MicrosoftCliff_Fisher Much appreciated for the response.
>> But - why would you still run 2008R2 DFL/FFL when all your DCs are 2019? 🙂
We are in a process of migrating remaining few nodes (8) which are running legacy 3rd party apps.
While testing in my lab, I observed that Windows LAPS is not working. It started working only after I raised the DFL and FFL 2008 R2 to 2016
As per the Doc.
(If your domain is configured below 2016 Domain Functional Level (DFL), you can't enable Windows LAPS password encryption period.)
Which of the below Windows LAPS schema element should not be enabled?
msLAPS-PasswordExpirationTime |
msLAPS-Password |
msLAPS-EncryptedPassword |
msLAPS-EncryptedPasswordHistory |
msLAPS-EncryptedDSRMPassword |
msLAPS-EncryptedDSRMPasswordHistory |
ms-LAPS-Encrypted-Password-Attributes |
Thanks in advance.
