I just downloaded LAPS (microsoft local administrator password solution) and I'm trying to install it, but I've run into a problem.
Here's the website if you want to check it out: https://www.microsoft.com/en-us/download/details.aspx?id=46899
So I'm looking at the operations guide, and I'm stuck on page 8. It's saying to remove all extended rights to groups I don't want to have it, but I know using ADSI Edit, I need to be careful or I can damage my AD.
I've included a screenshot of my ADSIEDIT. How do I know which one I want to remove, if any that has extended rights?
How do I know it's just removing that attribute, as it didn't allow me to select which attribute I want to remove?
Has anyone implemented this successfully?