yesterday
How do you use Lansweeper to scan your entire network without relying on domain admin credentials, while still maintaining a strong security posture? What access controls and best practices do you follow?
Share your comments below.
yesterday
So we give it local admin creds on most of our machines, but if a system requires a domain admin cred. We are using the LSAgent to get that information. That way we don't risk the user being too elevated, and we ensure our security team that we can get the info without violating policy. The agents are amazing for getting you the inventory data when elevated creds and sometimes no creds at all are your only option for servers. Honestly, we get buy okay with simple admin level.
yesterday
Oh, I like that idea @RandomITDude232 -- I like that you use the agents for those without admin rights.
Maybe this is a little too personal... about your local admin creds, do you use Legacy LAPS to do this or are you guys using a single local credential?
I think what you are doing is a good idea. Having a local credential on servers vs. workstations vs. laptops vs. etc. would help to divide out the risk as well.
Thanks for sharing! Very interesting.
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now