How can I implement something similar to Microsoft LAPS on mac? I want to achieve: One local admin account per mac - specifically for deskside support Each local admin has a different password Deskside support tech can retrieve password by looking up mac Password resets and rotates x-hours after it is retrieved by Deskside tech. I have one solution (Password manager Pro) that may potentially work, but i am not sure if there is a central way to manage this? Any ideas will be appreciated, thank you.

Question

Shared Local Admin Credentials

Forum|Forum|6 years ago
September 30, 2019
3 replies
23 views

C

+1

cypha

How can I implement something similar to Microsoft LAPS on mac?

I want to achieve:

One local admin account per mac - specifically for deskside support
Each local admin has a different password
Deskside support tech can retrieve password by looking up mac
Password resets and rotates x-hours after it is retrieved by Deskside tech.

I have one solution (Password manager Pro) that may potentially work, but i am not sure if there is a central way to manage this?

Any ideas will be appreciated, thank you.

+15

mark_mahabir
Jamf Heroes
Forum|Forum|6 years ago
October 1, 2019

We use macOSLAPS but LAPSforMac is a good alternative.

E

C

Like

A

+10

ammonsc
Contributor
Forum|Forum|6 years ago
October 1, 2019

Could you base the password on something like the serial number? If so that could be scripted to create and set each local admin user.

Like

F

+4

FranckS
Contributor
Forum|Forum|4 years ago
August 14, 2021

You may also test EasyLAPS. I'm the author of this tool which is designed to regularly rotate the local administrator account password of a Mac and store it in a MDM like Jamf Pro or Jamf School.

Like

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded