VMware Horizon Community
Alethay
Enthusiast
Enthusiast
‎11-26-2013 06:35 AM

Horizon View 5.2 and Symantec Endpoint Protection

Hi everybody,

have you some experience in linked-clone pool with symantec end point protection 12.1 intstall on it, and the issues of duplicate ID on the console after recompose operation?

Thank's in advance

Ale

Reply
0 Kudos
10 Replies
mittim12
Immortal
Immortal
‎11-26-2013 06:46 AM

You should do a search on Symantec's site as their is a process you should follow before shutting down your golden image and creating the snapshot.    After running this process each client should get a unique ID when coming online.

Reply
0 Kudos
Alethay
Enthusiast
Enthusiast
‎11-26-2013 07:09 AM

I’ve already try the ClientSideClonePerpTool on the master image but, when you recompose a pool during the sysprep or quickprep process, anoter ID was generated!

That tool can’t be executed in silent mode so I’ve created a batch file for deleting registry key, the sephwid.xml and connector.dat file but I’m unable to execute as a post sync or power off script.

Reply
0 Kudos
mittim12
Immortal
Immortal
‎11-26-2013 07:17 AM

My process consist of updating my golden image, running the client side tool as administration,   once it finishes I shutdown the golden image,  and finally create my new snapshot for the pool.   I've never had any issues with duplicate ids.

Reply
0 Kudos
Alethay
Enthusiast
Enthusiast
‎11-26-2013 07:39 AM

Exactly what i do! But as the symantec article<http://www.symantec.com/business/support/index?page=content&id=HOWTO54706> say, If the system is rebooted or the Endpoint Protection client services are restarted then new identifiers will be generated and you must re-run the tool before cloning.

So when I recompose my pool, a new ID was generated at the first startup (after cloning) before the sysprep/quickprep process!

Reply
0 Kudos
bjohn
Enthusiast
Enthusiast
‎11-26-2013 07:43 AM

Same as mittin, but I quickprep, but I dont see how sysprep would make a difference.

http://www.symantec.com/business/support/index?page=content&id=TECH180229

Reply
mittim12
Immortal
Immortal
‎11-26-2013 07:46 AM

No, the boot post recompose is the first boot since the clientside tool was run and thus is a new identifier for the desktop.

Reply
0 Kudos
Alethay
Enthusiast
Enthusiast
‎11-26-2013 08:29 AM

Right! but the ID that was generated here is different from the first ID, and before the sysprep/quickprep was applied, the virtual desktop hostname is the same of the master image so different object in the SEP conosole was created.. in my case of course! Anyway I’ve submit a case to Symantec support, I hope to post an update soon.

Thank’s a lot

Reply
0 Kudos
Alethay
Enthusiast
Enthusiast
‎11-26-2013 08:49 AM

@bjohn the pool is persistent!

Reply
0 Kudos
mithunsanghavi
Contributor
Contributor
‎12-02-2013 01:36 PM

Hello,

Check this Article:

Duplicate SEP clients appear in the Symantec Endpoint Protection Manager console

https://www-secure.symantec.com/connect/articles/duplicate-sep-clients-appear-symantec-endpoint-prot...

There are two causes for this issue:

Current Theory: The first possible cause for this is when an Endpoint has been re-imaged (whether in a virtual machine or on a physical system).

Things we know: Each installation of Symantec Endpoint Protection (SEP) randomly creates a "Unique Identifier" for the client. So if this changes and the re-imaged system checks in, it is recognized as a new client.

Example: The IP and computer name are the same, yet the database still shows a different Unique ID.

The second cause for this is related to an issue with moving clients to a different OU in Active Directory.

Duplicate Endpoint Protection client IDs occur if the base image was not prepared for cloning. For more information, read the article How to prepare a Symantec Endpoint Protection 12.1 client for cloning.

However to Resolve this issue, check these Articles for SEP 12.1: -

How to repair duplicate IDs on cloned Symantec Endpoint Protection 12.1 clients

http://www.symantec.com/docs/TECH163349

Duplicate SEP clients appear in the Symantec Endpoint Protection Manager console

https://www-secure.symantec.com/connect/articles/duplicate-sep-clients-appear-symantec-endpoint-prot...

To prevent this from happening, I would recommend you to prepare your clients before cloning /image, check this article:

How to prepare a Symantec Endpoint Protection 12.1 client for cloning (image)

http://www.symantec.com/docs/HOWTO54706

Hope that helps!!

Reply
Alethay
Enthusiast
Enthusiast
‎12-06-2013 02:20 AM

Hi all,

Symantec support confirm that duplicate client on SEPM is “normal” during the recompose operation! To avoid this problem you must mark the master image as “non persistent” adding the registry key as show in the Installation and administration guide<http://www.symantec.com/business/support/index?page=content&id=DOC6153> (pag.690), and setting up the SEPM domain properties “deleting non persistent VDI client” to 1 day.

Thanks a lot for support.

Ale

Reply
0 Kudos