Forum Discussion
Installing Windows LAPS over Legacy LAPS
Hi all,
I have a simple LAB - of 1 DC and 1 member server (both 2019) which has had legacy LAPS installed (schema extended etc).
Now when I installed the MS update on the member server and then tried to run the permission command I got an error saying have you extended the schema. I tried to extend the schema using the new LAPs command but got an exception error.
Now I can't find any documentation or info regarding
1 ) In an environment where legacy LAPS has been configured, do you have to extend the schema again?
2) Do you have to run the permission command on the OU so the machines can write to the password attribute?
The LAPS has been out for a while so we should have more info.
- I've fixed my own issue!
Being a LAB, I had a 2nd DC which I never decommed properly, once I deleted the defunct DC from ADUC and Sites and Services I could extend the schema.
It appears I can have the the 2 schemas updates for each LAPS type.
2 Replies
- I've fixed my own issue!
Being a LAB, I had a 2nd DC which I never decommed properly, once I deleted the defunct DC from ADUC and Sites and Services I could extend the schema.
It appears I can have the the 2 schemas updates for each LAPS type.JohnJoeBlueberry
Hai JohnJoeBlueBerry, would like to ask you about how you fix your problem. Cause in my case, The servers not update the Laps Attribute but instead They Update the legacy Attribute which is AdmPwd not the Lapspwd.
Regards,Melki
