Jump to content


  • Posts

  • Joined

  • Last visited

About eset_wes

  • Rank

Profile Information

  • Location
  1. I just opened a support ticket on this issue yesterday. ESET apparently still does not have an answer for this issue. Very frustrating. You would think that a security company would understand the benefits of non-persistent VDI implementations and built a product to support this type of environment. Here are a list of the issues that need to be resolved in v6 concerning agents on VDI desktops: If a computer object is created in ERA (either through AD import or manually) and then an agent is deployed on that computer, ERA is smart enough to link the newly installed agent with the correct computer object. Recompose and refresh operations in VMware Horizon View need the ability to sync with existing (stale) computer objects the same way. When a linked clone VDI desktop recomposes or refreshes, it is going to check in to ERA with the SID of the agent installed on the master image. ERA should be smart enough to detect that the FQDN of the agent does not match the name of the computer object in ERA and either automatically trigger the "reset cloned agent" task if a computer object with that computer name or FQDN does not yet exist, or update/replace the SID on the agent to link it with the existing computer object with the same computer name or FQDN. When a linked clone VDI desktop recomposes or refreshes, (and if a "reset linked clone" task is required), the new computer object should not be placed in the Lost & Found folder. It should be placed back in the folder where the previous object was (based on the computer name or FQDN). When a linked clone VDI desktop recomposes or refreshes, (and if a "reset linked clone" task is required), I should not end up with a bunch of stale computer objects. When using linked clone pools in VMware Horizon View, there is an option to automatically refresh the desktop (revert back to the last snapshot used to create the desktop) every X days or even every time a user logs off. This means that desktops could be refreshed at varying intervals. ERA should be able to automatically fix the duplicated agent SIDs and fix the stale computer objects in real time. I should not have to wait for scheduled "reset cloned agent" tasks to run before this mess is cleaned up. Just because a VDI desktop is recomposed or refreshed, I should not lose any reporting capabilities for the history of that desktop (since I'm using dedicated, non-persistent linked clone pools, the users are assigned to the same desktop each time they log in). I should still be able to see scan history, threat history, etc. for the desktop that was just recomposed or refreshed.
  • Create New...