From f44ddd6933daa7a5df089ddaa5aa03f63691f825 Mon Sep 17 00:00:00 2001 From: Ryan Newington Date: Sun, 1 Jul 2018 13:17:12 +1000 Subject: [PATCH 1/3] Update README.md --- README.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/README.md b/README.md index bd4da5f..81d0722 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,28 @@ It provides granular permissions, auditing, email alerting and rate-limited acce It is compatible with OpenID Connect, WS-Federation (ADFS), and integrated windows authentication. +### Screen shots +#### Requesting a password +The LAPS web app provides a simple interface for accessing local admin passwords. Simply provide the computer name, and if you have access, the password is shown. + +![](https://github.com/lithnet/laps-web/wiki/images/RequestPassword.png) + +Administrators also have the option of setting an expiry time when a password is accessed. This ensures that the password is rotated after use. + +![](https://github.com/lithnet/laps-web/wiki/images/ShowPassword.png) + +#### Audit success and failure event logs +All success and failure events are logged to the event log + +![](https://github.com/lithnet/laps-web/wiki/images/AuditSuccess.png) + +![](https://github.com/lithnet/laps-web/wiki/images/AuditFail.png) + +#### Rate limiting +To prevent mass enumeration of passwords, you can limit the number of passwords an IP address or user can access within a given period. + +![](https://github.com/lithnet/laps-web/wiki/images/RateLimited.png) + ### Guides * [Installing the app](https://github.com/lithnet/laps-web/wiki/Installing-the-app) * [Configuration settings](https://github.com/lithnet/laps-web/wiki/Configuration-settings) From d46a12e7c8317828ad3d199cb527bd9450f3d61d Mon Sep 17 00:00:00 2001 From: Ryan Newington Date: Sun, 1 Jul 2018 13:27:37 +1000 Subject: [PATCH 2/3] Update README.md --- README.md | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 81d0722..2d51d4b 100644 --- a/README.md +++ b/README.md @@ -6,44 +6,47 @@ It provides granular permissions, auditing, email alerting and rate-limited acce It is compatible with OpenID Connect, WS-Federation (ADFS), and integrated windows authentication. -### Screen shots -#### Requesting a password -The LAPS web app provides a simple interface for accessing local admin passwords. Simply provide the computer name, and if you have access, the password is shown. +## Features +### Web-based accesss to LAPS passwords +The LAPS web app provides a simple web-based and mobile-friendly interface for accessing local admin passwords. There's no need for admins to install custom software, or have access to AD administrative tools to access LAPS passwords. Simply provide the computer name, and if you have access, the password is shown. ![](https://github.com/lithnet/laps-web/wiki/images/RequestPassword.png) -Administrators also have the option of setting an expiry time when a password is accessed. This ensures that the password is rotated after use. +LAPS Administrators also have the option of forcing an expiry time when a password is accessed. This ensures that the password is rotated after use. ![](https://github.com/lithnet/laps-web/wiki/images/ShowPassword.png) -#### Audit success and failure event logs -All success and failure events are logged to the event log +### Audit success and failure event logs +All success and failure events are logged to the event log and a file. These can be easily shipped off to a SIEM for record keeping and further analysis and reporting. ![](https://github.com/lithnet/laps-web/wiki/images/AuditSuccess.png) ![](https://github.com/lithnet/laps-web/wiki/images/AuditFail.png) -#### Rate limiting +### Rate limiting To prevent mass enumeration of passwords, you can limit the number of passwords an IP address or user can access within a given period. ![](https://github.com/lithnet/laps-web/wiki/images/RateLimited.png) -### Guides +### Modern authentication options +The web app supports traditional integrated windows authentication, as well as external authentication providers such as ADFS or 3rd party OpenID Connect providers. Using an external authentication provider allows you the option of providing additional protections for the application such as multifactor authentication. + +## Guides * [Installing the app](https://github.com/lithnet/laps-web/wiki/Installing-the-app) * [Configuration settings](https://github.com/lithnet/laps-web/wiki/Configuration-settings) * [Authentication options](https://github.com/lithnet/laps-web/wiki/Authentication-options) * [Branding and customisation](https://github.com/lithnet/laps-web/wiki/Branding-and-customisation) -### Download the app +## Download the app Download the [current release](https://github.com/lithnet/laps-web/releases/) -### How can I contribute to the project +## How can I contribute to the project Found an issue? * [Log it](https://github.com/lithnet/laps-web/issues) Want to fix an issue? * Clone the project and submit a pull request -### Keep up to date +## Keep up to date * [Visit my blog](http://blog.lithiumblue.com) * [Follow me on twitter](https://twitter.com/RyanLNewington)![](http://twitter.com/favicon.ico) From 9f40aac5b228b7e2dedac3521bcc9fec651e4096 Mon Sep 17 00:00:00 2001 From: Ryan Newington Date: Sun, 1 Jul 2018 13:28:04 +1000 Subject: [PATCH 3/3] Update README.md --- README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/README.md b/README.md index 2d51d4b..821a4e1 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,7 @@ # Lithnet LAPS Web App The Lithnet LAPS Web App is an IIS application that allows you to manage access to local admin passwords that are managed by the [Microsoft Local Admin Password Solution (LAPS)](https://technet.microsoft.com/en-us/mt227395.aspx) -It provides granular permissions, auditing, email alerting and rate-limited access to LAPS passwords stored in a directory. - -It is compatible with OpenID Connect, WS-Federation (ADFS), and integrated windows authentication. +It provides granular permissions, auditing, email alerting and rate-limited access to LAPS passwords stored in a directory and is compatible with OpenID Connect, WS-Federation (ADFS), and integrated windows authentication. ## Features ### Web-based accesss to LAPS passwords