Getting started with Windows LAPS for Active Directory
Last updated
Was this helpful?
Last updated
Was this helpful?
This quick-start guide will provide you with all the information you need to get up-and-running with using Lithnet Access Manager to access LAPS passwords created by the new Windows LAPS agent.
Windows LAPS requires some new schema attributes and permissions to be delegated. Follow Microsoft's for preparing your Active Directory to work with Microsoft LAPS.
Make sure your test machines have installed the April 2023 Windows updates, which include the new LAPS capability.
Configure your LAPS clients via
Before configuring Access Manager, it's a good idea to make sure that LAPS is working natively first. You can use the built-in modules to make sure you can access the LAPS passwords. Once you are confident that it is all working, you can move onto the next step of installing Access Manager.
Now you can proceed with installing Access Manager itself. Our will walk you through the process.
If you just want to set up a quick test environment, you can use a single server deployment, with the built-in SQL Express engine, to simplify the deployment.
Once Access Manager is installed, you need to grant it the permissions it needs to read passwords from the directory, and assign access to your users.
Follow the steps in the to correctly delegate and assign user permissions.
Visit the Access Manager web app in the browser and request the LAPS password for your test computer. If you have configured the app correctly, you should be presented with the LAPS password for the machine.
Check out our for more help.