| ▲ | shawnz 2 hours ago | |
Furthermore it seems like it's specific to Azure AD, and I'm guessing it probably only has effect if you enable to option to back up the keys to AD in the first place, which is not mandatory I'd be curious to see a conclusive piece of documentation about this, though | ||
| ▲ | cyberax 4 minutes ago | parent [-] | |
Regular AD also has this feature, you can store the encryption keys in the domain controller. I don't think it's turned on by default, but you can do that with a group policy update. | ||