This content has been marked as final. Show 6 replies
Speaking of VSE - yes you can. If you also include an ePO agent you have to delete the agents GUID before imaging the system.
Thanks for the quick response. I just have one other question. In the past when we tried to deploy multiple machines, we seemed to have run across an issue where the machine name was also in an additional location. Local settings or in a NAI directory or something, which caused problems when looking at the machines from the management console.
Maybe this was an unrelated issue, and I do know in the past we did not install the agent at the same time. I believe this time around I will install the agent as well and then simply delete the GUID registry entry as you indicated.
I will post back once the initial imaging is complete, hopefully with nothing but good news.
We had a lot of problems with imaged computers registering properly in the ePO database before learning about the Unique Identifier previously mentioned. When building a new computer from an image, I also noticed that the MAC recorded by the agent in the registry did not necessarily match that of the NIC on the new computer. Do you need to remove that from the registry as well? I always removed it to be thorough, but wasn't sure if it was required. If memory serves me correctly, unlike the Unique Identifier (which appears as soon as the Framework service is restarted), the MAC wasn't rerecorded until communication with the repository occurred for the first time (and sometimes it required a reinstall of the agent).
Finally, at least the "OnDemandScan" log file will record the workstation name. I don't believe this effects functionality, but it can cause some confusion when looking through the logs and seeing the name of the workstation used to create the image in old entries. I'm certainly not a McAfee expert, but those are the only caveats I'm aware of when imaging.
This is what i have in our bat file when before running sysprep.
Just make sure the sysprep machine has a custome policy that allows the mcafee service to be stopped and mcafee files/settings to be modifed. Otherwise you will not be able to stop the services or delete the registry keys.
ECHO Stopping unnessary services:
net stop McAfeeFramework /yes
net stop McShield /yes
net stop McTaskManager /yes
ECHO Terminating unneeded processes:
pskill /t frameworkservice
pskill /t updaterui
pskill /t vstskmgr
Echo Prep Mcafee Agent
REG delete "HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent" /v AgentGUID /F
REG delete "HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent" /v MacAddress /F
ECHO Clearing McAfee Logs....
del /q "%DEFLOGDIR%\AccessProtectionLog.txt"
del /q "%DEFLOGDIR%\BufferOverflowProtectionLog.txt"
del /q "%DEFLOGDIR%\EmailOnDeliveryLog.txt"
del /q "%DEFLOGDIR%\OnAccessScanLog.txt"
del /q "%DEFLOGDIR%\OnDemandScanLog.txt"
del /q "%DEFLOGDIR%\UpdateLog.txt"
del /q "c:\quarantine\*.*"
MMM when you want a custom policy then drop me a note.
Is their a way to import/export the custom policy settings?
I am attempting my first image now...will let you know how things work out...