Preparing the Umbrella Roaming Client for Inclusion in a Disk Image
When the Cisco Umbrella roaming client is installed on a new computer, a unique Device ID is created during the registration process.
If you are preparing an image which is saved after the Umbrella roaming client registration process has completed, the unique Device ID will also be cloned, and all Umbrella roaming clients will receive the same policy and report as the same identity in the Umbrella dashboard. Thus, it's essential to follow the procedure below in order to manage the Umbrella roaming client and receive reports.
AnyConnect Umbrella Roaming Module:
- Deploy AnyConnect with the Umbrella module present to your image as normal. Do not deploy or include OrgInfo.json at this time.
- Include the distribution settings for OrgInfo.json into the ASA group policy. This will push the OrgInfo.json file to the host post imaging. Note, it is important to not trigger this OrgInfo.json push until after the image is deployed.
- Deploy the image normally.
- Computers receive OrgInfo.json via ASA Group Policy.
Standalone Roaming Client:
These steps simply ask you to install the Umbrella roaming client while ensuring that the workstation is offline, thereby preventing the roaming client from registering until a unique Device ID is created to match the hostname.
New for 2.1.127+!
- Ensure you have the latest version of the Umbrella roaming client by downloading it from the Umbrella dashboard.
- Prepare your image as normal, including the roaming client.
- When your image is created and will not again be modified, delete the roaming client registration on the Umbrella Dashboard belonging to the hostname of the machine used to build the image. This must be deleted prior to pushing the image out.
- If not done until after deployment, clients will re-register upon their next restart. Policy will not apply at the device level until restart.
- When the image deploys, the client will spot that the image-based registration ID is non-existent, and will register based on the current (destination) hostname.
- Done! If the image source hostname reappears, delete it again from the dashboard. Computers which are online should not be used as an image clone unless you are prepared to remove its registration repeatedly from the dashboard.
The result is that the Umbrella roaming client registers as soon as the target computer is powered on for the first time, automatically creating a unique device ID.
Note: The hostname of the computer must be unique in your network in order to register properly!
Hostname changed? Delete the old name and the new name will appear in the dashboard within an hour or when the machine next comes online.