Hey there - we use LT in our environment and have a daily script that runs to push out a local admin account to the endpoint. This local admin password is used across all our locations - and the same password is used for all workstations & servers.
We'd like to make a change such that the workstations vs servers have different local admin passwords. I'm able to modify the deployment script easy enough, but the question I have is around the location passwords.
As our local admin password has changed over the years, when we make a change, we simply add the new latest version of the password to the location password section. Is this correct usage?
Will commands/actions that utilize the location passwords try each of the passwords in the list until one of them works for the command/script? Do we also need to add the new server version of the password to the location list?
Also reading that many organizations are migrating to LAPS for end-password local admin passwords. What does this mean for LT and location passwords?
Any help would be appreciated.