Follow

How to use Profiledisk when also using CAC for authentication

Product: ProfileUnity

Product Version: 6.5.8

Expires on: 365 days from publish date

Updated: Jan 27, 2017

 

Problem:

How to use ProfileDisk when also using CAC for authentication -6.5.8

 

ProfileUnity 6.5.9 will include new updates for adm/admx template where you can add the needed registry entry below via GPO along with new files in attachment. 

 

 

Prereqs:

  • Download attached fa_cac.zip
  • Import attached Registry module json file into relevant configuration
  • Obtain/Create or use a existing account to use as a Service account
  • Share where the ProfileDisk VHDs will be stored.  The Service account and Users must have full control. This directory should be separate path than your normal portability and folder redirection.

 

Possible Resolution(s):

1. Create a Service Account to use for process

  • In AD create an account to use as the service account for this process or use an existing account
  • Make sure the service account has full control on the share where the vhd ProfileDisks are to be stored.
  • In ProfileUnity Console> Navigate to Administration on top right
  • Scroll down to ProfileUnity Tools Section
  • Add relevant account info and download the .creds file to the share or netlogon folder where the ProfileUnity client tools (ini path) reside.  If the password for this account expires or changes you will need to repeat this process.

 

2. New Files needed in flexapp.zip, and on Parent if ProfileUnity is installed on base 

  • Copy out the original flexapp.zip from the netlogon or share where client tools exist.
  • Extract the files locally
  • Replace the following files and dll's (lwl_cred_mgr.dll & lwl_cred_mgr64.dll, LwlLogonNotifier.exe, LwlLogonNotifier.exe.config) in the extracted files.
  • Re-zip all files and rename to flexapp.zip
  • Replace flexapp.zip on netlogon or share (backup first).

On your parent image uninstall and reinstall the ProfileUnity client tools 

See Installing ProfileUnity in Parent Image

 

3. Registry Entry in ProfileUnity Configuration

  • Download the locally the attached ModuleItems-Windows 7, New Non-Persistent VDI Deployment.json file
  • In the ProfileUnity Console select the appropriate configuration
  • Navigate to the registry module and select import

  • Should look like this:

  • Once imported select update on top right

4. Download updated ini (configuration file) to netlogon or share where client tools reside.

 

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.