ACK - disregard the below question, the answer is simple and a misunderstanding on my part. For those searching this, simply expose the ms-mcs-admpwd computer property and as long as the ADAXES service account has the ability to decrypt passwords then it will be available.
----------------------------------------------------------------------------------------------
We are in the process of implementing LAPS in our environment for our workstations. We are hoping to be able to leverage the ADAXES helpdesk UI to allow our helpdesk personnel to find a computer in the domain and display the local admin password for it.
The custom command for showing this password is simple:
Import-Module ActiveDirectory
Get-ADComputer %cn% -Properties ms-Mcs-AdmPwd | select ms-Mcs-AdmPwd
The result, however, is not displayed in the web UI.
What might be the best/cleanest way to implement this?
Thanks!