XenServer Repositories

• Create dedicated storage repositories for build media and virtual machine disks that are separate from your normal file shares
• Use only generic, least-privileged accounts that only have access to the storage repositories
• Never mount any storage repositories with your personal AD account
• Always assume that anyone who has access to log into your XenServer most likely has the privileges to view the stored “secrets” and the clear-text passwords and may use those credentials to further penetrate your infrastructure

passwords are stored in clear text in /var/xapi/state.db

When you correlate the UUID listed as the cifs password_secret in the previous command, you get your username/password combination

xe secret-list command displays the clear-text passwords.

xe pbd-list shows mounted drives