So it would seem everyone agrees that it should be done. I was even questioning that. It seems pretty easy to change it regularly via SCCM or GPO and have 1 password.
I’ll look into that solution for sure though. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Chris Barnes Sent: April-11-17 6:18 PM To: mssms@lists.myitforum.com Subject: [mssms] RE: Opinions Local Admin Totally agree on LAPS. Probably the best ROI on effort for anything security related. Very easy to rollout. This is probably the best guide I have seen on rolling it out. https://flamingkeys.com/deploying-the-local-administrator-password-solution-part-1/ 2nd Place would be Credential Guard. Chris Barnes MCSE: Private Cloud|MCSE: Cloud Platform & Infrastructure Coretek Services | Microsoft Delivery Manager • 248.767.4415 cell • chris.bar...@coretekservices.com • http://www.coretekservices.com<http://www.coretekservices.com/> From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Daniel Ratliff Sent: Tuesday, April 11, 2017 2:17 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: Opinions Local Admin Use LAPS, no question. https://technet.microsoft.com/en-us/mt227395.aspx<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fmt227395.aspx&data=02%7C01%7Cchris.barnes%40coretekservices.com%7C7e697dd0aae648c0e42808d48108f3ec%7Cf7f66891a582418d999ecb1be5354253%7C1%7C0%7C636275322861559939&sdata=94Q%2BZ0hL0I8RWez55SIxeiJZ26Uv85DjPQrgWcBjPPs%3D&reserved=0> https://www.microsoft.com/en-us/download/details.aspx?id=46899<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3Fid%3D46899&data=02%7C01%7Cchris.barnes%40coretekservices.com%7C7e697dd0aae648c0e42808d48108f3ec%7Cf7f66891a582418d999ecb1be5354253%7C1%7C0%7C636275322861559939&sdata=4fzLYYwHS%2FG6ThhNe5HlAP0KmB5KHm7bDs25awaLnqA%3D&reserved=0> Daniel Ratliff From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Burke, John Sent: Tuesday, April 11, 2017 1:37 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] Opinions Local Admin Hi, We are talking about creating unique local admin passwords for our systems (vs changing it regularly). I’m wondering how many folks actually create unique local admin passwords vs just changing it regularly? The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
