The FIPS requirements for .NET appear to have changed at some point and as a result having the "FIPS compliant" policy enabled will break MDT. That's on the list of issues to fix with the next MDT update, whenever that might be :)
Thanks, -Michael From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Marable, Mike Sent: Tuesday, July 11, 2017 7:25 AM To: mssms <mssms@lists.myitforum.com> Subject: [mssms] MDT 8443 and FIPS We are still using MDT 2013 U2 and had to disable FIPS compliancy for hashing to address the FIPS bug in that version. Our security team wants to enable FIPS so I wanted to know if MDT 8443 is FIPS compliant. Thanks Mike Marable Microsoft Systems Engineer Lead Enterprise Device Engineering and Management MCPS, MCITP, MCTS, MCSA, MCSE, MS [ Profile<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.mycertprofile.com%2FProfile%2F5319166625&data=02%7C01%7Cmichael.niehaus%40microsoft.com%7C687072f1aefc41e5d99008d4c869ab03%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636353803543670814&sdata=eDE1C%2BtQ%2BSq4gpGHFy56DPHFeYyL6GKxFCVDXkxirHU%3D&reserved=0> ] [ Blog<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fthesystemsmonkey.wordpress.com%2F&data=02%7C01%7Cmichael.niehaus%40microsoft.com%7C687072f1aefc41e5d99008d4c869ab03%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636353803543670814&sdata=Kh0ttAoww5nnkjQw7X6IiMV%2FrEPWnJtwfG2LH260BmQ%3D&reserved=0> ] ---------------------------------------------------- "'I failed' is ten times more of a man than someone who says, 'What if?'." -Greg Plitt "Live as if you were to die tomorrow. Learn as if you were to live forever." -Mahatma Gandhi "Know yourself and you will win all battles." -Sun Tzu ********************************************************** Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues
