I'm curious about how different organizations manage password security for their local administrator accounts. PowerShell can be useful, but it gets tricky when WinRM isn't enabled or there are excessive firewall restrictions. I'm sure there are some effective tools out there, but I'd love to hear about what solutions you all are using in your workplaces.
5 Answers
Bitwarden has been our go-to password manager, and it works great for our needs.
For Intune devices, we stick with LAPS, while we use AutoElevate for non-Intune devices. Additionally, we have a company-managed password manager for anything else.
We utilize LAPS for managing local admin passwords. For other cases, a reliable password manager tool does the job pretty well.
We implement LAPS as part of our PAM solutions, offering cloud-based admin account rotation alongside just-in-time access to servers. Users can log in without knowing the password, and every access is secured with Passwordless MFA. If you're interested, I can give you more details!
If you're not keen on paying for fancy solutions like CyberArk, LAPS is a solid choice as many have mentioned.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures