New LAPS version explained

Microsoft will release a new version of Local Administrator Password Solution (LAPS), which   provides new Azure AD features as well as new Active Directory OnPrem features and some migration features from the old version to the new one.

A video explaining everything in detail can be found here:

This video includes a nice overview showing how LAPS is working internally using CSP (lapscsp.dll), PowerShell (lapspsh.dll) or GPOs and LAPS core logic (laps.dll) which then reads and updates the expiry of accounts as well as updates their password, either in Azure Active Directory or in Windows Server Active Directory on premise:LAPS internal logic and flow architecture


LAPS can be used as solution against pass-the-hash ( and lateral-traversal attacks (, as well as for securing user help desk access or recover to devices with a fine-grained security model and for RBAC in Azure AD.


Almost perfect protection for websites and other services - Mutual TLS

Its hard to secure your IT services and applications. The list of possible attacks is long, as shown in the Mitre Att&ck framework , the...