This tool scans Active Directory for LAPS compliance. LAPS stands for the Local Administrator Password Solution, a Microsoft tool designed to help organizations store Local Administrator passwords securely without impeding proper access as needed.
The LAPS Dashboard can be filtered by Domain and OU.
The LAPS chart is interactive, and either portion of the pie chart that is clicked will populate the list of devices associated with that section in the bottom section of the dashboard.
Results can be exported to CSV (via the button at the bottom right of the page).
How Information is Collected
Information is pulled from your ConfigMgr database and the LAPS passwords are pulled from Active Directory.
Where the tool is located
In the Assets and Compliance section of ConfigMgr, click on LAPS under the Recast Software Node.
- As with all of the RCT Security and Compliance Dashboards, these results are actionable with Right Click Tools (and support multi-select):
The LAPS tool requires read rights to Active Directory OUs and their computer objects contained within for the specific domain. For the left pie chart to work, permissions to read the LAPS password attribute are needed. For the right pie chart, permissions to device hardware inventory are necessary.