OVERLAPS for Microsoft LAPS Update 1.3.4

Introduction

We are pleased to announce the release of update 1.3.4 for OVERLAPS, our powerful web-based UI for Microsoft’s Local Administrator Password Solution (LAPS) environments.

This is a Feature Update, bringing you a selection of new and improved things within LAPS, as well as fixing a few minor bugs. For more information, please continue reading.

Where to get it

New and Existing customers will find the OVERLAPS 1.3.4 download available in their Downloads section from today. The upgrade procedure is simple and will preserve all of your existing settings.

Demo version

The OVERLAPS demo version available here has also been updated to version 1.3.4 and includes all of the features and fixes shown in this article.

New OVERLAPS Features

Support for Multi-Domain Forests

At the request of some of our customers, we have now implemented full support for managing multiple domains in the same forest from a single OVERLAPS instance.

Supported Configurations

Once you get outside of a single domain environment, it becomes increasingly difficult to cater to every possible situation and configuration. We’ve tried to test against various trust relationships setups, structural layouts, root hosted vs child hosted installations, the use of Universal Security Groups, and many, many other situations. However, there will be things in the wild that we may not have been able to anticipate.

As always, please report any bugs or other issues to us via our Contact form, and we will do our best to help you. Please provide as much information as you can when submitting a bug report as this will significantly impact on the time it takes us to reach a solution.

Improvements to Security Group Handling

In order to safely and securely implement multiple domain support, we have made significant modifications to the internal handling of Security Groups.

Changes to Denial-of-Service Protection

Increased Default Limits

In order to allow for customers with particularly large domains, we have quadrupled the default limitations in our DoS protection system.

Customisation

We have also added two additional variables to your configuration files to allow for this system to be tweaked if problems should occur:

MaxInputStreamSizeBytes

Specifies the maximum number of bytes that will be read from a single web request stream. This defaults to 5MB, but rarely requires that much.

MaxInputVarsPerRequest

Specifies the absolute maximum number of data inputs that will be accepted during a single web request. Now defaulting to 2000, the main problem adjusting this value will overcome is if you have in excess of 2000 Organizational Units that you need to allow users access to.

Configuration File Backup

The configuration file now maintains a backup of the last 5 user-initiated changes. This can make it easier to revert to a previous state if something is incorrectly changed.

Additional Auditing

User login and logouts are now recorded in the history viewer for additional security auditing.

Bug Fixes

No major bug fixes were implemented in this update.