Security Considerations
-
The Deployment Agent does not store the administrator password in clear text.
-
The client UI collects the credentials and passes them to the device agent to store in separate values of a registry key under EP root.
-
The password stores as an encryption and the principal name stores in plain text.
-
Administrator accounts have access permissions of FULL CONTROL for the registry key.
-
The SYSTEM account has READONLY access permissions for the registry key.
-
The user and password never pass to the target devices. They establish the Task Scheduler connection.