MDT: Secure the Deployment Share

Written by Ingmar Verheij on December 19th, 2013. Posted in MDT

With a default installation of Microsoft Deployment Toolkit (MDT) the Deployment Share is not secure. All users are allowed to read / write which makes it vulnerable to unauthorized access and possibly exposes access to (installation) passwords.

The default permissions on a folder are:

  • Administrators – Full Control
  • CREATOR OWNER – Full Control
  • SYSTEM – Full Control
  • Users – Read & Execute + Create file / write data + Create Folders / append data

MDT: Filter task sequences on Active Directory group membership

Written by Ingmar Verheij on December 19th, 2013. Posted in MDT

DirectionsBy default task sequences in Microsoft Deployment Toolkit (MDT) are available for all users, there is no access control list (ACL). This means that you can’t filter certain task sequences for a group of users, while you might not want all users to execute all task sequences.

For instance I don’t want all users to run an unattended setup, I only want them to deploy a captured image (MDT can inject model specific drivers, so no harm done). However, the more advanced users Angry smile should be able to run all task sequences, including the unattended installations.


Windows Deployment Wizard - Task Sequence - Deploy onlyWindows Deployment Wizard - Task Sequence - All

RES Workspace Manager Relay Server explained and demystified

Written by Ingmar Verheij on December 16th, 2013. Posted in Demystified, Workpace Manager

RES Workspace Manager 2012 ArchitectureWith the release of RES Workspace Manager 2012 a new component was introduced: the Relay Server. In this article I’ll explain what the Relay Server is, how it can help you in your Workspace Manager (WM) environment and reveal some of its mysteries.

Audi MMI: Op de route zijn verkeersstoringen, een uitwijkroute kan niet worden aangegeven.

Written by Ingmar Verheij on December 6th, 2013. Posted in Other

wpid-Verkeersstoringen-op-de-route.pngSinds een half jaar rijd ik met plezier in een Audi A4 voorzien van een MMI (Multi Media Interface). Er is echter èèn ding waar ik niet kan wennen: een vrouw die mij – geheel goed bedoeld – informeert over mijn route.

Nu zou je kunnen denken: Ingmar, dan zet je deze dame toch gewoon buiten? Nou – leuk dat je het vraagt – dat gaat helaas niet (volledig).

Citrix: NetScaler applet hangs at 99% “Logging in”

Written by Ingmar Verheij on November 27th, 2013. Posted in Netscaler

When a Citrix NetScaler is configured using a graphical interface a browser is used to connect to the Citrix NetScaler. Starting NetScaler release 10 a part of the configuration is migrated from Java Applets to HTML5, but most configuration are still depending on Java Applets.

When you open a more advanced configuration the Java Applet is loaded automatically., If it hangs at 1% “Downloading Applet…” you might want to read this article.If it hangs at 99% “Logging in” continue reading.

Logging in