This is a feature request to detect the (newer) Windows LAPS in addition to the current (legacy) Microsoft LAPS. I have only checked winPEAS.bat, but this feature request may also be relevant to winPEAS.ps1 and winPEAS.exe.
The LAPSInstallCheck in winPEAS.bat checks the (legacy) Microsoft LAPS status looking at the registry value(s) at HKEY_LOCAL_MACHINE\Software\Policies\Microsoft Services\AdmPwd. The newer Microsoft LAPS variant uses a different registry value at HKLM\Software\Microsoft\Policies\LAPS, HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\LAPS and HKLM\Software\Microsoft\Windows\CurrentVersion\LAPS\Config. See also the documentation at Supported policy roots.
carlospolop
commented
3 months ago
This is a feature request to detect the (newer) Windows LAPS in addition to the current (legacy) Microsoft LAPS. I have only checked winPEAS.bat, but this feature request may also be relevant to winPEAS.ps1 and winPEAS.exe.
The LAPSInstallCheck in winPEAS.bat checks the (legacy) Microsoft LAPS status looking at the registry value(s) at
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft Services\AdmPwd. The newer Microsoft LAPS variant uses a different registry value atHKLM\Software\Microsoft\Policies\LAPS,HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\LAPSandHKLM\Software\Microsoft\Windows\CurrentVersion\LAPS\Config. See also the documentation at Supported policy roots.