This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 57.99999999999999%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Hi,
We are implementing LAPS in our environment. What permissions are required for IT Staff to install LAPS UI on their systems to get the passwords of users' pcs local admins?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
I am checking to see if the problem has been resolved.
If there's anything you'd like to know, don't hesitate to ask.
Best Regards,
Hi,
Welcome to share here!
The requirements to install the LAPS on the clients, you can refer to the following link :
https://blog.thesysadmins.co.uk/deploying-microsoft-laps-part-1.html
The permission to Read password also need to be assigned to the specific users.
To Delegate a Security group the rights to view and reset LAPS, you can also refer to the link provided above.
Best Regards,
Hi,
Welcome to share your current situation if there are any updates.
Please feel free to let us know if you need further assistance.
Best Regards,
You can not delegate an MSI installation. But you can simply copy the files from an existing installation to any location you want. The LAPS UI does not register anything. It only needs the AdmPwd.UI.exe and AdmPwd.UI.DLL in a location
You can copy it to a share and deploy a link to it.