SQLCheck - Pull domain Kerberos level #97
Description
While researching, I found there is a default domain functional level that is supposed to control all user(?) accounts if the msDS-SupportedEncryptionTypes value is not set. (Displays as "")
This should be pulled and included with SQLCheck, instead of us assuming RC4 for "".
The other options (0, 4, etc.) remain accurate since anything defined overrides the domain functional msDS-SupportedEncryptionTypes value.