Skip to main content

Hello Netskope Community,

 

we want to use netskope on a azure virtual desktop environment which uses FSLOGIX.

But sadly we don’t get it running.

 

We configured the installation of the client in the golden image with the multisuser mode

command:

tenant=igz domain=de.goskope.com installmode=IDP mode=peruserconfig enrollauthtoken=*token*enrollencryptiontoken=*token* autoupdate=on /qn

there would be a npavdimode as well but as far as I understood this mode is only needed when all  users should use the same tunnel on the vdi.

We want that the user on the vdi needs to logon to the client with his azure user, so he has his personal tunnel up with his own private app permissions.

 

On the first logon on sessionhost A it works without any problems.

If I relogon and get on sessionhost B my npa will not connecting anymore.

 

We think that on the first logon my client genereates an encryption key to safe the client settings. 

And on sessionhost B this wont match anymore.

we are getting the following errors in the nsdebug.log on sessionhost B.

 

Looks like the certificates are not reachable for the client anymore.

 

Did someone implement successfully the netskope client with multi user config on a AVD with FSLOGIX or maybe citrix?

Thanks for your help!

 

Hello ​@R3F1N3D


Just to clarify a few things, the settings referenced at https://docs.netskope.com/en/use-the-npa-client-in-windows-multi-user-virtual-desktop-environments/ are still needed in a case where simultaneous logins are in play.   The npavdi flag enables support for multiple users specifically. 

I am not aware of periodic reauth works in this scenario but I’d suggest opening a support case to verify the settings.  The other consideration around FSLogix is documented at https://docs.netskope.com/en/netskope-client-for-windows under the userconfiglocation= < path > section.  If the default storage location for the client config is not persistent (%AppData%\Netskope\STAgent) then it’s recommended to redirect the user config to a persistent location so the client doesn’t have to download the config each time.


Reply