- Tue, Sep 5 2017 at 7:13 pm #246557PatrickParticipantMember Points: 67Rank: 1
Im testing LAPS in our network. So far im understanding most of how it works
One thing Im concerned about is after re-imaging a “LAPS” computer – which is a computer who had laps already working perfectly before is not updating the password after a re-image
As soon as the imaging is complete on the computer I have checked and confirmed:
Its getting the GPO
its on the right OU
The LAPS client is installed
issued a reboot and gpupdate
However after checking the event log – Theres no admpwd event logs at all. And the password is not changing, it is just the default administrator password that comes with our image
I am assuming the password will not re-update untill the next expire day passes?
This is a little concerning from a security point of view as the password will be our generic one untill the password Age/expire passes on re-imaged computers who were in production previously
brand new computer should be ok
- Mon, Sep 11 2017 at 9:17 am #250675Michael PietroforteKeymasterMember Points: 32,914Rank: 4
This is just a wild guess, but I think each LAPS installation has its own GUID. Thus, you should deploy your image without LAPS client and then install the client afterwards through Group Policy or with your software deployment solution.
Let us know if you figured it out.
- Mon, Sep 25 2017 at 12:44 pm #266023
- You must be logged in to reply to this topic.