Versionv7.x
Issue
When using Unidesk application to create VDI clone machines, the clones will not successfully complete initialization and show 'Up to Date' in the Bit9 Console.
Symptoms
The clones will show up in the console as "unprotected - reboot required" and might get stuck at 99% initialization, but never complete the process.
Cause
Some VM and machine cloning methods generate new volume ID's. This invalidates the GUID based paths in our registry settings and causes other problems, such as the driver not recognizing Parity service as a Bit9 process.
Solution
To fix this, simply clear the following two registry values as part of your cloning process. On next boot, the Parity driver will automatically recalculate the correct volume GUID and installation path. If Bit9 is part of the gold base image, that is the place to make this change.
Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ParityDriver\Parameters
Values
ParityAgentInstallPath
ParityAgentDataPath
The Parity driver, the Parity agent service and the tamper protection must be off in order to alter the registry value. It might be necessary to attempt this change in If your VM build process can set registry values before the driver is running (possibly as an off-line process), that should be sufficient. If you need to turn off tamper protection:
In an elevated command prompt:
dascli password <CLI_password>
dascli tamperprotect 0
net stop parity
fltmc unload parity driver
<change registry settings>
<save Golden Image without rebooting>
Newly deployed clones should successfully start the Bit9 agent and have the correct registry keys to register with the Bit9 console and finish initialization successfully.