Allow obscuring of all or portions of the SCCM installation command-line
I would like to see an option added to SCCM to allow obscuring portions of the installation command-line. This functionality would be particular useful for application installations like Microsoft SQL Server Express which accept an argument to the setup.exe specifying a clear text password.
The benefit of obscuring the password would be that the SCCM logs (i.e. appenforce.log) would not have a clear text version of the password which could be opened and read by any user having access to the c:\windows\ccm\logs folder.
Jon Gibert commented
We have observed the same thing; that there are many secrets passed on the command line for both the installation and removal of many software products. Anyone with basic ConfigMgr knowledge could mine the ConfigMgr logs to find these secrets. The option to not record the command line for Deployment Types and for Legacy Packages is important.
Additionally, the command lines are in plain text within several WMI instances and could be easily retrieved from there as well. The command lines in those WMI instances would need to be encrypted with a key that the local computer has access to. (It could still be attacked; but not easily.)