Microsoft novou verzi LAPSu vydal letos v květnu, k dispozici je instalační balíček pro 32 i 64bitové systémy a konfigurace se provádí kompletně v Group Policy.1. novou verzi ? Verzia 1.0 bola vydana 1.5.2015 tak aka nova?
2. LAPS je password manager pouzivajuci GPO client-side extension a posielajuci password local admina do AD. ma to udajne znizit moznost utoku Pass-the-Hash ....
3. bez AD je to k nicomu a s AD podla mna zmytocnost. v podstate LAPS len obmedzuje kto moze resetnut heslo local administratora....
Inak autor by si mohl aspon preciat info o tom co je laps vyzeralo by to lepsie a bolo by k tomu aj viac informacii LAPS provides a streamlined approach to:- Periodically randomize local administrator passwords to ensure that password updates to Active Directory succeed before modifying local secrets and passwords.
- Centrally store secrets in the existing Active Directory infrastructure.
- Control access through Active Directory access control list (ACL) permissions.
- Transmit encrypted passwords from computers to Active Directory via encryption using the Kerberos version 5 protocol and the Advanced Encryption Standard (AES) cypher by default.
Názor byl 1× upraven, naposled 14. 07. 2015 17:36