none
MDT 2013 WinPE: Force Authentication as first menu

Answers

All replies

  • Just leave out the credentials in the bootstrap.ini, but provide the deploymentshare and set SkipBDDWelcome to YES.

    If this post is helpful please click "Mark for answer", thanks! Kind regards

    Monday, May 12, 2014 7:29 PM
  • Unfortunately I am not able to test it at the moment. I have loaded DART8 so that shows up on the welcome screen. If I set SkipBDDWelcome=Yes won't it then bypass that screen? I want them to be able to run DART but I'd like to have them authenticate to dissuade the average person that might PXE boot.

    JJ

    Monday, May 12, 2014 8:07 PM
  • Hi,

    I understand, but within MDT and the boot image created by MDT there is no form of authentication prior then the BDDWelcomeScreen thus enabling everyone how boots with WinPE has access to these tools.

    Another suggestion could be to password protect your PXE boots. Nothing else other then advanced scripting comes to mind in achieving what you want. At least no out of the box feature provides this solution other then the one I've presented to you.


    If this post is helpful please click "Mark for answer", thanks! Kind regards

    Monday, May 12, 2014 8:22 PM
  • THe ability to use DART without validating credentials is a "Feature" and by-design. :^)

    Keith Garner - keithga.wordpress.com

    • Marked as answer by JerichoJones Wednesday, May 14, 2014 11:26 AM
    Monday, May 12, 2014 9:29 PM
    Moderator
  • Do you have any good articles on settings that up with MS PXE?

    JJ

    Wednesday, May 14, 2014 11:27 AM
  • JJ

    For me Google is always a good start, somebody somewhere must have written something about it.

    Before I suggested password protected PXE, I googled if such even exists. And came on a website describing on how to achieve just that. I'd suggest you do the same :)


    If this post is helpful please click "Mark for answer", thanks! Kind regards

    Wednesday, May 14, 2014 11:29 AM
  • Thanks for demonstrating your superior intellect. Apparently your google fu is better than mine. How about giving me the link?

    JJ

    Wednesday, May 14, 2014 12:34 PM
  • Try this for instance: http://www.symantec.com/connect/articles/how-protect-pxe-boot-menu-redeployment-managed-computer-deployment-75

    1st link on Google, when using the following words: password protected pxe boot


    If this post is helpful please click "Mark for answer", thanks! Kind regards

    Wednesday, May 14, 2014 12:42 PM
  • Now try searching on "WDS PXE boot authentication" and you'll see part of the problem. In any event this tells me that there is no LDAP authentication which is what I am really looking for. Password protection and authentication are not the same thing.

    This appears to be a limitation of PXE/TFTP.

    I guess I'll see what I can do to re-order the WinPE scripts.  :-(


    JJ

    Wednesday, May 14, 2014 1:00 PM