Jump to content

Ian Schmidt

Members
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

My Information

  • Agent Count
    500 - 750 Agents
  1. So, in our testing we've found that all you need is a valid token to deploy for any client. The token will set the default location for the client, however it can be overridden by specifying a LocationID in the PowerShell command. So, what we're thinking about doing is putting the token in an online location accessible to the onboarding scripts. The tokens can expire monthly, and the scripts can pull the token into a variable on demand. One token updated and posted each month, all the scripts reference it. The question I have is related to the security around the tokens. Is the token just as vulnerable as the installer itself (the issue that started this whole mess earlier this year). eg: do we need to password protect, whitelist, etc. access to the token? Please feel free to point out why this is a terrible idea or otherwise. Thanks,
×
×
  • Create New...