Friday, January 09, 2009
Deployment Forum HomeDeployment Forum ArticlesDeployment Forum Download LibraryDeployment Forum Member BlogsDeployment Forum Community Forums
Community   »   Forums  
Member Login
StandardLiveID


Register
Forgot Password ?

Guests can view and read messages in the community forums, but you must register and log in to Deployment Forum before you can post messages. Click Register at the top of this page. Before posting messages, please read the forum guidelines at the bottom of this page.

Forums > Deployment Solutions > MDT 2008
Subject: Variables.dat
Prev Next
You are not authorized to post a reply.

AuthorMessages
donnieUser is Offline

Posts:27

Send Message
06/23/2008 3:31 PM  
I did a couple searches for this topic but I was surprised not to find anyone who brought this up before...it appears that the variables.dat file that is created locally via the "Gather Local Only" step stores the credentials entered by the admin in clear text. Not good. If the build bombs out for one reason or another and the c:\minint folder and files\folders beneath that aren't deleted, the variables.dat file is left on the machine with credentials of a potentially highly elevated user account. Has there been any discussion around encrypting this if at all possible? I can see the benefit of storing these credentials locally but it also opens a fairly large security concern. Sysprep & unattend.txt had options to encrypt passwords.

 

Thanks!

robUser is Offline

Posts:11

Send Message
06/23/2008 6:08 PM  
i have noticed that too a few days ago when i was creating a script to read the variables.dat file. if this is intentional then it would be a huge oversight by Microsoft. i hope this gets fixed in the next MDT update.


Or TsemahUser is Offline

Posts:53

Send Message
06/24/2008 6:14 AM  
As far as i can remember, this allways was a problem with BDD\MDT
You are not authorized to post a reply.
Forums > Deployment Solutions > MDT 2008 > Variables.dat



ActiveForums 3.7
Forum Policies
Minimize

These forums are a user-supported community for IT professionals to exchange deployment tips, solutions, and techniques. For the benefit of all Deployment Forum members, please observe the following guidelines when posting to these forums:

  • We reserve the right to remove any message. Our moderators will remove all messages that are not respectful or productive. Profanity, racism, prejudice, and flaming are not tolerated.
  • Do not advertise products or services. Our moderators will remove all advertisements or service announcements. Product and service recommendations from active Deployment Forum members are encouraged, however.
  • Make sure your question isn't already answered. Before posting questions, search the forums. After ensuring that your questions are unique, post them to the most appropriate forum. This will help reduce noise in the forums.
  • Help make the most of each thread. Do not post unrelated messages to a thread. Also, if you've resolved a question outside of these forums, please share the solution with other members by posting it back to the thread.
  • Do not share confidential information. Confidential information includes product keys and addresses. Our moderators will edit any message containing confidential information, so double-check messages and their attachments before posting them.
  • Post messages using only the English language. For the benefit of all Deployment Forum members, please post your messages using the English language.

We hope that you enjoy using this community. Please submit your comments and feedback on the Comments and Feedback page or post them to the Comments, Feedback forum.
Privacy Statement  |  Terms Of Use
© 2007 Jerry Honeycutt