Phone Get Quote
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892


LAPS auditing with ADAudit Plus

Access to admin credentials got you worried about security?

With ADAudit Plus' LAPS event log auditing, continuously keep track of who is viewing or modifying local admin credentials.

ADAudit Plus' LAPS audit tool provides information on:

  • Users who have viewed passwords.
  • Users who have modified a password's expiration time and date.
    Usually, the LAPS changes passwords automatically on a frequent basis. ADAudit Plus notifies administrators when password expiration dates are extended due to the event's contentious nature.
LAPS Password Read Audit

LAPS Password Read Audit

LAPS Password Expiry Change Audit

LAPS Password Expiry Change Audit

Local administrator accounts have full access to the machine they are located on, and can assign rights and permissions to users as necessary. But, managing local administrative accounts has always been a problem. In the past, using a common username and password to simplify access for help desk admins was standard practice. This left systems vulnerable to attacks, including pass the hash attacks that obtain clear text passwords without the use of brute force. 

The Local Administrator Password Solution (LAPS) can help mitigate attacks and also act as a central repository of local administrator passwords in Active Directory, without the need for additional software applications or special hardware. LAPS uses group policy client-side extensions that generate random passwords for every member on the domain. It also automatically generates new passwords upon expiration, which are stored in a secure attribute inside the computer's Active Directory computer account. A domain administrator can then allow a preferred set of users to read these passwords using their own AD credentials.

Since LAPS contains domain-wide, local administrator security information, it is essential to monitor and audit LAPS.

Try ADAudit Plus for free.

Download now 30 days free trial

ADAudit Plus' advantage over native auditing tools.

  • Top-notch search and parse capabilities.

    Leverage technology for improved performance.

  • Seamless SIEM integrations.

    Integrate directly with popular SIEM tools.

  • User behavior analytics.

    Leverage advanced statistical analysis and machine learning techniques to detect anomalous behavior.

  • Out-of-the-box compliance reports.

    Meet various compliance standards, such as SOX, HIPAA, PCI, FISMA and GLBA.

  • Data archiving.

    Plan resource capacity by studying resource utilization patterns over time.

  • Comprehensive search.

    Search across all reports, AD Objects, configuration pages, and help docs.

Know more

What our customers say

  • I highly recommend ADAudit Plus. Now, I can easily monitor user logons, file deletions / modifications, changes in AD and export them as reports. The friendly UI and product support before and after-purchase are excellent.

    Huseyin Akbaba

    Information Technologies, Rmk Marine

  • Thanks to ADAudit Plus, our daily task of file restoration and tracking owners of the File and Active Directory changes has reduced 85%.

    Matt Cranson

    Network Administrator, Morbark, Inc.

  • ADAudit Plus solved our challenge of tracking login information [based on the] location of field workers. Additionally, we now know who made what incorrect/accidental AD changes.

    Shannon Steffenson

    Network systems manager, Seattle Housing Authority

ADAudit Plus Trusted By