Category Archives: Active Directory

Pointless trivia – CryptoPolicy object for device registration

Yeah it’s been a while since I’ve posted anything.  I’ve been busy.  This is nothing substantial, but I found it mildly interesting.

As part of device registration, it looks like Azure AD Connect creates a contact object in the configuration partition named “CryptoPolicy” and sets the employeeId attribute value to 365.  I haven’t seen what it’s used for.  It can probably just be deleted with no detriment (but don’t do that).