What is a one sentence summary of your feature request?
Need to be able to audit what technicians display Windows LAPS device passwords
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
We are needing the read access of Windows LAPS to be auditable. While our technicians have their own admin accounts, we would like to audit those that are trying to use the generic local login from Windows LAPS. Ideally we would have an alert configured for this so that our domain admins would be made aware the password was revealed. We can then query as to why they were not able to use their own login information and resorted to use of the generic accounts that have less accountability.
How do you currently solve the challenges you have by not having this feature?
At this time we are having to shift logs out to a Power BI log analytics workspace and do manual search queries over a period of time. While we are able to accomplish this the search is very busy and includes windows logs that are not related and with it not being able to alert quickly we usually dont get valid answers from technicians due to the timing of the events and when logs are searched.