This article describes how to install Carbon Black Cloud Windows sensors on the command line or through software distribution tools in a VMware vSphere environment to enable the automatic identification and registration of vSphere clones.
To get started, see Installing Sensors on Endpoints in a VDI Environment.
Make sure that your environment meets the minimum requirements:
- Carbon Black Cloud Windows sensor 3.7 MR2 and later
- vCenter Server 6.7 or later
- Host with ESXi 6.7 or later connected to the vCenter server
- Windows VM running OS versions that are supported by the sensor
- Carbon Black Host Module installed and running on the hosts on which VMs are deployed
- Install the Windows sensor on VMs using the following command:
msiexec.exe /q /i <Sensor Installer Path> /L*v msi.log COMPANY_CODE="XYZABC" CLI_USERS=<UserGroupSid> AUTO_REREGISTER_FOR_VDI_CLONES=3 GROUP_NAME="<Virtual Policy>"< Sensor Installer Path> : Replace this value with the location of the sensor MSI file; for example,
c:\tmp\installer_win-64-184.108.40.2063.msiCLI_USERS= <UserGroupSid>: This parameter enables RepCLI usage on the clones. The value is the Security Identifier (SID) of the user account/group that will run RepCLI commands on the clones.GROUP_NAME: Indicates the policy name that has the necessary exclusions and configurations.
- (Optional) Confirm that the required configuration properties are set correctly to enable the automatic identification and reregistration of vSphere clones:
- Use the
repcli configpropscommand to verify that the configuration properties have the expected values:
Table 1. Configuration Properties Configuration Property and Value Usage
- If any of these configuration properties have different values, edit C:\ProgramData\CarbonBlack\DataFiles\cfg.ini to change them. To disable automatic reregistration, set
0. After you have made your changes, run the
RepCLI updateconfigcommand to immediately update the cfg.ini file.Note: You must put the sensor into bypass mode before you can edit cfg.ini. As a best practice, make a backup of cfg.ini into another directory before you edit it in a plain text editor. After you have edited cfg.ini, take the sensor out of bypass mode. For more details about editing cfg.ini, see How To Change ConfigProps Via Cfgi.ini.
- Use the
- Issue the
repcli statuscommand to verify that the sensor can connect to the host module and can query external identifiers. For example:
cmd> repcli status General Info: Sensor Version[220.127.116.110 - Oct 8 2021 - 14:41:39] Local Scanner Version[ - ] Sensor State[Enabled] DeviceHash[e56223a76e00...] DeviceID VirtualGuestToHostCommsStatus[Connected] ExternalIdentity[ee8fc1c7-bd1e-4b10-9f32-04825a8b136e::501052cb-1d88-24b6-963d-9625a6c39f1e]
- Clone the VM through vSphere or by using APIs (managed object browser, pyVmomi, etc.).
The sensor running on the cloned VM should reregister. You can check the same by running
repcli statuson the clone VM and ensuring that the updated external identifiers have persisted and the Device ID has changed.