asked on Deploying LAPS
Links and hints for deploying LAPS would be helpful.
Which procedure available on the web is the one you prefer?
Or, perhaps you just use Microsoft instructions as you set it up?
I found this:
https://blog.thesysadmins.co.uk/deploying-microsoft-laps-part-1.html ... and -part-2.html
Is it reasonable? There are clearly a number of things that are needed that could be intrusive.
Particular "hints and kinks" that you suggest?
Warnings?
Which procedure available on the web is the one you prefer?
Or, perhaps you just use Microsoft instructions as you set it up?
I found this:
https://blog.thesysadmins.co.uk/deploying-microsoft-laps-part-1.html ... and -part-2.html
Is it reasonable? There are clearly a number of things that are needed that could be intrusive.
Particular "hints and kinks" that you suggest?
Warnings?
Network ManagementActive DirectoryMicrosoft Legacy OSWindows OSWindows Server 2003
Last Comment
hypercube
LAPS "just works". You won't look back, got for it!
Steve
Steve
ASKER
And, to access the passwords, an authorized user just does what? I need to be able to instruct the users.
I don't need much here, just a quick comment so I can understand what I'll be telling them.
I don't need much here, just a quick comment so I can understand what I'll be telling them.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Types in the computer name and reads the password:
![LAPS-UI.png]()
ASKER
Steve Knight: Thanks. Well, I'd seen that and assumed as much except:
This interface is running on a computer that the IT Tech is logged onto? Or, is the app run "as administrator" on any computer? or.....?
Suppose that the IT Tech is logged on via RDP as a Standard User and needs the local Admin password for some reason.
Then what do I tell them to do? Back on out, open the app and then write down the password? ugh..
I presume that Copy and Paste are the best way to go?
I know it would be a lot easier if I had an installation of LAPS to play with but, right now, I don't.
Sorry for asking such basic questions!
This interface is running on a computer that the IT Tech is logged onto? Or, is the app run "as administrator" on any computer? or.....?
Suppose that the IT Tech is logged on via RDP as a Standard User and needs the local Admin password for some reason.
Then what do I tell them to do? Back on out, open the app and then write down the password? ugh..
I presume that Copy and Paste are the best way to go?
I know it would be a lot easier if I had an installation of LAPS to play with but, right now, I don't.
Sorry for asking such basic questions!
ASKER CERTIFIED SOLUTION
Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a questionASKER
I need to be a bit more specific.
LAPS *will be* in use. Perhaps that doesn't matter.
Given that, there remains a need to support machine configurations while logged in as THE standard user, if you will....
This because of User profile-specific things needing to be configured.
And, in that context, there are times when at least "run as administrator" is necessary.
Thus, the need for:
- that which I asked about initially
It appears that one could use the McKnife approach in order to:
1) log in as the standard user with RDP
2) establish the admin as described and use it to "run as administrator"
Would that work?
The one concern I have is that the technicians are Windows configuration techs and not any good at scripts unless the scripts are canned and can simply be executed. I guess some judicious editing could create an interactive command line / PS interface.
LAPS *will be* in use. Perhaps that doesn't matter.
Given that, there remains a need to support machine configurations while logged in as THE standard user, if you will....
This because of User profile-specific things needing to be configured.
And, in that context, there are times when at least "run as administrator" is necessary.
Thus, the need for:
- that which I asked about initially
It appears that one could use the McKnife approach in order to:
1) log in as the standard user with RDP
2) establish the admin as described and use it to "run as administrator"
Would that work?
The one concern I have is that the technicians are Windows configuration techs and not any good at scripts unless the scripts are canned and can simply be executed. I guess some judicious editing could create an interactive command line / PS interface.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
If you want to give support within the user session, and do that comfortably, read https://www.experts-exchange.com/articles/33768/Using-RDP-shadowing-for-convenient-user-support-and-remote-control.html
However, be aware that inserting passwords within the user session is never a good idea as it is insecure. The account that you utilise should be activated only for the time of support.
Fred, your feedback is required.
ASKER
Great comments and insights. Thanks!
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
It's great at removing access for tinkerers.
Both parts are excellent write ups. Go for it!