Knowledgebase

Quick-start - Cloud LAPS for computer accounts

In this guide we will set up cloud LAPS so that you can protect your break-glass local and domain admin accounts with automated password rotation.

1. Prepare your MSP tenant

First and foremost sign up for idemeum cloud tenant and make sure you orient yourself with basic set up, such as adding technicians, creating customer tenants for your MSP, setting up branding and more. We have created a basic MSP tenant set up guide.

2. Configure customer tenant

Now access the customer tenant you created in the previous step. You can directly navigate to a customer tenant URL at customer-<your msp domain>.idemeum.com or navigate to your MSP postal, Customers section and click on the link from there.

Enable local directory for customer tenant

Navigate to Users → User source
Choose Local from the dropdown and Save the configuration

Enable LAPS for customer tenant

Follow the steps below to configure LAPS for customer tenant.

3. Install idemeum desktop application

Now you can install idemeum desktop application to a customer workstation.

❗

If you want to rotate local admin accounts on local and domain-joined workstations only, then install idemeum desktop client only on these workstations.

If you want to also rotate domain admin account, install idemeum desktop client on domain controller.

Follow the steps below to install idemeum desktop client with command line.

4. View LAPS credentials

You can now view LAPS credentials for workstations.

Questions?

If you have any questions please join our Discord chat, and we will help.

Quick-start guides

Just-in-time admin accounts

Endpoint privilege management

Password vault

Multi-tenant MSP portal

Desktop agent

Passwordless MFA

Cloud directory

Cloud RADIUS

RFID Single Sign-On

Single Sign-On

Security

Support