ZPA Up Before Windows Login

Yes perhaps at the end of January. I tried App Version 3.2 today from our Beta tenant and Machine Tunnel works after configuration. The only thing I do not know how to preconfigure the app before first login of the user for device tunnel. But I have a meeting tomorrow afternoon with zscaler where I want to ask for more information.

@stumpfmax, we are looking into the same feature, did you get any feedback on how it is used? There is very sparse information on the Zscaler help portal.

1 Like

Yes i hope Zscaler will provide some inforamtion in the next days for initial deployment of the Zscaler Client Connector. At the moment i have tested the feature after a user got the policy from the cloud settings. But i hope there is a way to preconfigure a package to deploy to the clients for MS Autopilot Computers for example. But for this information i already waiting at the moment.

1 Like

@stumpfmax, did Zscaler provide a way of applying the machine token in the app profile that is not assigned to a specific user or group? I’m trying to understand how a machine token can be applied to a computer without specifying the user/group to apply it to.

Thanks,

Kamdog

No that is also a thing I am waiting for at the moment.

I don’t know if it’ll be different in this situation, but typically the machine token works like this:

  1. Create a Windows App policy with the characteristics that you want. It’ll have a Policy Token field (they all do).

  2. Install ZApp with the Policy Token command line option (or build it into the .MST).

In the past, the Policy Token option would simply remove the need to authenticate ZApp entirely, ever. Here, though, I expect that there will be a way of telling ZApp that “User-auth is needed, so prompt the User when you can, and go from there.”

So, the internal logic would be: If no Windows User, then use Machine Token policy. Of course, I could be entirely wrong here. :slight_smile:

Yes I tested it and it is working as described as in this Zscaler Client Connector Help | Zscaler

msiexec /i c:#YOUR PATH TO MSI#.msi /quiet CLOUDNAME=#YOUR USER DOMAIN# HIDEAPPUIONLAUNCH=1 POLICYTOKEN=#YOUR POLICY TOKEN# REINSTALLDRIVER=1 USERDOMAIN=#YOUR USER DOMAIN#

2 Likes