Estamos com os problemas descritos aqui: link onde um usuário expulsa outro usuário da VPN ao se conectar. Nossos PCs foram clonados depois que o Junos GUID foi criado. O artigo da KB diz para:
A configuração de conexão do Junos Pulse, localizada em C:\Program Files (x86)\Common Files\Juniper Networks\ConnectionStore\connstore.dat , contém a seguinte seção:
machine
"local" {
guid: "9e4898e81ca026623e7fb4c9f4de1f678244fa62"
pulse-language: "en-US"
}
Eu tentei excluir a linha GUID do connstore.dat file , mas se eu reiniciar o cliente Junos, ele definirá o mesmo GUID em vez de um novo, então o problema de GUID duplicado persistirá.
Eu também tentei excluir o arquivo connstore.bak e excluir a linha GUID de connstore.dat, mas ainda tenho o mesmo GUID.
Alguém mais se deparou com isso e conseguiu consertá-lo? Eu estou supondo que o GUID é armazenado em cache no servidor VPN e, quando eu me conecto, o cliente envia uma chave para procurar o GUID.
Eu percebi isso.
Antes de editar connstore.dat para excluir a linha GUID, você deve primeiro entrar em Services e parar Juniper Unified Network Service .
Ou no Gerenciador de Tarefas, você pode matar: dsAccessService.exe / Juniper Access Service
O serviço será reiniciado quando você reiniciar o cliente Junos.
A seguinte solução funcionou para mim: Parei o Serviço de Rede Unificada da Juniper, conforme especificado na resposta de Walter Stabosz, depois removi o guid do arquivo connstore.dat, mas também do Registro:
HKEY_CURRENT_USER\Software\Juniper Networks\Device Id, key: DeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Juniper Networks\Device Id, key: DeviceId
Após reiniciar o Juniper Unified Network Service e o cliente Junos, o novo guid foi gerado.
Remova a chave do Registro e reinicie o serviço. O Connstore.Dat será atualizado automaticamente com uma nova chave após você reiniciar o serviço.
Uma KB foi criada para isso no site da Juniper. ( link , agora artigo localizado lá: link )
Eu confirmo também que agora você precisa apagar também o registro como @ tafiq3's:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Juniper Networks\Device Id
Summary:
This article describes the issue of Junos Pulse being frequently disconnected for multiple Junos Pulse Desktop users.
This issue can occur, if multiple users have the same guid string value for the local machine ID in the Connection Store configuration data file; which is created, when installing Junos Pulse for the first time.
The issue is intermittent and can occur at any time during the session. At other times, the session is not affected and the Junos Pulse user stays connected, until they sign out.
Problem or Goal:
Multiple users report frequent disconnects with the Junos Pulse desktop client that occur randomly. The following error message is generated on the desktop, when Junos Pulse is disconnected:
Cause:
When deploying Junos Pulse desktop to end-users, if the Junos Pulse client is pre-installed on Windows OS and an image is created from this, which is shared across multiple endpoints, then the local machine ID that gets stored in the Junos Pulse Connection Store configuration data file will be the same for every machine that the image is used on.
The Junos Pulse Secure Access Gateway Series device identifies user sessions that connect with the Junos Pulse clients by the local machine identifier, which is sent to the server, when a connection is established via Junos Pulse. The Junos Pulse Secure Access Gateway Series device will terminate a Junos Pulse session, if another Junos Pulse session is started with the same guid value, for security reasons.
To determine if Junos Pulse users in your environment are affected by this issue, collect the Junos Pulse logs and diagnostics logs from the Junos Pulse client, from each individual client PC. Open the logs and Diagnostics folder from the user's PC and browse to the ConnectionStore folder, which will contain the connstore.dat file. Open this file with a text editor and locate the following parameter:
machine "local" { guid: "d96b50d4275ef266d402348641e6b57b10b48bd3" pulse-language: "en-US" }
If the guid string is identical across multiple client PC's, then this confirms the issue.
Solution:
When deploying Junos Pulse, which is pre-installed for a Windows OS image being shared across multiple endpoints, the guid value for the local machine should be removed from the Junos Pulse configuration file, after installing Junos Pulse; so that the Junos Pulse configuration data files in the root image do not contain a guid value that would be replicated on all machines. A new and unique guid value will be generated for each user, when Junos Pulse is launched and run for the first time.
Perform the following procedure to reset the guid for users, who have already installed Junos Pulse and have duplicate guid values in the Junos Pulse configuration file or the master image (which is used to pre-image multiple PC's with an image that Junos Pulse has already been pre-installed on): 1.When Junos Pulse is installed browse to C:\Program Files(x86)\Common Files\Juniper Networks\Connection Store and open the connstore.dat file in a text editor.
2.Locate the following parameter: machine "local" { guid: "41cbc0d2a1a100855755b4355d6d2579836694cd" pulse-language: "en-US" }
3.Remove the guid value from the parameter by deleting the entire second line. This will change the parameter setting to:
machine "local" { pulse-language: "en-US" }
4.Save the modified connstore.dat file to the original directory.
Note: It may be necessary to edit the 'connstore.dat' file in a Text Editor, which is 'Run As Administrator', if these changes are locally made from the affected PC; due to the folder and file permissions that are set on the directory.
5.Go to Task Manager > Services tab, locate and stop the JuniperAccessService service, and/or reboot the PC to restart the service. When the service is restarted and Junos Pulse has been launched again, a new and unique guid will be generated and stored in the user's connstore.dat file.
6.On Mac OS X the following script can be used:
!/bin/bash
stop pulse access service
remove local guid from connstore.dat
restart service plist='/Library/LaunchDaemons/net.juniper.AccessService.plist'
connstore='/Library/Application Support/Juniper Networks/Junos Pulse/connstore.dat' guid=xxx....xxx sudo launchctl unload ${PLIST.EN_US} sudo sed -i .bak "/${GUID.EN_US}/d" "${CONNSTORE.EN_US}" sudo launchctl load ${PLIST.EN_US}
Note: The 'connstore.dat' file also contains the connections that are displayed in the Junos Pulse UI, when it is launched. So, it is recommended that the above procedure be performed to modify only the portion of the 'connstore.dat' file, which was specified above, to resolve this issue; as opposed to deleting the 'connstore.dat' file from the user's PC. If the connstore.dat file is deleted from the PC, the user will need to manually recreate any and all connections that they regularly access.
Para um MAC executando o Junos Pulse 5.x, execute o seguinte script:
#!/bin/bash
# stop pulse access service
# remove local guid from connstore.dat
# restart service
sudo launchctl unload /Library/LaunchDaemons/net.juniper.AccessService.plist
sudo rm -rf "/Library/Application Support/Juniper Networks/Junos Pulse/DeviceId"
sudo sed -i .bak "/guid/d" "/Library/Application Support/Juniper Networks/Junos Pulse/connstore.dat"
sudo launchctl load /Library/LaunchDaemons/net.juniper.AccessService.plist
Nota: Este script é a versão encontrada no KB (referenciada na resposta do yagmoth555), mas com um erro corrigido.
O link para a KB agora é o seguinte: