 Related articles
- 3.3.1 Need help?
- 3.3.2 Article feedback
- 3.1 LAPS Console
Deployment
LAPS is a group policy extension that is automatically deployed to all Academic Support workstations. The most recent installer files can be found at \\fileapps\winapps$\StandardApps\LAPS. The version you install must match the architecture of your system: 32 bit or 64 bit. To install the LAPS console or the PowerShell extensions you will need to modify the LAPS installation by completing the following steps:
Run the 32 or 64 bit installer.
Click Change.