netskope installation for windows with scripted registration

rmessina · ‎06-14-2023

We've been using netskope for a while here at the company and we have difficulty with the issue of the employee registering with the client. After reading the installation documentation on Linux, I was able to create a script for direct installation with the user's registration and it was a success. I researched a lot looking for a script to do the same in windows and I didn't find anything.
Has anyone in the community been through this situation and managed to solve it? Remembering that we don't use AD.

Thanks so much for everyone's help.

sshiflett · ‎07-05-2023

Hello @rmessina,

Just to confirm, are you looking for a method to deploy the Netskope client in IDP mode on Windows (based on your screenshot)? Or are you looking for a way to transparently install the client without user interaction?

Sam Shiflett
Netskope Solution Architect - North America

rmessina · ‎07-05-2023

Hello, I need a way to install the client transparently without user interaction?
Today we only work with Google Workspace, without any user management solution.

sshiflett · ‎07-07-2023

Does your Google Workspace subscription include their IDP to perform SAML based auth? If so, then you could have users auth to Google to enroll the client. If not, we can look at other options such as email invites or some more customized options but we would need to verify that they are supported.

Sam Shiflett
Netskope Solution Architect - North America

rmessina · ‎07-07-2023

Here we have authentication via Google's SAML and with that we authenticate directly without problems. But the problem is that we don't want user interaction due to lack of commitment on their side. The implementation for Linux we were able to create a script that makes the automatic login and with Windows the documentation only shows via AD, JumpCloud and MDM and we don't have these services. Here is our problem!

aludovico · ‎08-08-2023

Hi, any updates about this case?
I've exactly the same situation

sshiflett · ‎08-08-2023

Hello @aludovico,

Just to confirm as a few items were discussed in this thread. Is this for Linux or Windows?

Sam Shiflett
Netskope Solution Architect - North America

aludovico · ‎08-08-2023

It's for Windows. We imported the user to the tenant and we integrated the Google Workspace on Foward Proxy to be used as idP provider for Client Enrollment.
During the client installation we were able to deploy on linux without any user interaction, but on Windows the user still needed to sign-in (and we didn't want it).

Could we avoid this user interaction need? Thanks

sshiflett · ‎08-08-2023

Are these Domain Joined Windows machines?

Sam Shiflett
Netskope Solution Architect - North America

aludovico · ‎08-08-2023

No, most machines aren't joined to the domain.

sshiflett · ‎08-09-2023

@aludovico we need some way to verify the identity of the user to enroll them to your tenant. In domain joined machines this is simple as we can use their UPN to validate them following Windows authentication. If the machines are not domain joined then IDP based enrollment is an option as is email based invitations. How many users on Windows do you need to enroll? Are these shared machines or single users machine?

Sam Shiflett
Netskope Solution Architect - North America

aludovico · ‎08-09-2023

Thank you @sshiflett
I understand it and I was just wondering if we couldn't manipulate and personalize each user deployment with your own script (similar to e-mail invite) and deploy it throught ManageEngine Endpoint Central