Hey,
as you say in your webinar setting reversible encryption is a bad idea which i totally agree. Unfortunately, the option is set by default unless the parameter ReversibleEncryptionEnabled was specified and set to $False or 0.
Please fix Create_PSO.ps1 and add the following parameter(s) to the New-ADFineGrainedPasswordPolicy cmdlet
-ReversibleEncryptionEnabled $False
(-ProtectedFromAccidentalDeletion $True)
Reference:
https://learn.microsoft.com/en-us/powershell/module/activedirectory/new-adfinegrainedpasswordpolicy?view=windowsserver2022-ps
Regards,
Alex
Hey,
as you say in your webinar setting reversible encryption is a bad idea which i totally agree. Unfortunately, the option is set by default unless the parameter ReversibleEncryptionEnabled was specified and set to $False or 0.
Please fix Create_PSO.ps1 and add the following parameter(s) to the New-ADFineGrainedPasswordPolicy cmdlet
-ReversibleEncryptionEnabled $False
(-ProtectedFromAccidentalDeletion $True)
Reference:
https://learn.microsoft.com/en-us/powershell/module/activedirectory/new-adfinegrainedpasswordpolicy?view=windowsserver2022-ps
Regards,
Alex