To best protect your environment, be aware of security risks that might exist when you use Auto Deploy with host profiles.

In most cases, administrators set up Auto Deploy to provision target hosts not only with an image, but also with a host profile. The host profile includes configuration information such as authentication or network settings. Host profiles can be set up to prompt the user for input on first boot. The user input is stored in an answer file. The host profile and answer file (if applicable) are included in the boot image that Auto Deploy downloads to a machine.

The administrator password and user passwords that are included with the host profile and answer file are MD5-encrypted. Any other passwords associated with host profiles are in the clear.

Use the vSphere Authentication Service to set up Active Directory to avoid exposing the Active Directory password. If you set up Active Directory using host profiles, the passwords are not protected.

For more information about Auto Deploy, see the Auto Deploy information that is part of the vSphere Installation and Setup documentation. For more information about host profiles and answer files, see the vSphere Host Profiles documentation.