Author | Chrissy LeMaire (@cl), netnerds.net |
Availability | Windows, Linux, macOS |
Want to see the source code for this command? Check out Get-DbaForceNetworkEncryption on GitHub.
Want to see the Bill Of Health for this command? Check out Get-DbaForceNetworkEncryption.
Retrieves Force Network Encryption configuration from SQL Server's network settings
Retrieves the Force Network Encryption setting and associated certificate from SQL Server's network configuration stored in the Windows registry. This setting determines whether SQL Server requires all client connections to use encryption, preventing unencrypted communication.
Useful for security audits and compliance checks to verify that network encryption policies are properly configured across your SQL Server estate. The function accesses the SuperSocketNetLib registry key where SQL Server stores its network security settings, requiring Windows-level access rather than SQL Server authentication.
Get-DbaForceNetworkEncryption
[[-SqlInstance] <DbaInstanceParameter[]>]
[[-Credential] <PSCredential>]
[-EnableException]
[<CommonParameters>]
PS C:\> Get-DbaForceNetworkEncryption
Gets Force Encryption properties on the default (MSSQLSERVER) instance on localhost - requires (and checks for) RunAs admin.
PS C:\> Get-DbaForceNetworkEncryption -SqlInstance sql01\SQL2008R2SP2
Gets Force Network Encryption for the SQL2008R2SP2 on sql01. Uses Windows Credentials to both login and view the registry.
The target SQL Server instance or instances. Defaults to localhost.
Alias | |
Required | False |
Pipeline | true (ByValue) |
Default Value | $env:COMPUTERNAME |
Allows you to login to the computer (not sql instance) using alternative Windows credentials
Alias | |
Required | False |
Pipeline | false |
Default Value |
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.
Alias | |
Required | False |
Pipeline | false |
Default Value | False |