LAPS password from computer in other domain (PS)

If you ever need to read a LAPS password on a device in another domain, you have to get a bit creative as the LAPS UI doesn’t support multi-domain in an easy fashion.

There is of course the use of “distinguishedName” attribute, but who can remember this and when you are in the Attribute Editor anyway – to copy this – you can read the LAPS password inhere.

But with PowerShell, you can do a simple query … or two …

With LAPS module

  • With the LAPS PS module you get the expirationTime formated in a readable format

No LAPS module

  • Without the LAPS PS module you need need to format the ExpirationTime timestamp yourself – or just do an educated guess

Remember, that the context of the PS session has to have read permission to the password attribute in the remote domain, otherwise you will get nothing.

Dir /s (PS)

Ways to traverse directories in PowerShell, just like the old-skool “dir /s” command, with a little PowerShell spice on top.

Query Computer for Pending Reboot State (PS)

Ever needed to know if a reboot is pending on your computer? Try this Microsoft/Scripting Guy PowerShell script, and you’ll know!

Copy the code below and save as .ps1 file, and execute at your convenience.

Source: Microsoft Script Center

Stop Service, if running (PS)

Verify if service is running, then stop it. Afterwards verify the status of the service (Windows Update).

Note: Remember to run as Administrator …

Remove-WindowsFeature (PS)

Remove a Windows feature from a running installation and use the return code for further action.

Add-WindowsFeature (PS)

Add a Windows feature to a running installation and use the return code for further action.

get-AllUserGroups (PS)

Return all the users groups, without installing Microsoft Remote Server Administration Tools (RSAT), Active Directory Module for Windows PowerShell.

Thanks to KFR for this example