AntiVirus software are always pain in the ass when it’s about delivering desktops through golden images system like Citrix Provisioning Services. It’s changing but still, in most of the company I’m working for there is always the AntiVirus dude who is yelling and requesting to be able to watch / watch and be able to know where the Antivirus software is deployed, if it’s up to date and if all the machine are ok.
Last blog I did about an antivirus was about Symantec SEP 11 (here) and Symantec did their job by understanding what was a virtual environment about with the version 12.
With TrendMicro and ServerProtect, we’re not there yet… Even if their product Office Scan seems to fit better the needs, today I had to deal with Trend Micro ServerProtect installed on the PVS golden images.
The problem remain the same, a Trend GUID is created when installing the piece of software on the golden image but won’t change across multi machine usage. The Trend GUID is located in the registry : HKEY_LOCAL_MACHINESOFTWARETrendMicroServerProtectCurrentVersionSpntServiceNS_GUID with a 75 long character chain.
What I had to do :
- Create a 75 random character string
- Replace the registry value
- create a flag so the value won’t change at each reboot
So I did with my crappy PowerShell skills a very small script (and thanks to Livio @EldejiPoint for the cleanup ^^ )
$file = "D:trend.txt"
$result = [string]::Empty
$set = "abcdefghijklmnopqrstuvwxyz0123456789".ToUpper().ToCharArray()
if (![System.IO.File]::Exists($file))
{
for ($x = 0; $x -lt 75; $x++)
{
$result += $set | Get-Random
}
# return $result
set-ItemProperty -Path "hklm:SOFTWARETrendMicroServerProtectCurrentVersionSpntService" -name "NS_GUID" -Value $result
$result | Add-Content -Path $file
}So this script will be executed as a startup script for the computer (using GPOs) and by creating a trend.txt file on the fixed drive (d:) the generated Trend GUID won’t change upon the file is removed.
I hope it will help !
