netskope installation for windows with scripted registration

R
Badge +5

We've been using netskope for a while here at the company and we have difficulty with the issue of the employee registering with the client. After reading the installation documentation on Linux, I was able to create a script for direct installation with the user's registration and it was a success. I researched a lot looking for a script to do the same in windows and I didn't find anything.
Has anyone in the community been through this situation and managed to solve it? Remembering that we don't use AD.

Thanks so much for everyone's help.

1 Attachment

13 replies

S
Rank
Userlevel 6
Badge +16

Hello @rmessina,


Just to confirm, are you looking for a method to deploy the Netskope client in IDP mode on Windows (based on your screenshot)?  Or are you looking for a way to transparently install the client without user interaction?  

 

Sam ShiflettNetskope Solution Architect - North America
R
Badge +5

Hello, I need a way to install the client transparently without user interaction?
Today we only work with Google Workspace, without any user management solution.

S
Rank
Userlevel 6
Badge +16

Does your Google Workspace subscription include their IDP to perform SAML based auth?  If so, then you could have users auth to Google to enroll the client.   If not, we can look at other options such as email invites or some more customized options but we would need to verify that they are supported.  

Sam ShiflettNetskope Solution Architect - North America
R
Badge +5

Here we have authentication via Google's SAML and with that we authenticate directly without problems. But the problem is that we don't want user interaction due to lack of commitment on their side. The implementation for Linux we were able to create a script that makes the automatic login and with Windows the documentation only shows via AD, JumpCloud and MDM and we don't have these services. Here is our problem!

A
Badge +2

Hi, any updates about this case?
I've exactly the same situation

S
Rank
Userlevel 6
Badge +16

Hello @aludovico,


Just to confirm as a few items were discussed in this thread.  Is this for Linux or Windows? 

Sam ShiflettNetskope Solution Architect - North America
A
Badge +2

It's for Windows. We imported the user to the tenant and we integrated the Google Workspace on Foward Proxy to be used as idP provider for Client Enrollment.
During the client installation we were able to deploy on linux without any user interaction, but on Windows the user still needed to sign-in (and we didn't want it).

Could we avoid this user interaction need? Thanks

S
Rank
Userlevel 6
Badge +16

Are these Domain Joined Windows machines? 

Sam ShiflettNetskope Solution Architect - North America
A
Badge +2

No, most machines aren't joined to the domain.

S
Rank
Userlevel 6
Badge +16

@aludovico we need some way to verify the identity of the user to enroll them to your tenant.  In domain joined machines this is simple as we can use their UPN to validate them following Windows authentication.  If the machines are not domain joined then IDP based enrollment is an option as is email based invitations.  How many users on Windows do you need to enroll? Are these shared machines or single users machine?  


Sam ShiflettNetskope Solution Architect - North America
A
Badge +2

Thank you @sshiflett 
I understand it and I was just wondering if we couldn't manipulate and personalize each user deployment with your own script (similar to e-mail invite) and deploy it throught ManageEngine Endpoint Central

G

@aludovico I am with the same problem. I install the client, but I need that the colaborator to logging manually. I have Mac, Windows and Linux and not have AD (I use Jumpcloud).

S
Rank
Userlevel 6
Badge +16

Hello @gabrieldmeida,

 

Are the machines domain joined at all (JumpCloud)?  Without a UPN on the local machine (or another method such as PLIST on Mac to provide the username) we would need to use an Identity Provider to get the user's info on first connection. 

Sam ShiflettNetskope Solution Architect - North America

Reply


Terms & ConditionsCookie settings