Non-persistent VDI shows up as Golden Image instead of VDI

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Non-persistent VDI shows up as Golden Image instead of VDI

L0 Member

Hi

We have a non persistent VDI environment. We installed the Cortex Agent (7.4.2.35695) on the Golden Image according to the guide: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-2/cortex-xdr-agent-admin/cortex-xdr-agent-for-...

If we then create new VDIs based on this image with the Citrix Provisioning Services they all show up as INSTALLATION TYPE: Golden Image in the console instead of VDI. They have also all the same EndpointID so they override each other in the Console. Hence we see only one at a time. Does anyone has any experience with this kind of  setting.
Regards Chris

1 accepted solution

Accepted Solutions

L4 Transporter

Hi Chris,
what I can think firstly is to double check that you have run the following command paying utmost attention to the last part of it when you enable the VDI.

 

msiexec /i c:\install\cortexxdr.msi /l*v C:\temp\cortexxdrinstall.log /qn VDI_ENABLED=1


Could you please confirm that VDI_ENABLED=1

If the former was done correctly, please perform the following in a couple of VDIs and check that the ID and the VDI name are different. This should make the difference between two different instances of the same VDI golden image

 

cytool vdi update

 

I've seen also that you have Citrix. If positive, please also make sure that you have read and completed the following steps:


Configure Agent Compatibility for Citrix App Layering
Due to a Citrix App Layering limitation, you must install the Cortex XDR agent only on the OS layer according to this workflow. This enables the Cortex XDR agent to provide full protection of your endpoints:
Install the Cortex XDR agent on OS layer during the preparation process of the App Layering image.
Cortex XDR agent installations on the Application layer or User layer are not supported.
Stop the Cortex XDR agent.
Before you finalize the OS layer, you must make changes in the Cortex XDR agent settings. To make these changes, you must first stop the agent by running the Cytool runtime stop command.
Delete two Cyvera folders.
Delete the following folders to allow them to be recreated later on:
c:\ProgramData\Cyvera\LocalSystem\Download\content
c:\ProgramData\Cyvera\LocalSystem\Persistence\cloud_frontend_db
Add the Cortex XDR agent to the Citrix App Layering exclusion list.
Add the following entry to the Windows Registry: HKLM\SYSTEM\CurrentControlSet\Services\Unirsd\ExcludeKey [REG_SZ] = "\Registry\Machine\System\Cyvera"
Shut down the OS layer and finalize the layer.

 

Please come back with feedback and dont forget to thumbs up if this answer was helpful.

 

KR and have a good VDI - Cortex XDR game time,

Luis 

View solution in original post

2 REPLIES 2

L4 Transporter

Hi Chris,
what I can think firstly is to double check that you have run the following command paying utmost attention to the last part of it when you enable the VDI.

 

msiexec /i c:\install\cortexxdr.msi /l*v C:\temp\cortexxdrinstall.log /qn VDI_ENABLED=1


Could you please confirm that VDI_ENABLED=1

If the former was done correctly, please perform the following in a couple of VDIs and check that the ID and the VDI name are different. This should make the difference between two different instances of the same VDI golden image

 

cytool vdi update

 

I've seen also that you have Citrix. If positive, please also make sure that you have read and completed the following steps:


Configure Agent Compatibility for Citrix App Layering
Due to a Citrix App Layering limitation, you must install the Cortex XDR agent only on the OS layer according to this workflow. This enables the Cortex XDR agent to provide full protection of your endpoints:
Install the Cortex XDR agent on OS layer during the preparation process of the App Layering image.
Cortex XDR agent installations on the Application layer or User layer are not supported.
Stop the Cortex XDR agent.
Before you finalize the OS layer, you must make changes in the Cortex XDR agent settings. To make these changes, you must first stop the agent by running the Cytool runtime stop command.
Delete two Cyvera folders.
Delete the following folders to allow them to be recreated later on:
c:\ProgramData\Cyvera\LocalSystem\Download\content
c:\ProgramData\Cyvera\LocalSystem\Persistence\cloud_frontend_db
Add the Cortex XDR agent to the Citrix App Layering exclusion list.
Add the following entry to the Windows Registry: HKLM\SYSTEM\CurrentControlSet\Services\Unirsd\ExcludeKey [REG_SZ] = "\Registry\Machine\System\Cyvera"
Shut down the OS layer and finalize the layer.

 

Please come back with feedback and dont forget to thumbs up if this answer was helpful.

 

KR and have a good VDI - Cortex XDR game time,

Luis 

Hi Eluis


Sorry for the late answer. The following steps before finishing the Golden Image solved the issue:

"%ProgramFiles%\Palo Alto Networks\Traps\cytool.exe" protect disable

"%ProgramFiles%\Palo Alto Networks\Traps\cytool.exe" runtime stop

del /f /q    "%ProgramData%\Cyvera\LocalSystem\OsPersistence\agent.id"
del /f /q    "%ProgramData%\Cyvera\LocalSystem\OsPersistence\hardware.id"

del /f /q /s "%ProgramData%\Cyvera\LocalSystem\Persistence\cloud_frontend.db"

 

Regards Chris

  • 1 accepted solution
  • 6616 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!