Microsoft Delays Credential Parameter Retirement After Admin Feedback
Microsoft has delayed the deprecation of the Credential parameter in Exchange Online PowerShell, giving administrators several additional months to update automated scripts.
The company originally planned to remove support in July 2026. Microsoft has now moved the deadline to December 2026, according to Message Center advisory MC1248389.
The parameter relies on the legacy Resource Owner Password Credentials authentication flow. Microsoft wants organizations to replace it with newer and more secure authentication methods.
Which PowerShell Commands Are Affected?
The change affects the Connect-ExchangeOnline and Connect-IppsSession cmdlets.
Administrators often use the Credential parameter to authenticate unattended scripts and automated management tasks. These scripts could stop working once Microsoft removes support from updated Exchange Online PowerShell modules.
The December change will only affect the client side. Scripts that continue using PowerShell modules released before the deadline should remain functional for now.
Microsoft also plans to disable the authentication method on the server side at a later date. The company has not announced a timeline for that phase.
Microsoft Recommends Modern Authentication
Microsoft is urging administrators to begin updating their scripts before the new December 2026 deadline.
Supported authentication alternatives include multi-factor authentication, app-only authentication, and managed identities.
Organizations should review their Exchange Online and Security and Compliance PowerShell scripts to identify any workflows that still depend on stored usernames and passwords.
Migrating early could help prevent automation failures, administrative delays, and service disruptions when Microsoft releases modules without Credential parameter support.
Administrators Raise Compatibility Concerns
Some administrators say certain Exchange Online cmdlets do not work correctly with certificate-based authentication. This could make it more difficult to replace credential-based automation in some environments.
Administrators have also criticized how Microsoft communicated the original deadline. Some said the company did not highlight the change prominently enough within the Microsoft 365 Admin Center.
Organizations managing large numbers of scripts warned that the original July 2026 deadline left little time to audit, test, and replace existing authentication workflows.
Why Did Microsoft Delay the Change?
Microsoft has not provided a specific reason for postponing the deprecation.
The additional five months should give IT departments more time to identify affected scripts and move them to supported authentication methods.
However, administrators should not assume Microsoft will issue another delay. Scripts that depend on the Credential parameter will eventually require changes, especially once Microsoft begins enforcing the retirement on the server side.
Microsoft could postpone the deadline again if organizations continue to experience major migration or compatibility problems, but the company has made no such commitment.
In other news, Microsoft has released new Extended Security Updates for Exchange Server 2016 and Exchange Server 2019.
Via Neowin
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
User forum
0 messages