Colorado State University

As we wade into more aggressive security measures on all of our endpoint computers, we have been (for many years now) implementing the LAPS system as a way of easily providing local administrator credentials on an as needed basis. There are several reasons a user might need to request a LAPS credential set with the most common being the installation of specialized software that is not available through our endpoint management systems.

Here is an overview of the LAPS solution:

https://learn.microsoft.com/en-us/windows-server/identity/laps/laps-overview

Please keep in mind the following:
– Only online, fully patched, and CSU managed computers are eligible for LAPS.
– This is limited to modern Windows computers only at the moment.
– LAPS credentials rotate on a random schedule are refreshed after use. It is likely that credentials you received even a few days ago will have expired and new LAPS credentials will be needed for subsequent elevation.

To request LAPS credentials, please submit the request as a CNSIT ticket at the following URL. Be sure to include the name of the computer which can be found on the white label somewhere on the computer’s case as well. If you cannot find the label, you can find your Device’s name in Windows 11 by using ‘Settings’. In ‘Settings’, go to ‘System‘ and then ‘About‘ to see the “Device name”.

Please also include a description of why LAPS is needed in your request.

https://cnsit.colostate.edu/help