Support Hidden or Encrypted Assisted Install.txt

Idea created by bigtom on Mar 24, 2018
    • jfletch
    • user19752
    • Johan Hedman
    • mikeo'neil
    • bigtom
    • Markus Schneider
    • GerardBeutler

    Assisted Install is an amazing feature, however it does have some issues. Often enough the installers are distributed to clients for self installation when the machine is not available for a truly controlled network install by an IT department.


    The issue is that the Assisted Install.txt file is visible. It can be opened and edited. There are some limited efforts that can be made to deter clients from manipulating the install parameters, but they are not difficult for anyone to overcome. This can lead to clients having access to features they should not. This is particularly an issue with vertical solutions, but it is an issue for any deployment. Clients have access to all install settings including the license key. Not very good considering some license agreements use the same key for FMS as the FMP client. This has even more risk of problems with clients pirating the keys to run their own FMS and clients.


    The best option would be to have some sort of encryption for the Assisted Install.txt file, but support for FMP reading from ".Assisted Install.txt" or other hidden file nomenclature would be a step in the right direction.


    IT should really not provide a user with an installer ever because of these risks, but in practice this does happen. Specifically with vertical solutions where the service provider has zero control over the actual user installs.


    I would propose the idea of an FBA/FDS tool that allows for the AI file to be encrypted in a way that the FMP installer will have a built in key to decrypt on install. This would never expose any settings to to the user.


    I strongly feel this will be very important to the future of FM deployments and security.