How to get the network access password from WinPE in SCCM. 1

How to get the network access password from WinPE in SCCM.

How to get the network access password from WinPE in SCCM. 2My colleage at Atea, Oddvar Håland Moe, have written a script that dumps the password of the network access account from the boot image in plain text. This is why you never enable command line support in your boot images on a production network. Anyone will be able to retrieve the password during PXE boot / OS deployment.

 

 

SetEnv = CreateObject("Microsoft.SMS.TSEnvironment")
ForEachts in Env.GetVariables()
Ifts = "_SMSTSReserved2"Then
wscript.echo "Password for Network Access Account is: "& Env(ts)
EndIf
Next

 

  1. Press F8 to open up the command line console.
  2. Open notepad.exe and type in the script.
  3. Save it and run it with cscript.exe.

That’s it, the password of the network access account is dumped in plain text.

To protect your system against this, make sure command line support is not enabled in your boot images, and use a dedicated account for the network access with minimum rights necessary.

Be sure to visit Oddvar’s website: MSITpros.

Anders Rødland

Anders Rødland started his IT career in 2006. My main focus is MS Configuration Manager and client management, and I have passed 17 Microsoft certifications since then. My main expertise is on client management with Microsoft Endpoint Manager: Intune and Configuration Manager. I also do a lot of work on the security side with Microsoft Defender for Endpoint. In addition to my Microsoft certification, I also have an ITIL v3 Foundation certification.This is my private blog and do not represent my employer. I use this to share information that I find useful. Sharing is caring.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.