To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Elements and VMWare Horizon Non-Persistent VDI

Options
Marc Peters
Marc Peters W/ Member Posts: 17 Cyber Knight
edited February 12 in WithSecure Elements Endpoint Protection

Hi

I'm trying to setup our VMWare Horizon non-persistent VDI's to only register with the Elements portal as one device under the same name.

At the moment when a non-persistent VM is created even though it has the same computer name it creates another device in the portal. Obviously this is because the unique ID of the computer is different. I've tried installing with the —use_smbios_guid but this doesn't help because each time a non-persistent VM is created from the gold image it is unique (only the computer name stays the same but even then the AD account is deleted and recreated each time so the —use_ad_guid won't work either).

How do I get around this as my portal will fill up with devices and use up the licences.

Thanks

Best Answer

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 509 Moderator
    Solved
    Options

    Hi Marc,

    Just to clarify — you are getting duplicate devices and licenses being used up, each time a user logs in ?

    We do have a logout tool you can try, which will reset the UID.

    Follow the instructions here for installing the WithSecure Elements Agent using a clone image.

    1. When preparing the image, you need to ensure that you have executed the logout tool like the following, before creating the golden image template:
    "%ProgramFiles(x86)%\F-Secure\PSB\fs_oneclient_logout.exe" --nokeycode



    2. Execute the logout tool like the following when deploying from the golden image, run the tool once it has a network connection:

    "%ProgramFiles(x86)%\F-Secure\PSB\fs_oneclient_logout.exe" --keycode <subscription-key>

    https://help.f-secure.com/product.html#business/psb-portal/latest/en/task_876EBCD2512641E2BAE36F5E74222E34-psb-portal-latest-en

Answers

  • Marc Peters
    Marc Peters W/ Member Posts: 17 Cyber Knight
    edited March 2023
    Options

    Hi


    Thanks for the reply.

    So I should have said that yes I did do the logout on the gold image and then when the VMs is created from the gold image the logout with keycode command is executed as a post deployment task which registers it on the portal.


    Having looked again it appears there is an option for a Power-off script for when the VM is removed. So I will try setting this up to use the logout command to remove it from the portal.


    I'll post back and let you know how that goes.


  • Marc Peters
    Marc Peters W/ Member Posts: 17 Cyber Knight
    edited March 2023
    Options

    Yes, each time a user logs into a VM it creates a device on the portal. When they logout the VM is deleted and a new one is created which then creates another device on the portal, even though it's the same name.


    So when I built the gold image I made sure the logout.exe with nokeycode was executed once I finished. The issue is the VMs created from the gold image all have unique IDs and they are deleted everytime a user logs off so we have hundreds of VMs being created and removed daily.

    Ideally I need a command that I can run on the VMs as they shutdown to remove them from the EPP Portal. Does one exist?

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 509 Moderator
    Options

    Hi @Marc Peters , there is currently no such tool for now from Elements.

    You have to use the logout tool. That will remove the device but only if its not using smbios or adguid.

  • MikaArasola
    MikaArasola W/ Partner, W/ Staff, W/ Product Leadership Posts: 71 W/ Staff
    edited June 2023
    Options

    Hi Marc!

    If it's not too much trouble, could you request for this in the ideas portal? You can find it at the URL abovehttps://ideas.withsecure.com and access will work with your Elements credentials. Add an item under the endpoint protection section and I'll look with developers if we can find a solution for you.

  • wesley
    wesley W/ Member Posts: 4 Security Scout
    Options

    Hello Marc,

    Did you ever got this fixed?

    We got exactly the same thing, and our environments looks the same, with duplicated machines in the portal.
    Installation is done the same way you did on your Horizon environment but stil we get duplicated devices.

  • Marc Peters
    Marc Peters W/ Member Posts: 17 Cyber Knight
    Options

    Hi Wesley

    So the answer for us and hopefully you is that on the desktop pool in Horizon we had to enable the 'Allow Reuse of Existing Computer Accounts'. This means when the AD computer accounts are created it does not remove them each time a clone is created and therefore the WithSecure portal does not see them as unique devices even though they had the same name.

    Marc

  • wesley
    wesley W/ Member Posts: 4 Security Scout
    Options

    Hi Marc,

    Thanks for your quick reply!
    I had the reuse not enabled but enabled this on a pool to test and see how it goes.

    How did you do the installation of the client? Did you use --use_ad_guid or something else?

  • Marc Peters
    Marc Peters W/ Member Posts: 17 Cyber Knight
    Options

    That is correct I used the --use_ad_guid command so that it binds to the AD GUID which will now stay the same now that you have enabled the reuse on the desktop pool.

  • wesley
    wesley W/ Member Posts: 4 Security Scout
    Options

    Thank you Marc you saved me a headache :)

This discussion has been closed.

Categories