gathering LAPS passwords via Devolutions-Gateway

Hello Marcus,

Good news, we have already added the ability to decrypt LAPS passwords across domains (different than the one that RDM is joined) in our 2025.2 release (coming in June). We still do not support doing it over a Gateway, but this is something we could definitely add as well, I will create a ticket for that feature.

Thanks,
Paul Dumais

Hello Marcus,

Good news, we have already added the ability to decrypt LAPS passwords across domains (different than the one that RDM is joined) in our 2025.2 release (coming in June). We still do not support doing it over a Gateway, but this is something we could definitely add as well, I will create a ticket for that feature.

Thanks,
Paul Dumais

Hello Paul,

thanks for that information, so it is still the client who is doing the LAPS query and needs access to the domains?

Hello Marcus,

Good news, we have already added the ability to decrypt LAPS passwords across domains (different than the one that RDM is joined) in our 2025.2 release (coming in June). We still do not support doing it over a Gateway, but this is something we could definitely add as well, I will create a ticket for that feature.

Thanks,
Paul Dumais

Hello Paul,

thanks for that information, so it is still the client who is doing the LAPS query and needs access to the domains?

Hello Marcus,

Sorry for the delay getting back to you. Yes the client does the LAPS query, but it can work across domains, because we connect to the domain controller directly and fetch the DPAPI decryption keys over RPC, then get the LAPS password over LDAP from the remote domain.

Paul