Security best practices

These best practices provide guidelines that can help you manage security for Microsoft Provisioning System effectively.

Do not use SQL authentication mode

Set a different MPFServiceAcct password for each domain

Secure the physical network

Do not use the domain administrators account for all administration

Use a firewall to protect the network

Grant MPF account permissions to operators only as required

Use packet encryption

Use private procedures

Verify permissions

Implement strong security for SOAP requests

Implement strong security for Delegated Administration Console access

Use debugging mode for testing only

Enable Anonymous Only access for FTP

Do not enable the ASPEnableParentPaths IIS metabase property

Close all browser windows when logging off Delegated Administration Console