myADMonitor
access-manager
myADMonitor | access-manager | |
---|---|---|
4 | 22 | |
36 | 230 | |
- | 0.9% | |
10.0 | 4.2 | |
over 1 year ago | 9 months ago | |
C# | C# | |
GNU Affero General Public License v3.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
myADMonitor
-
Ask HN: What apps have you created for your own use?
I usually have to commit large changes in Active Directory in production environments, to accommodate merges, splits or acquisitions. I created a tool to monitor in real time the changes happening in AD so I can see if there is anything wrong or unexpected happening. For that I created this tool for personal use and I open sourced it:
https://github.com/mihemihe/myADMonitor
- Best way to track changes to an AD Attribute?
- myADMonitor - Open-Source Live changes tracking for Active Directory.
access-manager
-
item level targeting
i use https://github.com/lithnet/access-manager as a pam. it gives you more control and insight into who is using admin access and that they only have it for a short period of time.
-
How to find out how many users have been given local admin rights on their machines?
That's where JIT credentials come into play for people that need to install their own software. You can fairly easily set up something like that with LAPS or Lithnet (or both, https://github.com/lithnet/access-manager). If you have that many endpoints that need that much admin access, then any sort of ransomware is going to mess things up real fast if it gets in, and you'll be spending a lot more than 30-40 hours just getting things back up and running.
-
Resetting Password permissions
or you could use https://github.com/lithnet/access-manager
- LAPS in small organization
- How does LAPS make things more secure?
- How do you manage users that need temp Admin access to company owned assets?
- Users needing local admin rights
-
Exporting LAP a good idea?
For example, Lithnet Access Manager is a relatively low-cost and open-source solution that can be rolled out in tandem with LAPS and then replace it if you need the extra features.
-
On premises MFA requirements conflicts with LAPS usage
Just in time Access, this is what I setup on our domain, I'm sure there are others but this is free and easy to setup. The Enterprise Edition is cheap as well. https://github.com/lithnet/access-manager
- PCI and LAPS
What are some alternatives?
PowerShell-Watch - A PowerShell Watch-Command cmdlet for repeatedly running a command or block of code until a change in the output occurs.
passcore - A self-service password management tool for Active Directory
macOSLAPS - Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows
ADCollector - A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
laps-web - A web site for managing access to local admin passwords managed by Microsoft LAPS
winsw - A wrapper executable that can run any executable as a Windows service, in a permissive license.
pingcastle - PingCastle - Get Active Directory Security at 80% in 20% of the time
LAPS-WebUI - A nice and simple Web Interface for LAPS (Local Administrator Password Solution)
SharpLAPS - Retrieve LAPS password from LDAP
LAPScache - .NET Framework Console App to cache LAPS Passwords from Disabled Active Directory Computer Objects.