Skip to main content
A
AV_106144674-Participant
4-Participant
December 5, 2025
Solved

Windows Local Administrator Password Solution (LAPS)

  • December 5, 2025
  • 1 reply
  • 190 views
I am using Windchill PDMLink Release 12.1 and Datecode with CPS 12.1.2.9

Is Windchill and the Windchill Workers supported with the Windows Local Administrator Password Solution (LAPS)? If so, what are the instructions for implementing?

Here are the errors that I faced
N/A Requesting information about Windows LAPS
    Best answer by avillanueva

    Just from what I am reading, it appears that this is a process where you do not use a "local admin" as the running of the worker daemon service. When you define this service, you will have to use the administrator account that IT provides you which it seems will have a unqiue username and a rotating password. I think your task will have to keep that updated in the service definition. This should be no different than running as a non-admin user. Check out pages below for starting information. You can experiment with this but need to make sure that all parts of the publishing process work as that user running the service. 

    https://www.ptc.com/en/support/article/CS93677?source=search

    https://www.ptc.com/en/support/article/CS335558?source=search

     

    1 reply

    avillanueva
    23-Emerald I
    avillanueva23-Emerald I
    23-Emerald I
    December 8, 2025

    Can you be more specific? The internal Windchill admins and worker users I do not think would apply for this. They would use your LDAP for login. This might be for users running Windchill services or CAD worker login users. From there, I think normal Window account rules would apply. 

    A
    AV_106144674-ParticipantAuthor
    4-Participant
    December 9, 2025

    Our IT department is asking us to "Deploy LAPS and disable the local Administrator account on all servers.". We use Windows Server for Windchill and as many of our CAD workers as we can.

    I haven't worked with LAPS before and was wondering if there are any tips, best practices or places that LAPS can't be used with Windchill and CAD Workers.

    avillanueva
    23-Emerald I
    avillanueva23-Emerald IAnswer
    23-Emerald I
    December 10, 2025

    Just from what I am reading, it appears that this is a process where you do not use a "local admin" as the running of the worker daemon service. When you define this service, you will have to use the administrator account that IT provides you which it seems will have a unqiue username and a rotating password. I think your task will have to keep that updated in the service definition. This should be no different than running as a non-admin user. Check out pages below for starting information. You can experiment with this but need to make sure that all parts of the publishing process work as that user running the service. 

    https://www.ptc.com/en/support/article/CS93677?source=search

    https://www.ptc.com/en/support/article/CS335558?source=search

     

      Terms & ConditionsCookie settingsAccessibility statement