Unable to retrieve local administrator record

[jaireimy]

Hello,

I have a new error using the latest version of Macoslaps. I am not sure since which version it started. Here are the few steps I was doing until now, without any issue:

Install the latest macoslaps package and run these commands:
sudo defaults write /Library/Preferences/edu.psu.macoslaps LocalAdminAccount “account”
sudo defaults write /Library/Preferences/edu.psu.macoslaps FirstPass "CurrentPassword"
sudo /usr/local/laps/macOSLAPS for the first password initialization

"account" being the first account we create as local admin to configure the device.

Now when I run "sudo /usr/local/laps/macOSLAPS" I get this error:

Info|2022-05-04 14:58:32|macOSLAPS|No Preferred Domain Controller Specified. Continuing...

Warning|2022-05-04 14:58:32|macOSLAPS|There has never been a random password generated for this device. Setting a default expiration date of 01/01/2001 in Active Directory to force a password change...

Info|2022-05-04 14:58:32|macOSLAPS|Password Change is required as the LAPS password for “account”, has expired

Error|2022-05-04 14:58:33|macOSLAPS|Unable to retrieve local adminsitrator record.

Any idea to fix it, or to improve the way to install/configure your magnificient tool? (intune is not an option for now)

Thanks.

[joshua-d-miller]

So it looks like it is unable to retrieve the local administrator record. You will want to verify the LocalAdminAccount key is set to the shortname of your administrator account you want to rotate. Let me know if those match and we can take next steps.

[joshua-d-miller]

Closing due to inactivity. If you are still having issues with configuring macOSLAPS please contact us on the MacAdmins Slack https://macadmins.org and join the #macoslaps channel.