- This topic has 2 replies, 3 voices, and was last updated 5 years ago by
.
- Posts
Hi
Im testing LAPS in our network. So far im understanding most of how it works
One thing Im concerned about is after re-imaging a “LAPS” computer – which is a computer who had laps already working perfectly before is not updating the password after a re-image
As soon as the imaging is complete on the computer I have checked and confirmed:
Its getting the GPO
its on the right OU
The LAPS client is installed
issued a reboot and gpupdate
However after checking the event log – Theres no admpwd event logs at all. And the password is not changing, it is just the default administrator password that comes with our image
I am assuming the password will not re-update untill the next expire day passes?
This is a little concerning from a security point of view as the password will be our generic one untill the password Age/expire passes on re-imaged computers who were in production previously
brand new computer should be ok
Hi,
You are correct, you need to clear the ms-MCS-AdmPwdExpirationTime value for the client during reinstall. Here is post that explains it and a script that you can run during OSD.
regards,
Jörgen
- You must be logged in to reply to this topic.
