This isn't so much a question as it is a note that the "Refresh Schema" action in Rollup 2 makes encrypted ConfigParameters unavailable. You can see that they are encrypted, access and decrypt the SecureValue property, etc., but the length of the decrypted string is 0. I suspect that, in keeping with the "Refresh Schema" action of all the other management agents, there ought to be a dialog to re-enter credentials as part of the refresh action. As a workaround I've built my ECMA2 MA to read from a protected section of the registry when necessary (and I suppose DPAPI would work also), although this tends to increase the overhead for keeping a warm standby server ready / doesn't use the regular FIM encryption keys. That said, I'm pleased to see the "Refresh Schema" button implemented and otherwise working in Rollup 2 compared to 2010R2 RC. And one note for developers: The .IsEncrypted and .SecureValue properties are new with Rollup 2, but are not present or supported in R2 RC. I ended up using a little reflection to make a DLL that works on both versions of FIM.

There was an update to the FIM Release Candidate on Connect that has it. Functionally, it is suppsed to be the same as Update 2. My project was using an older copy of the DLL that had the same version number. Once I copied the newer DLL from the GAC and updated the reference in my project, it appeared.Eric

Are you guys currently doing an AD Extensible Connectivity 2.0 MA by chance? I have an issue where I use the below line in my project, configParametersDefinitions.Add(ConfigParameterDefinition.CreateEncryptedStringParameter("Password", "")); password = configParameters["Password"].Value; I don't know how to pass the value to the DirectroyEntry method without the event viewer complaining that "System.InvalidOperationException: Encrypted parameter should be retrieved using the SecureValue property." Please help.