Return
-
Title
One Identity Manager Password Capture Agent supports LSA Protection -
Description
Starting with Windows Server 2016 Microsoft introduced a new security feature called Local Security Authority (LSA) protection.
Enabling LSA protection requires that each driver that should be used by the local security process (lsass.exe) goes through a certification and validation process with Microsoft. The Password Capture Agent is such a driver. Lsass.exe will reject loading the driver. This can be viewed in the Windows Event Log. -
Resolution
In order to enable LSA protection please use the version of the Password Capture Agent that is available under the "Application" section of the software downloads page:
Identity Manager - Download Software
Please use this version rather than the MSI file distributed with the installation source.