Disable FIPS

[matambanadzo]

One of the requirements is to disable FIPS, yet there is no help link on how to do this.
I don't know if my server has it enabled or disabled

---

Document details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: eb5cf254-9d8e-de7a-30e8-487b68205bc2
• Version Independent ID: 28bc66e2-0de2-73e6-8cb8-243daab81628
• Content: Azure AD Connect Health Agent installation
• Content Source: articles/active-directory/hybrid/how-to-connect-health-agent-install.md
• Service: active-directory
• Sub-service: hybrid
• GitHub Login: @zhiweiwangmsft
• Microsoft Alias: billmath

[kobulloc-MSFT]

@matambanadzo As a prerequisite you need to disable FIPS because FIPS is not supported by Azure AD Connect Health agents. But what is FIPS? Here are two good descriptions of FIPS (Federal Information Processing Standard):

• Microsoft Docs: Federal Information Processing Standard (FIPS) Publication 140-2
• MDN web docs: FIPS Mode - an explanation

Essentially, FIPS is a standard that defines cryptographic security requirements. It applies to all US government employees and personnel, as well as their computers. On Windows and Windows Server you can enable FIPS mode however this is no longer recommended because of issues it causes with .NET applications. You can read more about that here:

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/why-we-8217-re-not-recommending-8220-fips-mode-8221-anymore/ba-p/701037

If you don't work for the government and haven't enabled FIPS then chances are good that this is not something you need to worry about. If you want to learn more about enabling FIPS on Windows, check out our documentation:

https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation

[kobulloc-MSFT]

@matambanadzo We are going to close this thread as resolved but if there are any further questions regarding the documentation, please tag me in your reply and we will be happy to continue the conversation.