Recently Microsoft released an updated version of LAPS (Local Admin Password System). We have a lab here at the office where I'm testing it on a DC & a few Windows boxes. It works well, but here is my question.
It "appears" to only work with the "Built in admin" account, and not any created ones. When we deploy a new box we disable the built in admin account and a script creates a new separate admin account. Will this software monitor and change CREATED admin accounts & not just the built in one? My suspicion is no it won’t, because it only monitors a specific common GUID that is related to the built in account. Any thoughts or help is appreciated!