"PingCastle.exe --export computer" needs a description - tested in 3.1.0.0 Beta1

[An-dir]

I have been testing the current 3.1.0.0 beta1 because the export computer feature became interesting to me after MS and Windows LAPS details were added. So I had some questions, and since the beta1 source code is not public yet, I was not able to figure it out myself.

• Is Disabled always the opposite of Enabled - it seems to be.
• Is Active always the opposite of Inactive - the Disabled and Enabled states affect the value, so no.
• What are the both LAPS true/false values based on? Best would be the count/date of AD Replication Metadata of timestamp of the schema attributes here (msLAPS-PasswordExpirationTime, ms-Mcs-AdmPwdExpirationTime) if you are not querying all GPOs to get information about which computer should have which policy (would be the best).
• Is locked for bad password lockout or for account lockout?

Is there anything else to know about this data, or is there already a description somewhere?

[An-dir]

As I now know the LAPS dates would refer to the replication metadata and not the date values (great!), but the data is missing in the export. I opened an issue for that.

[vletoux]

I fixed a problem in the upcoming Beta for LAPS.