AD Local Administrator Password Solution (LAPS) is a feature introduced in Lansweeper 10.4.2. You will need to
update your installation if you are running a lower Lansweeper version.
Lansweeper Classic now supports Local Administrator Password Solution (LAPS), a Microsoft solution for Active Directory, allowing centralized password management. You can provide one credential to retrieve many other credentials managed by LAPS. LAPS allows you to fetch the built-in password of each Windows computer, using just one central credential.
Prerequisites
To scan a Windows computer using LAPS, make sure that:
- LAPS is enabled on your domain.
- You're in possession of an account with admin rights for managing LAPS.
- The admin account must have the rights to rune Remote PowerShell on the AD LAPS server.
- The Group Policy Object (GPO) needs to be named "LAPS".
Test a LAPS credential
Before adding a LAPS credential, you can test whether the credentials are correct and whether the scan will be successful.
- On your Lansweeper Classic installation, browse to
Program Files (x86)\Lansweeper\Service
.
- Run the Lansweeper.TestTools.App executable.
- In the Scan Test Tool, select Local Administrator Password Solution, and fill in the fields:
- Username: username of the LAPS admin account.
- Password: password of the LAPS admin account.
- AD LAPS Server: address of the Domain Controller with LAPS file.
- Target Machine: FQDN or hostname.

- Select Execute. Once executed, the tool will display detailed logs of the process. When your connection is successful, your credentials have been validated for scanning.
Add a LAPS credential
- In the Lansweeper web console, navigate to the Scanning > Scanning credentials.
- In the Credentials tab, select Add new Credential.
- Select Local Administrator Password Solution as a credential type, and fill in the fields:
- Name: name for the credential.
- Username: username of the LAPS admin account.
- Password: password of the LAPS admin account.
- AD LAPS Server: address of the Domain Controller with LAPS file.

- Select Ok.
Map a LAPS credential
- In the Lansweeper web console, navigate to the Scanning > Scanning credentials.
- In the Credential Mapping tab, select Map Credential.
- Map the LAPS credential to one of the following mapping types:
- IP Address: specify the exact IP address as well.
- IP Range: specify the IP range.
- Windows Computer: enter the Domain\Computername path.
- Workgroup or Domain: enter the Workgroup or Domain.
- Select Add.

Was this post helpful? Leave a Kudo!
Did you have a similar issue and a different solution? Share your work in the comments below and help your fellow IT Heroes!
More questions? Browse our Quick Tech Solutions or Community Forum.
If you can't find what you're looking for, create a post in our Community Forum.