Issue opening GPO after LAPS update april 11. Issue password writeback azureAD

Hi everyone We are wondering why our password writebacks (azureAD sync) stopped working a few weeks ago. I found that when trying to open a random GPO, we get an error that the LAPS.admx file c...

GPO LAPS ADMX

Windows Server

Nick_A
Apr 28, 2023
I just went through something similar trying to find these policy files. Go to one of your domain controllers and search for LAPS.ADM* under C:\Windows. It should find about 4 of these files, 2 of them being LAPS.admx and another 2 for LAPS.ADML.

Copy only the LATEST version of each file:
LAPS.admx -> \\domaincontroller\sysvol\domain\Policies\PolicyDefinitions
LAPS.adml -> \\domaincontroller\sysvol\domain\Policies\PolicyDefinitions\EN-US

That should solve the missing policies in the group policy editor until MS releases updated GP policy bundles.

Alban1998

Iron Contributor

May 02, 2023

Hello,
April updates include a brand new LAPS, superceding/ old LAPS. This include new ADMX files (LAPS for the new ones, AdmPwd for the old ones). This new LAPS is only available on Windows 10/11 and Windows Server 2019/2022.
As always, make sure you follow those best practices :
- Implement a Central Store
- Make sure the OS you run your GPMC on is still supported (ideally, the latest operating system available) and is fully updated
- Make sure your domain controllers run a supported OS (ideally, with full support, so 2019+) and are fully updated
Also, I do not recommend to update ADMX files within C:\Windows directly as you might break the OS.

jenit

Copper Contributor

May 05, 2023

could this be the reason why our AZURE AD password writeback isn't working anymore?

Forum Discussion

Issue opening GPO after LAPS update april 11. Issue password writeback azureAD

Resources