Configure scope for accessing the shared secret in Active Directory

This policy setting lets you define a list of users and groups that will have the permission to read the shared secret's copy published in Active Directory.

Note, that the domain management account used by Password Manager must have this permission for the offline password reset functionality to work.

By default, the computer account used to store the shared secret's copy and the domain administrators group have the permission to read the shared secret's copy.

Supported on: At least Windows 2000
Enter a list of user or group logon names (sAMAccountName) separated by semicolon:

Registry PathSOFTWARE\Policies\Dell\Password Manager\Local Password Reset
Value NameSharedSecretAllowAccess
Value TypeREG_SZ
Default Value


Administrative Templates (Computers)