Hello,
Currently I use a script to populate the field on the Web UI and it works great. My current challenge is to have it handle using the old laps attribute in AD as well. Here is what I am looking for help on getting it to do:
1) If the Windows OS is 10/2019 or newer, run the Get-LAPSADPassword Command and shows its value
2) if the Windows OS if older the 10/2019, show the value from the legacy LAPS attribute: ms-mcs-AdmPwd
function onPostGet($Request){
if($Request.Class -ne "computer") {return}
if ($Request.IsAttributeRequested("edsvaLAPS") -eq $false) {return}
$machineName = $Request.Get("sAMAccountName")
try {
$customValue = Get-LapsADPassword -Identity $machineName -AsPlainText | ForEach-Object { $_.Password }
}
catch {
# An error occurred
$customValue = "An error occurred, verify that this computer is registered with LAPS"
}
$strAttrname = "edsvaLAPS"
$Request.Put($strAttrname, $customValue)
} #end request class