Best practices

The following guidelines will help you effectively use Microsoft® Provisioning System.

Set up a separate account for SQL database administration

• For security reasons, it is recommended that you create a separate MPF database user account (for example, mpfdbuser), and then specify that account during the SQL Server installation instead of the standard sa account.

Set up multiple transaction log databases

• Microsoft Provisioning Framework (MPF) load balances across multiple transaction log databases.

Important

• MPF does not support multiple audit log databases or multiple configuration databases.

Set MPFServiceAcct password for each domain

• For multiple forests with different provisioning engines, you should not use the same MPFServiceAcct password for all forests. If you do use the same MPFServiceAcct password password, MPF duplicates objects across the forests. This is appropriate only if you are implementing a common provisioning engine for all domains.

• The Microsoft Provisioning Framework Software Development Kit (SDK) contains additional resources to help you deploy MPF. For more information on the SDK and how to use it, see Microsoft Provisioning Framework SDK.

Do not use blank passwords

• For security reasons, all passwords should be strong passwords. Microsoft recommends that passwords:
  • Are at least seven characters long
  • Do not contain user, company, or other names
  • Do not contain a complete dictionary word
  • Are significantly different from previous passwords
  • Contain a mixture of uppercase letters, lowercase letters, numerals, and keyboard symbols

Use private procedures

• When deploying a procedure, set the access type to private if public access is not required. By default, the namespace file sets access type to public to facilitate testing. In a live production environment, this does not provide the appropriate level of security.

• For more information about setting the access type, see Maintaining and updating namespaces and procedures and To view or modify the access type of a procedure.

Modify default properties only as necessary

• Many of the properties that you can use Provisioning Manager to configure for provisioning servers and namespaces are set to specific defaults during installation. For instance, if you select impersonation during MPF installation, MPF configures the client impersonation level property. Changing this property may prevent transactions for being processed. It is recommended that you modify properties only if you understand the impacts of the modification.

• For more information about using Provisioning Manager to administer the properties of provisioning servers and namespaces, see Using Provisioning Manager.

Do not use MPF to save data for rollback for procedures

• It is recommended that you not implement Save data for rollback for any procedure, unless the provider requires it. Doing so can cause significant impacts on performance.

• For more information on this setting, see Maintaining and updating namespaces and procedures.

Do not use SQL authentication mode

• SQL authentication mode must be configured to support integrated authentication (Windows Authentication and SQL Server Authentication), not just SQL authentication. In SQL Server Authentication mode, credentials are passed in clear text in the connection string.

Implement strong security for SOAP requests

• All SOAP requests to MPF should use https or a strong encryption method.

Secure the physical network

• Physical access to a server is a high security risk. To maintain a more secure environment, you must restrict physical access to all servers and network hardware.

Lock down all namespaces after testing

• Before switching to the production environment, ensure that the permissions of private namespaces are set appropriately.