Expire-LAPSPassword.ps1
Someone contacted me with some questions from our MDT+LAPS post, and we agreed they might benefit from seeing the internal PowerShell script we wrote to expire the local machine’s LAPS password, Expire-LAPSPassword.ps1. So I’ve put it in a gist.
Notes
-
This script has a dependency on Invoke-CommandAs, since we need to run the expiration command as the
SYSTEM
user. It’s an excellent PS module for this purpose and I’m grateful for its existence. -
I cannot recall exactly why we had to use the 2.8.5.201 version of the NuGet provider, but I remember it seemed important at the time. That module-loading stanza has been copy-pasted into over a dozen of our PS scripts over the years, so it’s likely whatever reason that was may not be applicable any more.
-
This script is a bit chatty in terms of output, which met our needs. If you don’t like that, you could easily change some of the
Write-Output
commands toWrite-Verbose
to quiet it down some during normal operation. -
I’ll glady take feedback if you have it. When it comes to scripting and coding, I’m an overconfident amateur. I’d love to continue improving with your suggestions.