This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 15%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi Everyone,
i tried to installed LAPS but its not showing the password, but i am able to see and send and view password expiry
my steps :
PS C:\Windows\system32> Import-module AdmPwd.PS
PS C:\Windows\system32> Update-AdmPwdADSchema
Operation DistinguishedName Status
AddSchemaAttribute cn=ms-Mcs-AdmPwdExpirationTime,CN=Schema,CN=Configuration,DC=o... EntryAlreadyExists
AddSchemaAttribute cn=ms-Mcs-AdmPwd,CN=Schema,CN=Configuration,DC=Domain... EntryAlreadyExists
ModifySchemaClass cn=computer,CN=Schema,CN=Configuration,DC=Domain,DC=c... AttributeOrValueExists
PS C:\Windows\system32> Set-AdmPwdComputerSelfPermission -OrgUnit 'Domain Computers'
Name DistinguishedName Status
Domain Computers OU=Domain Computers,DC=Domain,DC=co,DC=uk Delegated
PS C:\Windows\system32> Set-AdmPwdReadPasswordPermission -OrgUnit 'domain computers' -AllowedPrincipals 'LAPS Admins'
Name DistinguishedName Status
Domain Computers OU=Domain Computers,DC=Domain,DC=co,DC=uk Delegated
PS C:\Windows\system32> Set-AdmPwdResetPasswordPermission -OrgUnit 'domain computers' -AllowedPrincipals 'LAPS Admins'
Name DistinguishedName Status
Domain Computers OU=Domain Computers,DC=Domain,DC=co,DC=uk Delegated
PS C:\Windows\system32> Get-AdmPwdPassword Computer Name
ComputerName DistinguishedName Password ExpirationTimestamp
Computer Name CN=Computer Name,OU=Domain Computers,DC=Domain... 29/07/2020 18:22:24Thanks
Mo
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 4%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHK%3C/text%3E%3C/svg%3E)
I had this exact issue. The expiration date was updating but the password field was blank. come to find out, some of my OUs had GPO inheritance disabled. it was not applying the GPO. I had to enforce the GPO, and run GPupdate on all my machines, and now I can see the LAPs password
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
Thank you so much for posting here.
1, It is suggested that we could kindly have a recheck of the deployment. As per the deployment, we could refer to:
https://blog.thesysadmins.co.uk/deploying-microsoft-laps-part-1.html
https://blog.thesysadmins.co.uk/deploying-microsoft-laps-part-2.html
2, LAPS UI should be run as administrator to check the password.
3, Can we see ms-Mcs-AdmPwd and ms-Mcs-AdmPwdExpirationTime on Attribute Editor tab in computer Properties, but with Value <not set>? If so, we could kindly have a check of the password settings in LAPS. We could configure the password settings more complex than the local default password policy in clients.
For any question, please feel free to contact us.
Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Best regards,
Hannah Xiong
Hi Hannah
Please find attached both Attribute. I have also opned LAPS with Elevated privileges.
I have also tried power shell with Elevated privileges and password is blank.
Hi,
Thank you so much for your feedback.
Have we install LAPS to all the clients via GPO?
Computer Configuration->Policies->Software Settings->Right click Software Installation and click New->Package.
If so, we could kindly have a check whether LAPS is installed on this computer.
Best regards,
Hannah Xiong
Hi Hannah,
I can confirm that LAPS is installed on all the workstations.
Regards
Mo
Hi Mo,
Thank you so much for your kindly reply.
We are wondering whether LAPS not showing password of all the computers or some or only one specific computer? Have we run the LAPS as administrator?
It is suggested that we could double check the deployment of LAPS. Thanks.
Best regards,
Hannah Xiong
HI hanna<
than you for your reply
i did run as an administrator and also run as a difrent iser and used my admin account and no luck with passwords
