LAPS password not updating after computer re-image

[Patrick ParticipantTopics: 1Replies: 0Member Points: 67]

Hi

Im testing LAPS in our network. So far im understanding most of how it works

One thing Im concerned about is after re-imaging a “LAPS” computer – which is a computer who had laps already working perfectly before is not updating the password after a re-image

As soon as the imaging is complete on the computer I have checked and confirmed:

Its getting the GPO

its on the right OU

The LAPS client is installed

issued a reboot and gpupdate

However after checking the event log – Theres no admpwd event logs at all. And the password is not changing, it is just the default administrator password that comes with our image

I am assuming the password will not re-update untill the next expire day passes?

This is a little concerning from a security point of view as the password will be our generic one untill the password Age/expire passes on re-imaged computers who were in production previously

brand new computer should be ok

[Michael Pietroforte KeymasterTopics: 136Replies: 302 Post count: 913Member Points: 5,674]

This is just a wild guess, but I think each LAPS installation has its own GUID. Thus, you should deploy your image without LAPS client and then install the client afterwards through Group Policy or with your software deployment solution.

Let us know if you figured it out.

[Author]

Posts