If I look at the instructions for configuring prelogon, then this seems to require a reinstall of the client with the correct “prelogonuser=<user>@prelogon.netskope.com” command line parameter.
The “nsdiag” command does have a few extra things up its sleave, including update of the secure enrollment tokens.
Is there a (hidden) option to also allow adding a prelogon user to an already installed client?
--Erik
A reinstall is not required for prelogon. You can enable prelogon for already provisioned and enrolled devices by updating the respective client configurations with prelogon settings. Once you’ve done this, the clients will begin enrolling with these settings as they check in.
The instructions to enable via the command line installer are for cases where a user hasn’t enrolled and you want to provide machine level connectivity such as first time log ons, joining a remote machine to the domain and Intune Autopilot.
Thank you for clarifying that Sam!
Does this apply for first time users on a multi-user (peruserconfig) device as well?
--Erik
It should yes. The assumption being that one of the users who logs on is assigned a client config that has prelogon enabled.
Depending on the device type there may be additional configuration options on multiuser systems as well:
https://docs.netskope.com/en/use-the-npa-client-in-windows-multi-user-virtual-desktop-environments/
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
