Windows LAPS and the migration from Microsoft LAPS

20230809 WindowsLAPS 08 Windows LAPS and the migration from Microsoft LAPS 1

In this era, the topic of IT security is becoming more and more important. A possible attack vector has always been the local admin passwords. In most cases, these were hard-wired into the installation image and had not been changed for years. Not only a risk from former employees. The lateral movement also poses a … Read more

List of different Group Policy Templates (Updated)

Gruppenrichtlinenkonsole mit Importierten Administrativen Vorlagen

Active Directory group policies, also called Group Policy Object (GPO), are one of my core topics. I have a lot to do with this in various projects and as a Microsoft trainer. As a result, I have accumulated a number of templates and links. This link collection should make your search a little easier. Only templates of the respective manufacturers or projects are listed here. I have deliberately avoided third-party guidelines.

Read more

Unattended installation of software

A screenshot of a cell phone

Unattended software installation is standard in many environments. But how does it work? With an MSI it’s easy, but not everything is available as an MSI package. But many applications bring their own methods. Since I often need this, here is a small collection for the more important programs.

Read more

Using and Auditing PowerShell Scripts with Microsoft Local Administrator Password Solution (LAPS)

A screenshot of a social media post

This article was first published in German on June 04, 2019, on Infrastrukturhelden.de. The translation of this article was published on the 25th July 2019 at LinkedIn. Please read the article on LinkedIn.

Unattended installation of software

Unattended software installation, also called unattendent installation, is standard in many environments. But how does it work? It is easy with an MSI, but not everything is available as an MSI package. Many applications come with their own methods. Since I also need this from time to time, here is a small collection for the programmes that are more important to me.

Read more

Local Administrator Password Solution (LAPS)

041917 0532 LocalAdmini5 Local Administrator Password Solution (LAPS) 6

In the past, a company-specific standard was usually always used for local administrator passwords. But what do you do if an employee who knows the default password leaves the company?

Right, it should be changed. In the past, Group Policies (GPO) were often used for this, even if the password was in clear text in SysVol. This was fortunately stopped by Microsoft. What other solutions are available? In practice I have seen VBS or PowerShell scripts, the good ones have random passwords, the bad ones only a standard.

But isn’t there a well designed solution from Microsoft? Yes, there is, Local Administrator Password Solution (LAPS).

Read more