ESET Endpoint Encryption and System Image Deployment
If you wish to use ESET Endpoint Encryption in a system image for deployment, please be aware of the following:
Workstation ID (Duplication)
When activating a managed client, a unique Workstation ID is generated enabling the ESET Endpoint Encryption (EEE) Server management console to communicate with the Workstation.
If a system image is created with an activated EEE client, the EEE Server will have multiple instances of the workstation to communicate with. As commands can only be retrieved by one instance, this will cause multiple issues while trying to control the estate.
To check your workstation ID's please see our article below:
Full Disk Encryption (Encryption Key Duplication)
When installing a managed client MSI with the Workstation Policy to 'Automatically start encryption after installation' enabled, the Full Disk Encryption Key is generated during the install process. As such, if an already installed MSI is used in a system image the Full Disk Encryption Key will be identical for each subsequent image deployed.
If you are using an image distribution software package such as Microsoft Deployment Tools (MDT), EEE can be applied without installation or activation. MDT will allow EEE to be installed using MSIExec for each deployment. Please see documentation below:
You have a duplicated Workstation ID.
You have previously or currently have an activated EEE MSI installed on your deployed system image.
Apply the following changes to your system image:
1. Delete 'DLSDBLK0.sys' from C:\windows\system32\drivers \
4. Reboot the workstation.
Kewords: MDT stock image gold acronis clonezilla paragon