LAPS deployed successfully on few PCs under one OU and initially client's local administrator password set was successful.
But there are 2 things making issues:
1- PC1 password set through LAPS but logged in user changes the password to 1234 so that will not be replicated to the AD and LAPS keeps on showing the old password while PC logging-in only with password 1234 ...
I did password Expiry immediately through LAPS but still the password not updated on the client machine even after gpudate and reboot.
Is there any way to overcome this? How to know that what password currently set for clients?
2- LAPS installed in one of the server (not on DC) ... how to give access to Technical team users to manage the LAPS without providing access to the management server?