browse
Preparing the Umbrella Roaming Client for Inclusion in a Disk Image
When the Cisco Umbrella roaming client is installed on a new computer, a unique Device ID is created during the registration process.
If you are preparing an image which is saved after the Umbrella roaming client registration process has completed, the unique Device ID will also be cloned, and all Umbrella roaming clients will receive the same policy and report as the same identity in the Umbrella dashboard. Thus, it's essential to follow the procedure below in order to manage the Umbrella roaming client and receive reports.
Procedure
AnyConnect Umbrella Roaming Module:
- Deploy AnyConnect with the Umbrella module present to your image as normal. Do not deploy or include OrgInfo.json at this time.
- Include the distribution settings for OrgInfo.json into the ASA group policy. This will push the OrgInfo.json file to the host post imaging. Note, it is important to not trigger this OrgInfo.json push until after the image is deployed.
- Deploy the image normally.
- Computers receive OrgInfo.json via ASA Group Policy.
Standalone Roaming Client:
These steps simply ask you to install the Umbrella roaming client while ensuring that the workstation is offline, thereby preventing the roaming client from registering until a unique Device ID is created to match the hostname.
Roaming Client 2.3+ and AnyConnect 4.9 MR4+
- Ensure you have the latest version of the Umbrella roaming client by downloading it from the Umbrella dashboard.
- Prepare your image as normal, including the roaming client.
- When your image is created and will not again be modified, delete the roaming client registration on the Umbrella Dashboard belonging to the hostname of the machine used to build the image. This must be deleted prior to pushing the image out.
- If not done until after deployment, clients will re-register upon their next restart. Policy will not apply at the device level until restart.
- When the image deploys, the client will spot that the image-based registration ID is non-existent, and will register based on the current (destination) hostname.
- Done! If the image source hostname reappears, delete it again from the dashboard. Computers which are online should not be used as an image clone unless you are prepared to remove its registration repeatedly from the dashboard.
The result is that the Umbrella roaming client registers as soon as the target computer is powered on for the first time, automatically creating a unique device ID.
Note: The hostname of the computer must be unique in your network in order to register properly!
Hostname changed? Delete the old name and the new name will appear in the dashboard at the next start of the roaming service.
Preparing the Umbrella Roaming Client for Inclusion in a Disk Image
AnyConnect:
- Delete the "data" folder within the deployment folder "umbrella". This may require the service to be stopped if the file has a lock on it from the running service. The service to stop is acumbrellaagent.
- For versions higher than 4.9 MR4, delete the original image's registration on the dashboard and all clients duplicated from this registration will re-register automatically at next service start.
Standalone roaming client:
- Uninstall and re-install the roaming client.
- Delete the original image's registration on the dashboard and all clients duplicated from this registration will re-register automatically at next service start. This service to restart is umbrella_rc.