MicrosoftSoixantehuite68
OS is doing the action, AD is just storing the information, not woriing about what the OS as a Member of AD is going to do. AD is just holding the information.
LAPS is a 2 part component. a) storing information in AD database and b) a client component, that interacts with the data.
MS decicded to force a 2016 AD FFL/DFL. So every DC 2016 and up can provide an AD on that level as a database to store information -> a) checked.
The Member (Server or Client) needs 04-2023 Update feature to do the action, this is only available in 10/11/2019/2022 and up.
A 2016 operating system will not get part b). So, a 2016 Server will never have an automated change of the password of a local account by the new LAPS. Usually, your DC is not running LAPS anyway. The DC is not acting as a member to change the Administrators passwords automatically. It only stores the information of all users.
