Basic Golden Image Settings
A "Golden Image" is the base ("Master") desktop image. It is the model for clone images.
To create the Golden Image:
-
Install the Windows OS.
-
Configure the network settings:
-
Configure the network settings to match your environment settings (DNS, Proxy).
-
To verify that the configuration is correct, add it to your domain.
-
Make sure you can ping Domain FQDN.
-
Make sure you can ping Connection Server FQDN.
-
-
Install the required software and tools.
-
Install the latest Windows updates.
-
Optimize the Guest machine in one of these ways:
-
Optimize the master image according to the Microsoft VDI Recommendation.
-
Use the Vendor's specific optimization tool:
-
VMware - VMware OS Optimization Tool.
-
Citrix - Citrix Optimizer.
-
Important - Make sure that you do not disable the Windows Security Center service.
-
-
Install the Virtual Delivery Agent (VDA).
-
VMware Horizon:
-
Version 7.10 supports up to 19H1.
-
Make sure that during installation you choose the correct settings (Linked clones or Instant Clones).
-
-
Citrix:
-
Make sure that during installation you choose the correct settings (MCS / PVS).
Notes for Citrix PVS:
-
Before the first Endpoint installation, boot the machine from the network using the relevant vDisk in Read / Write mode.
-
When upgrading Endpoint in maintenance mode, make sure that you upgrade the vDisk through the golden image and not one of the clones.
-
The transfer of a clone back to the golden image is not supported.
-
-
-
Configure Trust with the Domain Controller:
-
Make sure that the golden image has a Trust Relationship with the Domain Controller.
-
You can use this PowerShell command:
Test-ComputerSecureChannel
-
-
Install an Endpoint Security Client:
-
Create an exported Endpoint client package.
-
Install the Endpoint client package as administrator.
-
Get the latest Anti-Malware A component of the Endpoint Security client that protects against known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers. signatures.
Best Practice - Update manually with Update Now from the Endpoint tray icon at least once a day.
-
Scan for malware.
Best Practice - Scan manually with Scan System Now from the Endpoint tray icon for every signature update.
-
-
Shut down the Virtual Machine.
-
Save the snapshot.