Hi all,
I have an issue currently that I am still trying to understand and resolve, but a brief summary of my issue and how I work around it to follow.
Method:
I currently have 250 Thin-Clients running Windows 7 Embedded, I deploy images via HDD cloning method and the agent is installed by a batch file running the agent installer.exe file with the write filter off. After the install is complete and all other tasks in my .bat the script enables the write-filter then reboots.
Agent seems to work to a degree, the TC shows on the LD Core server and after the 1st night (OOO night-time scanning) I get results showing outstanding vulnerabilities, however the machine seems to be filling up its temp files and not downloading or installing patches. It is like the agent is not properly installed.
The older method I had was to install almost the same way, but with the Embedded WF turned on, but then .bat commits after the agent install at the end, this installs agent, visible on core server- BUT doesn't scan or patch either - but I cannot see what vulnerabilities are detected this method.
Workaround:
The way around this currently is to deploy agent from the LD-Core server again on top of the machines that have installed agent via the deployed image. This however causes a lot more work and I was hoping somebody here understands what's happening and can advise a solution.
Ideas of cause:
These are purely suggestions and ideas that I was looking at testing to see if they are a potential cause.
- Does LDA need a reboot before installation is completing - therefore a reboot is needed while WF is off, AND THEN the build batch script will THEN enable the WF again. - Meaning I would need to trigger a script that ends, then recalls another script upon second reboot maybe with a combination of AutoAdminLogon and Runonce.
- Does the agent setting of "Detect a reboot" need to be forced maybe for TC's?
Any help on this is appreciated.