Today I will talk a small tip if you want to deploy a golden image to make it possible to pre-configure the pulse secure application (formerly knew as the juniper client)
If you don’t do the tip the error you will face if pulse secure is already installed is only one simultaneous machine will be able to connect the VPN. (One user will connect, and the other will be disconnected)
In the base image you need to edit the connstore.dat
After you open the file with notepad, and remove that machine GUID’s line:
Save the change., after we need to erase the Device ID in the registry.
I did a script that do it that way:
net stop juniperaccessservice
REG delete “HKLM\SOFTWARE\Wow6432Node\Juniper Networks\Device Id” /v DeviceId /f
REG delete “HKLM\SOFTWARE\Juniper Networks\Device Id” /v DeviceId /f
After you can copy the .dat, and put in the same folder and name it connstore.new. It will be used if you re-change the golden image, and you need to re change fast the GUID. We can add those line to our script:
copy “C:\Program Files\Common Files\Juniper Networks\ConnectionStore\connstore.new” “C:\Program Files\Common Files\Juniper Networks\ConnectionStore\connstore.dat” /y
copy “C:\Program Files (x86)\Common Files\Juniper Networks\ConnectionStore\connstore.new” “C:\Program Files (x86)\Common Files\Juniper Networks\ConnectionStore\connstore.dat” /y
Updated: Pulse added a command line parameter for shared install, SHAREDINSTALL=1
The command line make the installer to not write the GUID and it does not start the service (so the registry key is not wrote).
I keep my tip there as if you need to restart your golden image for a reason X, then you will still need the script.
Thanks
Phil’s Blog | IT to the core ! 