We're looking at expanding our LAPS implementation in our non-persistent enviro. Found @Martin Zugec’s old blog about it from 2017 here. https://www.citrix.com/blogs/2017/12/12/password-wars-randomizing-local-admin-passwords-in-non-persistent-environments/ Has anyone implemented LAPS since the change from "MS LAPS" to "Windows LAPS" and if so, any gotchas in following a 7 y/o guide?

The on-premise stuff is pretty much the same from the old to the new. The technology formerly known as Azure AD is now GA and allows you to store the data there. One big issue we run into with LAPS is with non-persistent machines. If you roll back to an older image the password might have been changed a few times since it was used. And LAPs doesn't track previous versions of your passwords. So having a cached domain instance on the machine is helpful. It looks like you can now keep some password history, but requires extra encryption and permissions.

Thanks Jeff!

I have a script running at boot (installing AV) and added: Reset-LapsPassword

Circling back, Re: the time paradox triggered by a version mismatch shouldn't be an issue for us, fortunately version rollbacks are few and far between here, I think maybe 2 in the 9 years I've been here? Re: the Password reset, we're going to take Ray's advice of doing on boot vs what Martin suggested during shutdown to cover for unclean shutdowns/service desk forced reboots.