AD bound clients and local admin account with static passwords.

atomczynski
Valued Contributor

Looking to make our environment more secure.

We are self hosted and clients are bound to a local/hosted Active Directory.
We rely less and less on AD and at some point will move to other solutions but for now that's where we are.
Our fleet of Macs are enrolled in Automated Enrollment (DEP) and we use Apple School Manager / Apple Business Manager.

We use FileVault for data encryption.
I'm looking for some documentation how to introduce revolving local admin password. Not sure what the requirements for this are and if we need to change our imaging workflow. Right now FV is part of our onboarding process.

1 REPLY 1

mark_mahabir
Valued Contributor

Have you had a look at the macOSLAPS or LAPSforMac projects?