pingcastle
pingcastle copied to clipboard
Feature Request - New Windows LAPS Detection
Thanks for the great software!
I recently installed a new forest and setup the new Windows LAPS introduced below.
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/by-popular-demand-windows-laps-available-now/ba-p/3788747
When running pingcastle 3.0.0.3, the LAPS check under anomalies is matched. I'm guessing Pingcastle is relying on the legacy LAPS implementation. It would be great to have a hybrid approach here to detect the new Windows LAPS systems (and its features). Other things that would be really cool to detect:
- Is the DFL high enough (2016) to support the LAPS password encryption features?
- Informational - Is password history configured with LAPS?
- Resolution of which users have effective rights to passwords (clear text or encrypted)
- Are DSRM passwords being rotated with Windows LAPS?
- Are post authentication actions enforced/configured?
etc.