General
This check verifies whether Entra ID supports the LAPS function in Windows. LAPS stands for Local Administrator Password Solution, and is used to ensure that the password of the local administrator on Windows systems is not the same on every system.
The Check focuses on the configuration of Entra ID, but does not control the configuration of the Windows computers themselves. Read the link in more information to learn how to enable LAPS on Windows computers.
Rationale
When an attacker gains access to a Windows computer, he will try to take over other computers with passwords on that computer: Lateral Movement. For years, it was very common for IT teams to install every computer with the same administrator password, but that opens all the doors for attackers to quickly gain control of everything. That is why Microsoft has developed LAPS and it is advisable to use this function.
Attic Fix
A fix is available for this check! This will be offered via a ticket in Attic after which you can accept.
Manual instruction
Follow these steps to adjust the setting:
- Open Entra via https://entra.microsoft.com
- Go to Identity > Devices > Overview > Device Settings
- Enable Local Administrator Password
Comments
0 comments
Please sign in to leave a comment.