The Update-MDMDeviceRecoveryPasswordEncryptionKeycmdlet deletes all device recovery passwords in the current MDM instance. All Windows Mobile managed devices with the Group Policy setting User Reset of Passwordenabled and using MDM Serverselected will generate new recovery passwords and send them to MDM Device Management Server during the next device connection.
This cmdlet should be used only when the recovery passwords for all managed devices are compromised or lost on the server. These passwords are not replaced until the next time each device connects to MDM.
Update-MDMDeviceRecoveryPasswordEncryptionKey [-confirm] [-whatif] [<CommonParameters>]
The following describes the Update-MDMDeviceRecoveryPasswordEncryptionKeycmdlet parameters.
Informs you of what changes would be made if the action were to be performed (the cmdlet is not executed).
Prompts you for confirmation before the cmdlet executes.
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, and -OutVariable. For more information, at the MDM Shell prompt, type get-help about_commonparameters.
This Update-MDMDeviceRecoveryPasswordEncryptionKeycommand example deletes all device recovery passwords in the current MDM instance. All managed devices with the password reset policy enabled will create new recovery passwords.
To view this information online, at the MDM Shell prompt, type:
get-help Update-MDMDeviceRecoveryPasswordEncryptionKey -detailed, or get-help Update-MDMDeviceRecoveryPasswordEncryptionKey -full