You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: ATPDocs/security-assessment-laps.md
+5-6Lines changed: 5 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,4 @@
1
1
---
2
-
3
2
title: Microsoft LAPS usage assessment
4
3
description: This article provides an overview of Microsoft Defender for Identity's Microsoft LAPS usage identity security posture assessment report.
5
4
ms.date: 01/29/2023
@@ -12,7 +11,7 @@ ms.topic: how-to
12
11
13
12
Microsoft's "Local Administrator Password Solution" (LAPS) provides management of local administrator account passwords for domain-joined computers. Passwords are randomized and stored in Active Directory (AD), protected by ACLs, so only eligible users can read it or request its reset.
14
13
15
-
This security assessment supports [legacy Microsoft LAPS](https://www.microsoft.com/en-us/download/details.aspx?id=46899)only.
14
+
This security assessment supports [legacy Microsoft LAPS](https://www.microsoft.com/en-us/download/details.aspx?id=46899)and [Windows LAPS](/windows-server/identity/laps/laps-overview).
16
15
17
16
## What risk does not implementing LAPS pose to an organization?
18
17
@@ -25,18 +24,18 @@ LAPS simplifies password management while helping customers implement more recom
25
24
1. Review the recommended action at <https://security.microsoft.com/securescore?viewid=actions> to discover which of your domains have some (or all) compatible Windows devices that aren't protected by LAPS, or that haven't had their LAPS managed password changed in the last 60 days.
26
25
27
26
28
-
27
+
29
28
1. For domains that are partially protected, select the relevant row to view the list of devices not protected by LAPS in that domain.
30
29
31
30
32
-
33
-
> [!NOTE]
31
+
32
+
> [!NOTE]
34
33
> If the entire domain is not protected with LAPS, you won't see the list of all the unprotected devices.
35
34
36
35
1. Take appropriate action on those devices by downloading, installing and configuring or troubleshooting [Microsoft LAPS](https://go.microsoft.com/fwlink/?linkid=2104282) using the documentation provided in the download.
37
36
38
37
39
-
38
+
40
39
> [!NOTE]
41
40
> While assessments are updated in near real time, scores and statuses are updated every 24 hours. While the list of impacted entities is updated within a few minutes of your implementing the recommendations, the status may still take time until it's marked as **Completed**.
0 commit comments