LAPS

Commands:

#Import LAPs module
import-module ADMPwd.ps

#Allow computers 
Set-AdmPwdComputerSelfPermission -OrgUnit "Workstation"

#Set read rights for admin passwords
Set-AdmPwdReadPasswordPermission -Identity "ADPro Computers" -AllowedPrincipals "it_wrk_admins"

#Display users who have rights to read
Find-AdmPwdExtendedRights -Identity "ADPro Computers"

#Show password for host
Get-AdmPwdPassword HOST

Schema Attributes:

  • ms-Mcs-AdmPwd – This attribute saves the computer’s administrator password.

  • ms-Mcs-AdmPwdExpirationTime – This attribute saves the password expiration timestamp.

Display Password:

Can be seen in LAPS UI
Attribute of Workstation
Display in PS

Abusing LAPS:

Forensics:

Last updated