1 Reply Latest reply on Jul 15, 2014 12:06 PM by GaryMcAllister

    Detecting a Bad VDI Session

    GusMcCabe Rookie
      Where I work we started to realise that not every user was getting a locked down VDI session, and each time it was the result of a Group Policy failure during the VM startup or user logon.  To warn the users that they had a bad session and to report it to the IT department I came up with the following config.

      Create a Computer GPO which creates an empty key in the following location: "HKLM:\SOFTWARE\Custom\ComputerGPO"
      Create a User GPO which creates an empty key in the following location: "HKCU:\SOFTWARE\Custom\UserGPO"

      Make sure that those GPO's are the last to apply in both cases.

      The attached EM config then checks for the presence of those registry keys.  If there was a problem with any previous GPO's applying, they will be missing, and then a PowerShell script prompts the user to log off and sends an email to the IT department.

      It's exactly infallible, but it's saved us on more than one occasion from a user potentially saving files to the hard drive of their Provisioned VM.