Microsoft
Microsoft
>>We also have a step to immediately expire the legacy LAPS password if the AD account is reused.
>> https://learn.microsoft.com/en-us/archive/blogs/laps/laps-and-machine-reinstalls
>> Will this need to be updated for Windows LAPS if an AD machine account is reused?
This behavior will be different for new Windows LAPS. Windows LAPS maintains some local registry state to help it detect various state and environment transitions. If a LAPS policy is applied to the device, but the local registry state is missing (as it would likely be after a machine OS re-install), Windows LAPS will immediately rotate the password regardless of what the AD-persisted pwd expiration time says. In general Windows LAPS will be far more aggressive than legacy LAPS ie it will rotate the password in just about any "when in doubt" situation.
Net net: I would say you can eventually remove your manual LAPS pwd expiry step, but I don't see any need to rush such a change. (Since rotating passwords stored in AD is fairly cheap\lightweight.)