Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ran successfully but password blank in LAPS UI #46

Closed
crsleeth opened this issue Dec 5, 2020 · 1 comment
Closed

Ran successfully but password blank in LAPS UI #46

crsleeth opened this issue Dec 5, 2020 · 1 comment

Comments

@crsleeth
Copy link

crsleeth commented Dec 5, 2020

macOS LAPS runs successfully for the first time and changes my local admin password and expiration time but when looking up the Mac in LAPS UI on Windows the password is blank. Expiration time correctly matches the output of the macoslaps command (ms-Mcs-AdmPwdExpirationTime) but ms-Mcs-AdmPwd is blank.

This is a copy of issue #33 but the user never posted a fix and I'm hoping someone can point me in the right direction. I do have limited control over my AD environment though.

LAPS UP blank password
@crsleeth
Copy link
Author

crsleeth commented Dec 7, 2020
edited
Loading

So, the issue was the AD admin account I use (not domain admin) did not have permission to view the ms-Mcs-AdmPwd attribute in AD because it was not the AD service account that was used to join the Mac to the domain. The fix was to join the Mac to the domain using my AD admin account. I imagine it could also be fixed by changing the security permissions on the computer object.

Amazing software Joshua, thank you for creating and supporting it.

@crsleeth crsleeth closed this as completed Dec 7, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@crsleeth