BatchPatch Forums Home › Forums › BatchPatch Support Forum › How to push script to client without sharing mdtshare to Everyone?
- This topic has 3 replies, 4 voices, and was last updated 5 years, 7 months ago by doug.
-
AuthorPosts
-
May 4, 2019 at 10:43 pm #8678AnonymousInactive
Hello, All
I would like to ask help on how to limit the access to mdtshare while zerotouch should still work as expected in the target computers.
By the way we are upgrading from Windows 7 Ent to Windows 10 Ent to more than 5000 target computers.
I am only using MDTServer and BatchPatch.
Scenario 1:
When MDTshare folder (Deployment Share) is shared to specific AD account only (Executor), below deployment script doesn’t work for ZeroTouch using below script via BatchPatch.
cscript.exe \mdtservermdtsharescriptsLiteTouch.vbs /rulesfile:ZeroTouch.Ini /TaskSequenceID:DEP10ENT64ENOF
Scenario 2:
When MDTshare folder (Deployment Share) is shared to Everyone, the same script works fine for ZeroTouch deployment via BatchPatch.
Scenario 3:
When MDTshare folder (Deployment Share) is shared to specific AD account only (Executor), LiteTouch deployment in target computers (selecting/filling out one by one until clicking finish to start deployment) works fine.
How can I limit to a few AD account only to access the mdtshare folder but still ZeroTouch deployment script will work via BatchPatch? This is to avoid any users accessing the MDTShare folder. Any help would be much appreciated.
Cheers, Mike (Technical Support Engineer, Phils)
May 6, 2019 at 9:40 am #9803boosterParticipantMay you first copy the script to the local computer then execute it inside the script?
This way only the BP user defined need access to the share.
May 6, 2019 at 5:16 pm #9806dougModeratorMike – I’m sorry to say that I can’t really understand well enough what you are describing to suggest a solution. However, the following link has numerous tutorials for how to create and execute a deployment in BatchPatch. You should be able to use these to model your current deployment.
BatchPatch Software Deployment
If you continue to have issues and would like further assistance, perhaps you can try again to explain as clearly as possible but include screenshots and any other supporting information to help illustrate exactly what you are doing and what is happening. You may contact us to establish an email dialog for this purpose, if desired.
May 22, 2019 at 3:15 pm #9792vaevictusParticipant@mpadorable –
If you’re committed to zerotouch instead of litetouch, you’re going to have to open up your mdt share, unless you do something thin like placing pxe clients on a different subnet and blocking by ip, which is not that tricky to fake.
That said, i’m not sure what would be in your deployment that would have to be sensitive.
-
AuthorPosts
- You must be logged in to reply to this topic.