Share via

Tried to seup LAPS on my 2016 ADDC running on 2019 Server. I cannot get it to work

Philip Lindeman 0 Reputation points
2025-10-03T13:13:41.58+00:00

Tried to seup LAPS on my 2016 ADDC running on 2019 Server, using the Microsoft Documentation. I cannot get it to work. Somehow while truobleshooting this I now have have both versions of LAPS on my server. How can get one of these versions off and correct the right template. I only have servers on thie domain to apply this to.Screenshot 2025-10-03 at 9.07.06 AM

Screenshot 2025-10-03 at 9.06.54 AM

Windows for business | Windows Server | Directory services | Deploy group policy objects
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Quinnie Quoc 7,475 Reputation points Independent Advisor
    2025-10-03T14:21:37.02+00:00

    Hi,

    To move forward, we recommend standardizing on Windows LAPS, which is built into newer versions of Windows and offers enhanced capabilities. First, uninstall the legacy LAPS (usually listed as “Local Administrator Password Solution” in Programs and Features). Then, ensure that the correct Group Policy templates are in place—specifically, use the Windows LAPS ADMX files and configure policies under Computer Configuration > Administrative Templates > System > LAPS.

    Since you're only applying this to servers, you can scope your GPO accordingly and verify that the correct attributes (like msLAPS-Password) are extended in your schema.

    Let us know if you'd like help validating your setup or cleaning up the configuration—we’re here to assist.

    If my answer is useful for you, please vote for it.

    Best regards,

    Quinnie Quoc,

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.