Seems to come from the local security policy set on the machine, so not something that you'd get, if its being set in AD. I tested this on a system that is not joined to a domain also. The strong password changes to "Yes" when its enabled on the system, and then you perform an inventory scan. I'm also running 9.5.2 with base 0417 on my lab core.
Whether it's set by the local security policy or by the domain security policy, shouldn't it be the resulting settings that are scanned in, not just the local?
The other part that is baffling is that machines that were built with the same base image are showing different values in inventory. All the machines are bound and subject to the domain security policy.
Your question is worded a little strangely, but it basically comes down to "shouldn't it be what i want it to be, rather than what it is?"
In the end, it might only be a local settings read that its performed by landesk's inventory scanner, OR its a read of whatever is applied, however it is applied, local or domain, and IF you are accurate in the observation that a common base image is showing different results, this leads to the next possibility... Maybe your domain security settings that systems are supposedly bound to is not applying properly across your environment. I'd start looking very closely at each system and make sure that everything is really in place on each of them. You'll probably find your answer there. Smells like an AD problem from here. :-)
Thanks for your responses Catalystt, this issue is quite confusing. However, I disagree that this is just a "it doesn't work how i want it to work", because it clearly isn't working consistently. I don't think it's a want but rather a need for it to work consistently.
I can understand that you would question whether or not the base image is actually the same, because the image gets updated every quarter, so there would be minor differences but that is all in software versions and updating patch levels. We are talking about simple OS configuration setting here though. I have, however, confirmed that these settings have not been configured in the common base image and are only applied by the domain security policy, which quickly overwrites local policy.
I have considered it being a problem with the policy, but when I looked into that, it was clear that the policy was being applied properly but LD inventory wasn't scanning in the same information.
Since nobody seems to have a straight-forward answer on this, I'll be submitting a ticket and sharing the info once it gets cleared up.
Sounds like you've done your homework on it. Good plan on submitting a ticket. Keep us posted on what you learn! :)
Apparently, this is now a defect and will be fixed in 9.6 sometime. Supposedly it might take until the 3rd component patch.
The defect number is 183524