Help

AD binding using directory object in First Run

lisacherie
Contributor II

Posted on ‎08-16-2012 06:59 AM

Everyone might already be aware, but I saw today in testing that an Active Directory bind object created in the Casper Admin Web interface, logs the password of the account used to bind to AD in clear text to the secure log on the client during the first run script.

Be very careful what account you are using to create the object~!
(And maybe add an additional policy to remove this log after binding).

0 Kudos
Reply
1 REPLY 1

jhalvorson
Valued Contributor

Posted on ‎08-30-2012 08:56 AM

With Casper Suite 8.6 and Casper Imaging v8.52, v8.6 - I have seen what you have reported.

The account used to bind to the domain is in clear text within /var/log/secure.log.
It's also visible within the Console.app - All Messages.

Post imaging, I delete the secure.log, but does anyone know how to cleanup the "jamf bind ..." line out of All Messages?

0 Kudos
Reply