LAPS-WebUI icon indicating copy to clipboard operation
LAPS-WebUI copied to clipboard

Published 20 hours ago verified publisher icon Seji64

Is there support for Windows LAPS?

Open needthisforctf opened this issue 1 year ago • 4 comments

I'm running LAPS-WebUI using Docker on Linux, connection to ldap goes through, I can login with my username, but search for any ComputerName yields no results despite computers clearly being under SearchBase DN. No errors in logs.

I low-key suspect that the issue arises due to the fact that I'm using Windows LAPS instead of now deprecated Microsoft LAPS, but can't say for sure.

My docker-compose:

services:
    laps-webui:
        restart: always
        image: ghcr.io/seji64/laps-webui:1.6
        ports:
            - 8080:8080
        environment:
            - Domains__0__Name=Contoso
            - Domains__0__Ldap__Server=dc01.contoso.loc
            - Domains__0__Ldap__Port=636
            - Domains__0__Ldap__UseSSL=true
            - Domains__0__Ldap__TrustAllCertificates=true
            - Domains__0__Ldap__SearchBase='OU=Depts,OU=Contoso,DC=contoso,DC=loc'

needthisforctf avatar Oct 24 '24 13:10 needthisforctf

Anything in the Container log? Are you sure you have enabled LDAPS on your Domain Controller? (Maybe Go First with 389)

Seji64 avatar Oct 24 '24 16:10 Seji64

OK, so LDAPS is enabled, but certificate is self-signed and root CA is not imported on docker machine, so I decided to do as you said and try 389 — still doesn't work, still in the same way. Nothing too sus in logs of the container:

laps-webui-1  | [19:16:12 WRN] Storing keys in a directory '/home/app/.aspnet/DataProtection-Keys' that may not be persisted outside of the container. Protected data will be unavailable when container is destroyed. For more information go to https://aka.ms/aspnet/dataprotectionwarning
laps-webui-1  | [19:16:12 WRN] Storing keys in a directory '/home/app/.aspnet/DataProtection-Keys' that may not be persisted outside of the container. Protected data will be unavailable when container is destroyed. For more information go to https://aka.ms/aspnet/dataprotectionwarning
laps-webui-1  | [19:16:12 WRN] No XML encryptor configured. Key {***} may be persisted to storage in unencrypted form.
laps-webui-1  | [19:16:12 WRN] No XML encryptor configured. Key {***} may be persisted to storage in unencrypted form.
laps-webui-1  | [19:16:39 WRN] Failed to determine the https port for redirect.
laps-webui-1  | [19:16:39 WRN] Failed to determine the https port for redirect.
laps-webui-1  | [19:16:40 INF] HTTP GET / responded 200 in 429.7660 ms
laps-webui-1  | [19:16:40 INF] HTTP GET / responded 200 in 429.7660 ms
laps-webui-1  | [19:16:40 INF] HTTP GET /_framework/blazor.server.js responded 200 in 30.7275 ms
laps-webui-1  | [19:16:40 INF] HTTP GET /_framework/blazor.server.js responded 200 in 30.7275 ms
laps-webui-1  | [19:16:40 INF] HTTP GET /_blazor/initializers responded 200 in 6.2545 ms
laps-webui-1  | [19:16:40 INF] HTTP GET /_blazor/initializers responded 200 in 6.2545 ms
laps-webui-1  | [19:16:40 INF] HTTP POST /_blazor/negotiate responded 200 in 13.3014 ms
laps-webui-1  | [19:16:40 INF] HTTP POST /_blazor/negotiate responded 200 in 13.3014 ms
laps-webui-1  | [19:16:42 INF] HTTP GET /healthz responded 200 in 9.6422 ms

needthisforctf avatar Oct 24 '24 19:10 needthisforctf

@Seji64, anything on this?

needthisforctf avatar Oct 30 '24 21:10 needthisforctf

Have same issue, no results when searched with any computername

comoriano76 avatar Dec 12 '24 12:12 comoriano76