Html and excel report shows dummy password for AADUser resource

[horgasz2023]

Description of the issue

There is a dummy password in the reports for the AADUser resource. We checked several versions and all are showing this in the report. Is this a bug or just something usual?

Microsoft 365 DSC Version

1.23.1227.1

Which workloads are affected

Azure Active Directory

The DSC configuration

All AAD resources selected in the test environment.

Verbose logs showing the problem

AADUser DisplayName xxxxxxx
AADUser ApplicationId   ConfigurationData.NonNodeData.ApplicationId
AADUser ApplicationSecret   "ApplicationSecret
(
ConvertTo-SecureString
$ConfigurationData.NonNodeData.ApplicationSecret
"
AADUser ResourceID  New-ObjectNew-Object
AADUser ResourceInstanceName    AADUser-TestUser
AADUser Ensure  Present
AADUser LicenseAssignment   $Null

AADUser Password    "Password
(
ConvertTo-SecureString
Pass@word!11
"

Environment Information + PowerShell Version

OsName               : Microsoft Windows 10 Enterprise
OsOperatingSystemSKU : EnterpriseEdition
OsArchitecture       : 64-bit
WindowsVersion       : 2009
WindowsBuildLabEx    : 19041.1.amd64fre.vb_release.191206-1406
OsLanguage           : en-US
OsMuiLanguages       : {en-US}

Name                           Value
----                           -----
PSVersion                      5.1.19041.3803
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.19041.3803
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

[ykuijs]

Reading a user password is a security issue and therefore not possible by design. As an admin you can only reset a password, not read it.

To mitigate this issue and to generate a usable export, we add a dummy password to the configuration data file where you are able update it to a value that you want.

So this is by design.

[horgasz2023]

Thanks for clarification