Pending Review

Integrate LAPS (Local Administrator Password Solution) in WebUI for 'Access Agent' computers

Dominic DeFiore 4 years ago updated by NeighborGeek 1 year ago 4

We use Control across our org for primarily accessing domain joined computers, and most of the time when connecting we need to elevate via UAC. This means looking up the computer in LAPS, and copying the password.

If ConnectWise Control could have a field (like under the 'info' tab) where it could retrieve the current LAPS password from Active Directory (for logged in user that has permission) this would greatly improve our workflow.

Hi Dominic, 

Are you accessing domain joined computers from an Access session? Access sessions are already elevated into service mode due to the installed agent, so you shouldn't need to enter password via UAC. 

If not, it sounds like it might be beneficial to add agents to these computers to remove that UAC step from your workflow. 

Sorry I just saw this! Maybe I'm not explaining correctly (or maybe I've got some old settings since we've been using the product for a few years). All of my computers are domain joined and Access sessions. I don't need to elevate on connection, but I usually need to elevate during the session to complete administrative tasks for example:

User contacts service desk, needs software installed. Service desk connects to user's computer (to their active session). Service desk opens an EXE to install software. Windows UAC pops up. Service desk needs to elevate to install software. Currently, they need to look up the LAPS information to do this, but if Control was able to look up the LAPS password (from the toolbar?) and auto enter that would be awesome!

I'd recommend looking into the RMM+ Password Manager CW Control/CW Automate plug-in. This is an unofficial plug-in but supports IP block whitelisting and MFA. It's a pretty nice addition and works beautifully.

Agreed, a direct lookup and copy/paste of the laps password would be helpful.