Adaxes

Microsoft LAPS

0 votes

We are implementing Microsoft LAPS tool. https://technet.microsoft.com/en-us/lib ... 62591.aspx. I would like to setup an after computer object modification action that gives the "ManagedBy" user for a computer account rights to read the computers account Ms-Mcs-AdmPwd attribute then send an email message to the end user.

So what would happen is the helpdesk would assign the end user as the "ManagedBy" of the computer object.
A Business rule would be triggered on Modification of said attribute.
A PowerShell script in the Business rule would then set the rights to the modified computer for the "ManagedBy" user to read "Ms-Mcs-AdmPwd" attribute for that computer only.
An email would go out to the end user with instructions.

Issue:
- The PowerShell module that comes with the LAPS solution is not supported by Adaxes yet even though it only requires PowerShell 2.0 and up.
- I suppose I could use native PowerShell to set the read access to the attribute myself but it would be handy just to use the MS PS Module.

How would you go about setting something like this up?

Thank you

by (590 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

The easiest way would be to run your script in a new PowerShell instance. Since it is going to be a separate instance created outside of Adaxes, the limitation to use PowerShell 2.0 only will not apply. For information on how to run a script in a new instance, see the following sample in our Script Repository: http://www.adaxes.com/script-repository ... e-s290.htm.

Related questions

0 votes
1 answer
Is there going to be support added for the new LAPS version?

Hi: With LAPS using new schema and encryption, is there a way to return that with Adaxes? Thanks!

asked May 30, 2023 by crobitaille (80 points)
0 votes
1 answer
How to show LAPS password in Adaxes web portal

We are in the process of implementing LAPS in our environment. Is there an option / way to get the password from the Adaxes web portal?

asked Jun 15, 2020 by peggleg (110 points)
0 votes
0 answers
LAPS - Show Password using ADAXES UI

ACK - disregard the below question, the answer is simple and a misunderstanding on my part. For those searching this, simply expose the ms-mcs-admpwd computer property and as ... in the web UI. What might be the best/cleanest way to implement this? Thanks!

asked Aug 9, 2016 by VTPatsFan (610 points)
0 votes
1 answer
LAPS - Convert ms-Mcs-AdmPwdExpirationTime to Readable Date

Is it possible to visually convert the computer property associated with the Local Administrator Expiration Date "ms-Mcs-AdmPwdExpirationTime" from an integer to a more readable date ... on the fly when the property is displayed in the web interface. Thanks!

asked Aug 16, 2016 by VTPatsFan (610 points)
0 votes
1 answer
Can you do an In-Place OS upgrade from Microsoft Server 2016 to Microsoft Server 2019 or 2022 with version 3.16.21906.0

OS In-place upgrade with Adaxes software installed

asked Mar 15 by sra98a (120 points)
3,349 questions
3,050 answers
7,791 comments
545,067 users