Manualshelf

Installation guide

ManualsBrandsVMware ManualsOtherVCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
41424344454647484950
Software Provisioning Credentials
Normally, VCM does not store customer credentials on a managed machine. During software
provisioning though, the Network Authority credentials are temporarily stored and used to authorize
package installation, uninstallation, user access control (UAC), access to network repositories, restart, or
resume activities. The credentials are protected from disclosure to unprivileged users but are accessible to
a determined local machine administrator who uses custom software.
Because an untrustworthy local administrator can gain access to the Network Authority credentials during
a software provisioning operation, you can mitigate the risk by using the following techniques:
n
Do not initiate software provisioning installation or uninstallation operations on an untrustworthy
machine.
n
Assign the minimal necessary permissions and login rights to the Network Authority account used for
software provisioning.
n
Create an individual Network Authority account with a set of local administrator credentials for
operations on an untrustworthy managed machine.
Software Provisioning Components
VMware, Inc.
47