You can enhance the level of security in your network by managing client interaction with RIS-based operating system installations. You can predetermine 323q161d how much user interaction occurs by modifying the CIW configuration. If you want to enhance security by controlling the user interaction level, you might plan to modify the CIW in the following ways:
Add or remove entire CIW screens.
Add or remove individual options within CIW screens.
Provide additional text or instructions to users.
Create new screens that prompt the user for specific information that you use to control image installation.
For example, you might add a new screen that prompts users to provide additional security information. Also consider that for any entry that you can specify in an answer file, you can create OSC variables in an answer file to capture information that users input in response to CIW prompts. By implementing modifications to the CIW, you can limit the information presented to potential unauthorized clients or require them to provide specific information that ensures they are valid RIS clients. For more information about defining and modifying the CIW configuration, see "CIW Design Tasks" later in this chapter.
You might also consider whether different user groups should receive different modifications to increase the security of RIS installations.
For this part of your security planning process, use the "Security Enhancement with Group Policy and User Interaction Level Control" section in job aid "Planning RIS Server Security" (ACIRIS_05.doc) on the Windows Server 2003 Deployment Kit companion CD (or see "Planning RIS Server Security" on the Web at https://www.microsoft.com/reskit) to record your choice to use the CIW to control the user interaction level. Also indicate the types of controls you want to use and the user groups to which they will be applied.
|
