When running the smc.exe -image command or using the steps in the linked documents below as part of your vdisk image preparation, the Endpoint Security agent of any new Non Persistent VDI (NPVDI) client obtains the same device ID as other NPVDI clients during registration with the cloud.


Prepare Endpoint Protection clients for cloning - https://knowledge.broadcom.com/external/article/180552/prepare-endpoint-protection-clients-for.html

How to prepare Endpoint Protection clients on virtual disks for use with Citrix Provisioning Server - https://knowledge.broadcom.com/external/article/152158/how-to-prepare-endpoint-protection-clien.html


This causes all NPVDI clients using the prepared image to update a single record within the Endpoint Security cloud tenant. The information obtained during cloud registration is located here,
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\CurrentVersion\Identifiers

The epmp-device-id value in the registry will be the same across all NPVDI clients. This value should normally be unique and not the same from device to device.

This does not occur with 14.2 RU2 MP1 and lower.

Release : 14.3 MP1, 14.3 RU1, 14.3 RU1 MP1

Component :

The client side clone prep tool included in Endpoint Security as part of the built in -image command will not entirely delete content necessary for proper registration with the cloud, causing this issue to occur. The epmp-device-id associated to the Endpoint Security agent, while visible in the registry, only reflect the value stored in the client side database that is loaded into memory. You cannot manually delete information from the registry or any files present on the system to clear this information from the client side database for proper device registration to the cloud.

This issue is fixed in Symantec Endpoint Protection 14.3 RU3.  For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec Endpoint Protection.