Environment: SEPM 12.1.5 (RU 5), Clients SEP 12.1.4 (RU 4), Citrix Machine Creation Service (MCS), VMWare, Windows 7 - Base Image, vDisk, 1800 clones from the base image, 10,000 if we count duplicates. SEPM is configured to 90 revisions (30 days?) as per the VDI best practices provided by Symantec. Clients are deleted after 7 days of loss of connectivity from SEPM and Non Persistent VDI clients are deleted after 1 day. All VDI clients go into one group where Tamper Protection is disabled temporarily for the sake of troubleshooting. Base Image gets refreshed every 28 days. Meanwhile, the group has a GUP defined.
Base Image Setup Steps:
1. Change Registry to make base image a GVM - HOWTO81134 ( One Time)
2. Run Live Update (Every 28 Days)
3. Run the Prep tool (Every 28 Days)
4. Sysprep (Every 28 Days)
Issue: After each reboot, a duplicate is seen in SEPM with same machine and IP address but Different Uniqe ID and HW key for each instance of the duplicate. (Tech 123419) .
Question(s):
1. Everything in Tech 123419 seems to be a workaround, but no out of the box solution? Is there such a thing?
2. Is this a Symantec Compatibility Issue with Citrix, or Citrix issue in general? or something else?
3. If the batch script is executed that is mentioned as a possible workaround, no need to run the Prep Tool?
4. What are the risks of using a unmanaged client in this environment as suggested by the TECH article?
5. If 1800 machines are getting cloned from the base image for users and are sharing vDisk, from an endpoint security perspective, should this be looked as 1800 possible entry points for viruses or one?