LAPS is Jamf Pro's new Local Administrator Password Solution, designed to solve a security problem found in many environments today: Your fleet shares the same administrator username and password across every computer.
You can't be sure who knows these credentials.
You can't easily change their passwords quickly. Let's talk about why all Jamf Pro customers should be using LAPS for shared IT admin accounts and how to implement Jamf Pro's version of LAPS in your environment. If you're coming from a Windows administrator background, it's managed differently, but the outcome is the same.
We'll cover Jamf Pro's two available LAPS implementations and which is right for you. We'll discuss how to turn it on and how to use it. And finally, we'll offer some best practices for a few situations customers may see in their environment.
If you haven't yet implemented a LAPS solution in your environment, Jamf Pro LAPS is the best security tool you can put into action this year.
- Technical Paper: Local Administrator Password Solution for Jamf Pro
- Re-enroll computers for LAPS.zsh
- A Jamf Pro extension attribute to return whether a user account (hidden or visible) in a list of user accounts exists on a computer.
- JNUC 2023 LAPS Presentation - The Good, the Bad, the ugly of local admin management