spgsitsupport Posted November 22, 2015 Report post Posted November 22, 2015 What are the default permissions for REMINST? I am sure I did not move away from defaults, but they have Everyone Read (which is definitely not what I would want) Seb Quote Share this post Link to post Share on other sites More sharing options...
Eswar Koneti Posted November 23, 2015 Report post Posted November 23, 2015 what is the issue if everyone has read access ? they must need read permissions else boot will fail. Quote Share this post Link to post Share on other sites More sharing options...
spgsitsupport Posted November 23, 2015 Report post Posted November 23, 2015 Why would boot fail when it is server by PXE? It is NOT the local machine that reads remote share, it reads the data send from tftp server Anyway, nobody answered what the default permissions are. As to what is the reason? Simple, I do not need to have all my users being able to read my .wim images & freely download them. On my network NO user sees more then they need to. Seb Quote Share this post Link to post Share on other sites More sharing options...
Rocket Man Posted November 24, 2015 Report post Posted November 24, 2015 Authenticated users: READ System: Full Control Administrators: Full Control Why not just block users from UNC via GPO! Quote Share this post Link to post Share on other sites More sharing options...
spgsitsupport Posted November 24, 2015 Report post Posted November 24, 2015 Because I do NOT stop user from using Run on Start Menu Quote Share this post Link to post Share on other sites More sharing options...
Rocket Man Posted November 25, 2015 Report post Posted November 25, 2015 Not sure how you can prevent this if it all but if your network users are that IT savvy and would know what to do with xxx.wim images well I'd be sure they'd know how to brow$e to hidden shares if that's how you'd want to hide your resources on the network. Either way READ access is needed. Quote Share this post Link to post Share on other sites More sharing options...
spgsitsupport Posted November 26, 2015 Report post Posted November 26, 2015 Security by obscurity... Microsoft way. Hidden shares are only hidden from... Windows clients. Wim can be perfectly easily opened with 7-zip (no need to invent anything else) Quote Share this post Link to post Share on other sites More sharing options...
