There is a little more information here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/standard/505.asp
The bottom line is that some apps require it. It would scare me to implement it too, the implication being that the encryption is...well...reversible. If you really have to do it for CHAPS or IIS then it would seem sensible to try to limit the scope as much as possible. Tony -----Original Message----- Wrom: LKBRNVWWCUFPEGAUTFJMVRESKPNKMBIPBARHDMNNSKVFVWRKJVZC Sent: Montag, 12. Januar 2004 20:48 To: [EMAIL PROTECTED] Subject: [ActiveDir] store password using reversible encryption ? Can anyone enlighten me about the account option "store passord using reversible encryption" ? As I understand it, some kinds of clients and some kinds of remote access solutions that use CHAP require that this option be enabled. Just the sound of it makes me uncomfortable. What are the security implications of setting this option on a user account ? Dave List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
