Showing results for 
Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 1

McAfee Agent (enableVDIMode), VMWare Horizon View (Linked-Clones)

Anyone have success configuring VDI Mode with:

VMWare Horizon View (using Linked-Clones)*

MA  (enableVDIMode)

Windows 7 (master image)

ePO 5.3.1


Key being using linked-clones.  So in this scenario you have the Parent VM ("Master Image"), where MA is installed /enableVDIMode.  When this is done, one issue that is seen is that you end up with a number of machines with duplicate GUIDs coming online.  Perhaps we have to use enableVDIMode AND also remove the AgentGUID?  I am wondering if AgentGUID generation is hardware dependent?


quick sketch of process

                                 /-> Linked-Clone -> Snapshot + "DeltaDisk" => VDI (instance01)

Parent VM(AgentGUID removed) ----|-> Linked-Clone -> Snapshot + "DeltaDisk" => VDI (instance02)

                                  \-> Linked-Clone -> Snapshot + "DeltaDisk" => VDI (instance...)


Linked-Clones are started based off the ParentVM and it is at that stage that MAC Address, HOSTNAME, IPAddress, are assigned (provisioning or "Composed").  At some point, the Linked-Clone is joined to the domain and a Snapshot of that linked clone is made (have to verify if the linked-clone is running when the snapshot is made or shutdown).  The DeltaDisk is a temporary location for machine data. Once the users logs off VDI it is reverted back to the Snapshot state and the DeltaDisk is destroyed.


In this scenario when should the McAfee Agent be started to generate its AgentGUID?  The Linked-Clone is repeatedly shutdown during the provisioning process, how possible is it that multiple linked clones will decide to generate an identical AgentGUID given they have no MAC ADDRESS, no IPADDRESS, nor HOSTNAME ? - they all *ARE* the same virtual hardware, until sometime during the provisioning (Composition) process; is there a potential concern here if MA starts too early in the composition processes, such as before a MAC, HOSTNAME, or IPADDRESS has been assigned?  What is the algorithm for McAfee Agent GUID creation?  Is this an academic exercise or does this idea have legs for consideration?


*Linked-Clones versus Full Clones aka  "Linked-Clone Desktop Pool" versus "Automated Pools That Contain Full Virtual Machines"

  both can be non-persistent - and I am hoping someone has had success with enableVDIMode while using Linked-Clones


[editted to highlight questions]

[editted 22Jan2018] - also seeing instances of the issue with McAfee Agent 5.0.x

NOTE folks are "working around" the issue in cases of VMware View/LinkedClones by not using /enableVDIMode and following the guidance in KB60776, which is disabling sequence checking and having Server Tasks in place to remove stale VDI systems - a huge headache but better than duplicate GUIDs for some.