Windows 7 / Getting Started

Managing Image Security

It is important to properly secure boot and installation images to prevent their unauthorized use. A fully configured image might include corporate applications and data, proprietary configurations, and even codes and keys required to activate line of business (LOB) applications.

One way to prevent unauthorized installations is by controlling the clients that are allowed to receive images. You can accomplish this through pre-staging, in which clients are registered with AD DS through the use of a globally unique identifier (GUID). Another method is to enable administrative approval for client installations. Finally, you can restrict images by user as shown in the following procedure.

To configure an image file's access control list (ACL), perform the following steps:

  1. Right-click the image and then click Properties.
  2. On the User Permissions tab, configure the ACL and then click OK. The image's ACL must give a user Read and Execute permissions for the user to be able to install the image. In the following screenshot, members of the Installations group can install the image secured by this ACL.

Note In addition to securing individual images, you can secure image groups. Right-click an image group, click Security, and then configure the group's ACL on the Security tab. By default, images in an image group inherit the group's permissions.

[Previous] [Contents] [Next]

In this tutorial:

  1. Configuring Windows Deployment Services
  2. Introducing Windows Deployment Services
  3. Service Architecture
  4. PXE Services
  5. Operating Modes
  6. Legacy Mode
  7. Mixed Mode
  8. Native Mode
  9. Planning for Windows Deployment Services
  10. Choosing a Version of Windows Deployment Services
  11. New Features of Windows Deployment Services in Windows Server 2008 R2
  12. Server Requirements
  13. Client Computer Requirements
  14. DHCP Requirements
  15. Routing Requirements
  16. Capacity Requirements
  17. Installing Windows Deployment Services
  18. Windows Server 2003
  19. Windows Server 2008 R2
  20. Windows 7 Configuring Deployment Services
  21. Preparing Discover Images
  22. Windows Importing Images
  23. Importing Boot Images
  24. Importing Install Images
  25. Managing and Deploying Driver Packages
  26. Deploying Driver Packages to Clients Using Method 1
  27. Deploying Driver Packages to Clients Using Method 2
  28. Deploying Driver Packages to Clients Using Method 3
  29. Managing Driver Groups and Driver Packages
  30. Adding Driver Packages to Boot Images
  31. Managing Image Security
  32. Pre-staging Client Computers
  33. Configuring Administrator Approval
  34. Windows 7 Installing
  35. Capturing Custom Images
  36. Creating Multicast Transmissions
  37. Performing Multicast Deployment
  38. Using Windows Deployment Services with Microsoft Deployment Toolkit