Fix ReversibleEncryptionEnabled default value in New-ADFineGrainedPasswordPolicy#4119
Merged
robinharwood merged 1 commit intoJun 18, 2026
Conversation
Update the documented default value for the -ReversibleEncryptionEnabled parameter in New-ADFineGrainedPasswordPolicy from None to False to match verified product behavior. Workitem: 589481
Contributor
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
Contributor
|
Learn Build status updates of commit 1549ad0: ✅ Validation status: passed
For more details, please refer to the build report. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR Summary
This change fixes the documented default value for the
-ReversibleEncryptionEnabledparameter inNew-ADFineGrainedPasswordPolicy(winserver2025-ps), changing it fromNonetoFalseto match verified product behavior. The Active Directory team recently fixed a related bug, and the reference incorrectly listed the default asNone, which can mislead administrators about the parameter's actual default behavior.PR Checklist