Security issue in Create_PSO.ps1

[cubadonis]

Hey,

as you say in your webinar setting reversible encryption is a bad idea which i totally agree. Unfortunately, the option is set by default unless the parameter ReversibleEncryptionEnabled was specified and set to $False or 0.

Please fix Create_PSO.ps1 and add the following parameter(s) to the New-ADFineGrainedPasswordPolicy cmdlet

-ReversibleEncryptionEnabled $False
(-ProtectedFromAccidentalDeletion $True)

Reference:
https://learn.microsoft.com/en-us/powershell/module/activedirectory/new-adfinegrainedpasswordpolicy?view=windowsserver2022-ps

Regards,
Alex