Hello @eC4ve ,
Thanks for posting here.
Microsoft Local Administrator Password Solution (LAPS) is a Microsoft tool that gives AD administrators the ability to manage the local account password of domain-joined computers and store them in AD.
Someone might be wondering whether the Administrator password storing in AD in plain text is secure.
The ms-Mcs-AdmPwd attribute in AD is a confidential attribute protected by an Access Control List (ACL). Only users with permissions to view this attribute can view the password (that is, Domain Admins and anyone else they’ve delegated access to). Keeping the same local Administrator password across large groups of systems is a much bigger security risk.
Best regards,
Hannah Xiong