MS has updated the LAPS to V2.0 requirements and killed the legacy version
can univention , extend the schema adding the relevant LDAP items ,then add teh correct restrictions to the accounts to limit read access to the fields.
and maybe add a web front end?
There is also an implementation for LINUX:
OpenRSAT can also be used for querying the passwords: