A centrally managed daily rotating EFS (windows) volume which gets called by some powershell scripts when you want to look up the daily rotated admin password for a machine.
For when machines inevitably get knocked off the domain.
I've been meaning, for the last couple years, to see if WebPasswordSafe (https://github.com/joshdrummond/webpasswordsafe) is a viable alternative to Secret Server for basic password storage functionality. Secret Server is reasonably nice, but a bit expensive for what it does.
it costs a lot and hasn't got functionality that couldn't be replicated by something open source, but for now it's that.
https://thycotic.com/products/secret-server/
Additionally:
A centrally managed daily rotating EFS (windows) volume which gets called by some powershell scripts when you want to look up the daily rotated admin password for a machine.
For when machines inevitably get knocked off the domain.
I think it's custom.
EDIT: it's from SANS.org
http://cyber-defense.sans.org/blog/2013/08/01/reset-local-ad...