Securing the MDT process
In some environments, security concerns are a primary driver, and thus the following questions come up: what can we do to secure the share, and what can we do to validate that the image is not tampered with?
For the first question about securing the share, the following rights are needed to allow MDT to work properly:
\\path\deploymentshare$ rights:- In Sharing, remove
EVERYONEand add the user account specified specifically in yourBootstrap.iniandCustomSettings.inifile forREADaccess only - NTFS rights would be the following:
Creator Owner: Full control of subfolders and files only
Administrators: Full control of this folder, subfolders and files
System: Full control of this folder, subfolders, and files
Users: Check the following check boxes:
- Read and Execute
- List Folder Contents
- Read
- In Sharing, remove
\\path\referenceshare$ rights:- In Sharing, again remove
EVERYONEand add your user account used in the capture process forREADandCHANGErights - NTFS no changes needed
- In Sharing, again remove
For the...
