[unattendedxml]

Hi,

when deploying Windows 2008 R2 through WDS, a unattend.xml file is left. This exposes login to the WDS server:

         
<component name="Microsoft-Windows-Setup" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" processorArchitecture="x86">            <WindowsDeploymentServices>                
<Login>                    
<WillShowUI>Never</WillShowUI>                    
<Credentials>                        
<Username>Administrator</Username>                       
 <Domain>domain.local</Domain>                        
<Password>password</Password>                    
</Credentials>                
</Login>               
 <ImageSelection>                   
 <InstallImage>                        
<ImageName>win7</ImageName>                       
 <ImageGroup>win7</ImageGroup>                        
<Filename>win7std.wim</Filename>                    
</InstallImage>                    
<WillShowUI>Never</WillShowUI>                   
 <InstallTo>                        
<DiskID>0</DiskID>                        
<PartitionID>1</PartitionID>                    
</InstallTo>               
 </ImageSelection>            
</WindowsDeploymentServices>

• Is there an option to hide the WDS server login info?
  
• Does the login info have to be an administrator of the WDS server/domain?
  
• Even after deleting the unattend.xml in C:\Windows\Panther\ I do not trust the login info to be safe

[Tripredacus]

The user account only needs to have read permissions to the server. I know this is also a concern for internal use but while I leave no trace of a username/password on the system you cannot ever be too careful. Even in an enterprise environment, you don't want any curious employees logging in and start clicking buttons.... so here is what I do.

I create an account in AD, and leave it assigned to the Users group. Of course make a password.
Then give it read permissions on any file share or the Reminst folder. It doesn't need anything else.

This way if people get the password it won't matter because that account can't do anything, and it can only access the deployment shares you specify.
You NEVER need the Domain Admin account for anything. Work with users and OUs to handle anything you need to do. Create an account that can only do Domain Joins, create one that can only be used for RDP, etc.

Otherwise, you can try using a FirstLogonCmds that deletes that XML file.

[unattendedxml]

Thank you - I have created a user with access to only this share. It works.

I find this user/password in the XML file to be a design flaw.

THANK YOU!

[maxXPsoft]

unattendedxml, on 13 August 2011 - 10:58 AM, said:

Thank you - I have created a user with access to only this share. It works.

I find this user/password in the XML file to be a design flaw.

THANK YOU!

removes it from installed xml found in Panther folder after install <Password>*SENSITIVE*DATA*DELETED*</Password>
just delete original xml

[unattendedxml]

Well the XML does not contain SENSITIVE*DATA*DELETED for this user. Should it be like that? It only hides the domain logon password, if I would use that.

Deleting the XML is part of the solution. However, it is still not save since you can restore the XML after deletion with the help of a couple tools.