Quick-start - Cloud LAPS
In this guide we will set up cloud LAPS so that you can protect your break-glass local and domain admin accounts with automated password rotation.
1. Prepare your MSP tenant
First and foremost sign up for idemeum cloud tenant and make sure you orient yourself with basic set up, such as adding technicians, creating customer tenants for your MSP, setting up branding and more. We have created a basic MSP tenant set up guide.
2. Configure customer tenant
Now access the customer tenant you created in the previous step. You can directly navigate to a customer tenant URL at customer-<your msp domain>.idemeum.com
or navigate to your MSP postal, Customers
section and click on the link from there.
Enable local directory for customer tenant
- Navigate to
Users
→User source
- Choose
Local
from the dropdown andSave
the configuration
Enable LAPS for customer tenant
Follow the steps below to configure LAPS for customer tenant. You can configure LAPS for computers and LAPS for Entra ID depending on your use case.
3. Install idemeum desktop application
To leverage LAPS for computers you need to install idemeum desktop agent.
If you want to also rotate domain admin account, install idemeum desktop client on domain controller.
Follow the steps below to install idemeum desktop client with command line.
4. View LAPS credentials
You can now view LAPS credentials for workstations and Entra ID.
- Navigate to customer tenant and access user portal
- Find the device you want to view LAPS credentials for or Entra ID application and click on
...
- Choose
View LAPS credentials
Questions?
If you have any questions please join our Discord chat, and we will help.