This policy setting lets you define a list of users and groups that will have the permission to read the shared secret's copy published in Active Directory.
Note, that the domain management account used by Password Manager must have this permission for the offline password reset functionality to work.
By default, the computer account used to store the shared secret's copy and the domain administrators group have the permission to read the shared secret's copy.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | SOFTWARE\Policies\Dell\Password Manager\Local Password Reset |
Value Name | SharedSecretAllowAccess |
Value Type | REG_SZ |
Default Value |