Securing Windows images using permissions

by Mitch Tulloch [Published on 4 March 2009 / Last Updated on 14 Nov. 2008]

Customized Windows images may contain sensitive or proprietary information. Here's a tip on how to secure your images using permissions when using Windows Deployment Services.

Customized Windows images may contain sensitive or proprietary information. To secure your images when using Windows Deployment Services, do the following:

1. Create a security group named Installations (or something similar) to contain the users who will be allowed to install images from your Windows DS server.

2. Open the Windows Deployment Services console, select your Windows DS server, expand the Install Images node, and right-click on an Image Group and select Properties.

3. Select the Security tab and grant Read and Execute permission for the Installation group, and remove any permissions for accounts other than SYSTEM and Administrators. Repeat for each additional Image Group in your server's repository.

Security settings applied to Image Groups automatically propagate to images within those groups. You can also secure images individually using the Security tab on their properties sheets.

The Author — Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows administration, networking, and security. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy and use Microsoft platforms, products and solutions. Mitch has published over two hundred articles on different IT websites and magazines, and he has written or contributed to almost two dozen books and is lead author for the Windows 7 Resource Kit from Microsoft Press. For more information, see .

Latest Contributions

Featured Links