![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 78%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
1,545 questions
Hello ,
Following the activation of the administrator deactivation GPO (local admin).
MDT is stuck on the first reboot () !!!
Deploying to an OU where the Disable Local Administrator GPO does not apply
===> solves the problem.
But unfortunately this creates a new problem (manual move to desired OU)
The web services solution is not very practical or secure and honestly the scripts are very complicated)
We integrate the PCs into the domain on the WinPE (connection via a domain admin account and choice of the OU configured on CustomSetting.ini)
I wanted to know if there is a way to keep the mode of operation the same and to make sure that this GPO only applies if and only if the PC restarts after the deployment is complete.
But also that it (GPO) applies on old PCs of the same OR if there is the CSE (LAPS) to install
Knowing that the laps can also be installed on MDT and by GPO! !!!
I know the situation is a bit complicated, I hope I have explained the problem well.
Note: LAPS manages another account created during the installation of the LAPS client via the command