search

joshua-d-miller / LAPS-for-macOS

A macOS Application for retrieving LAPS AD Passwords
MIT License
44 stars 8 forks source link

When the Mac is off the network and password expires #9

Closed kumbimm closed 2 years ago

kumbimm commented 2 years ago

I have a question on how to prevent the password on the client from expiring and changing unless communication with the AD server is active, if it is needed. We can see ourselves in a position where on a remote client( working from home mac) the VPN connection software is broken. Active VPN needed to communicate to AD server for Laps. The LAPS password on the client has expired and changed and we have no way of finding it out. So we can't authenticate and re install/remove/fix the VPN software for the user. How does your Laps for mac make provision for this type of occurrence. Thanks

joshua-d-miller commented 2 years ago

Hello @kumbimm!

macOSLAPS when used with AD will not run unless it is able to contact Active Directory. If a user is at home and not connected to VPN you should see a log entry like this in /Library/Logs/macOSLAPS.log:

Error|2022-03-20 08:57:36|macOSLAPS|Active Directory Node not available. Make sure your Active Directory is reachable via direct network connection or VPN.

Let me know if that's helpful.

kumbimm commented 2 years ago

Hello Joshua

Thank you very much for all you support! I have taken on board what you have said. Thanks!

Kind Regards kumbi

Kumbi Mhlanga IS Support Engineer Rufus Leonard

​ Marketing Week Masters – Digital Transformation Winner ​Episerver Website Awards UK&I – Best Ecommerce Website ​Sitecore Gold Implementation Partner ​The Sunday Times 100 Best Companies to Work For ​ ​ D T +44 (0)20 7404 4490 rufusleonard.com

timeTo

​The Zeppelin Building, Ground Floor 59-61 Farringdon Road London EC1M 3JB

​_____ ​ Rufus Leonard Limited is registered in England and Wales ​Company number 3348509. VAT number: 691308528

From: Joshua D. Miller @.> Date: Sunday, 20 March 2022 at 13:12 To: joshua-d-miller/LAPS-for-macOS @.> Cc: Kumbi Mhlanga @.>, Mention @.> Subject: Re: [joshua-d-miller/LAPS-for-macOS] When the Mac is off the network and password expires (Issue #9)

Hello @kumbimmhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fkumbimm&data=04%7C01%7Ckumbi.mhlanga%40rufusleonard.com%7C6865dd8b4f374a9490e408da0a734981%7Ca1419243d09a41f5b4b367cb25136445%7C0%7C0%7C637833787514174573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=vmQwKxvUucI8Hhp92xZ0ukcekqaFdkewRzXDzqOzs4Y%3D&reserved=0!

macOSLAPS when used with AD will not run unless it is able to contact Active Directory. If a user is at home and not connected to VPN you should see a log entry like this in /Library/Logs/macOSLAPS.log:

Error|2022-03-20 08:57:36|macOSLAPS|Active Directory Node not available. Make sure your Active Directory is reachable via direct network connection or VPN.

Let me know if that's helpful.

— Reply to this email directly, view it on GitHubhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fjoshua-d-miller%2FLAPS-for-macOS%2Fissues%2F9%23issuecomment-1073249209&data=04%7C01%7Ckumbi.mhlanga%40rufusleonard.com%7C6865dd8b4f374a9490e408da0a734981%7Ca1419243d09a41f5b4b367cb25136445%7C0%7C0%7C637833787514174573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=n8BbHpF7AJb4wBTfZ8L17iahnhUdc%2FBXFRM6eeAi4jQ%3D&reserved=0, or unsubscribehttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAYDRBW7G4LD3ZZE5C6SDIDLVA4P3XANCNFSM5QDWOUDQ&data=04%7C01%7Ckumbi.mhlanga%40rufusleonard.com%7C6865dd8b4f374a9490e408da0a734981%7Ca1419243d09a41f5b4b367cb25136445%7C0%7C0%7C637833787514174573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=djWo%2B9JEMThuZ5i11ZEIOkjwsR15XQ11ycWOYLFEn5Y%3D&reserved=0. Triage notifications on the go with GitHub Mobile for iOShttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapps.apple.com%2Fapp%2Fapple-store%2Fid1477376905%3Fct%3Dnotification-email%26mt%3D8%26pt%3D524675&data=04%7C01%7Ckumbi.mhlanga%40rufusleonard.com%7C6865dd8b4f374a9490e408da0a734981%7Ca1419243d09a41f5b4b367cb25136445%7C0%7C0%7C637833787514174573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=iDj9yUB%2F301zGpEio3DgOXyWNj%2FX2FTSUnJNA7UdM%2Fw%3D&reserved=0 or Androidhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.github.android%26referrer%3Dutm_campaign%253Dnotification-email%2526utm_medium%253Demail%2526utm_source%253Dgithub&data=04%7C01%7Ckumbi.mhlanga%40rufusleonard.com%7C6865dd8b4f374a9490e408da0a734981%7Ca1419243d09a41f5b4b367cb25136445%7C0%7C0%7C637833787514174573%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Q2vraV02D93L2PN%2F7bsIxyaJkzC%2B2BKMeHhWTI3xiWA%3D&reserved=0. You are receiving this because you were mentioned.Message ID: @.***>