ADCollector
access-manager
ADCollector | access-manager | |
---|---|---|
1 | 22 | |
619 | 230 | |
- | 0.9% | |
0.0 | 4.2 | |
almost 2 years ago | 9 months ago | |
C# | C# | |
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ADCollector
access-manager
-
item level targeting
i use https://github.com/lithnet/access-manager as a pam. it gives you more control and insight into who is using admin access and that they only have it for a short period of time.
-
How to find out how many users have been given local admin rights on their machines?
That's where JIT credentials come into play for people that need to install their own software. You can fairly easily set up something like that with LAPS or Lithnet (or both, https://github.com/lithnet/access-manager). If you have that many endpoints that need that much admin access, then any sort of ransomware is going to mess things up real fast if it gets in, and you'll be spending a lot more than 30-40 hours just getting things back up and running.
-
Resetting Password permissions
or you could use https://github.com/lithnet/access-manager
- LAPS in small organization
- How does LAPS make things more secure?
- How do you manage users that need temp Admin access to company owned assets?
- Users needing local admin rights
-
Exporting LAP a good idea?
For example, Lithnet Access Manager is a relatively low-cost and open-source solution that can be rolled out in tandem with LAPS and then replace it if you need the extra features.
-
On premises MFA requirements conflicts with LAPS usage
Just in time Access, this is what I setup on our domain, I'm sure there are others but this is free and easy to setup. The Enterprise Edition is cheap as well. https://github.com/lithnet/access-manager
- PCI and LAPS
What are some alternatives?
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
passcore - A self-service password management tool for Active Directory
myADMonitor - myADMonitor is an open-source Active Directory changes tracking tool
macOSLAPS - Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows
SharpShares - .NET 4.0 Share Hunting and ACL Mapping
laps-web - A web site for managing access to local admin passwords managed by Microsoft LAPS
pingcastle - PingCastle - Get Active Directory Security at 80% in 20% of the time
LAPS-WebUI - A nice and simple Web Interface for LAPS (Local Administrator Password Solution)
SharpLAPS - Retrieve LAPS password from LDAP
LAPScache - .NET Framework Console App to cache LAPS Passwords from Disabled Active Directory Computer Objects.