This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I'm setting up Windows LAPS on my network. I'm using a Windows Server 2019 server and a Windows 11 terminal, both with the necessary updates.
After running the “update-LapsADSchema” command, the process was successful.
When executing the “Set-LapsADComputerSelfPermission -Identity OU=Test -Verbose” command, the system displayed an error message.
DETAILED MODE: Searching for specific OU by DN
DETAILED MODE: Original identity: OU=LAPSLindal
DETAILED MODE: Escaped identity: OU=LAPSLindal
Set-LapsADComputerSelfPermission : Operation error.
No line:1 character:1
+ CategoryInfo : NotSpecified: (:) [Set-LapsADComputerSelfPermission], DirectoryOperationException
+ FullyQualifiedErrorId : System.DirectoryServices.Protocols.DirectoryOperationException,Microsoft.Windows.LAPS.SetLapsADComputerSelfPermission
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.
Hello Diggroc,
Thank you for posting in Microsoft Community forum.
You can try the command below (change the OUName to the actual OU name in your case):
Set-LapsADComputerSelfPermission -Identity OUName
Reference:
Get started with Windows LAPS and Windows Server Active Directory | Microsoft Learn
I hope the information above is helpful.
If you have any question or concern, please feel free to let us know.
Best Regards,
Daisy Zhou