When working with OSD and sysprep.. Both the local and domain credentials are in clear text as im sure many of you know.. To help secure this I turned off directory browsing on the IIS Files share.. Although I felt that this was not enough as Im in a school environment and these kids are pretty smart.. So I wrote a small vbscript which replaces two variables inside of the sysprep file.. %lpassword% %dpassword% So right after the sysprep file is copied down my .vbs script which is complied to an EXE runs and replaces the sysprep file with the correct credentials. On reboot of course during the sysprep cleanup process the folder is deleted.
I starting teaching my self vbscript a month ago so im no expert but If anyone is interested I could post a small Doc on it?
I know provisioning encrypts the credentials so this is really for the WINPE folks..
I noticed a write up was done at http://community.landesk.com/support/docs/DOC-2179
All methods required adding an extra REMEXEC line in the script file.. The same will be required for this method although the password will not be stored in clear text...
The password will be stored in a vbscript file which a free ware program can be used to convert it to an exe ..