This site is only for Avast Business products. For articles on AVG Business products, see AVG Business Help.

Device cloning

This Article Applies to:

  • Business Hub
  • Avast Business On-Premise Console

The Business Hub and On-Premise Console come equipped with the functionality of device cloning/device mirroring. When cloning a master hard drive image or VM image with Avast Business Antivirus ready for a deployment to multiple machines around the network, you will need to carry out the following tasks on the master hard drive that you will be cloning.

In cases where the clones will have the same BIOS serial number, please use the steps in this article to ensure the devices are correctly identified.

Business Hub Process

On the master hard drive image or VM image:

  1. Install the Avast Business Antivirus agent on the master device/VM
  2. Turn off the device, snapshot it, then turn it back on
  3. Disconnect the device from your network
  4. Change the device’s name
  5. Open CMD as an administrator and enter the following command:
    • For 64 Bit OS: C:\Program Files (x86)\AVAST Software\Business Agent\setup.exe -c
    • For 32 Bit OS: C:\Program Files\AVAST Software\Business Agent\setup.exe -c
  6. Open RegEdit and check the CL value: HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\Business Agent
    • CL value will be set to 1
  7. Turn off the device

Booting a clone

  1. Create a clone from the master device
  2. Regenerate a new MAC address for the clone
  3. Revert the master device and turn it on
  4. Connect the master device to your network
  5. Turn on the cloned device
  6. Connect the cloned device to your network

Two devices should appear in the Business Hub.

On-Premise Console Process

On the master hard drive image or VM image:

  1. Open CMD as an administrator and enter the following command:
    • For 64 Bit OS: C:\Program Files (x86)\AVAST Software\Business Agent\setup.exe -c
    • For 32 Bit OS: C:\Program Files\AVAST Software\Business Agent\setup.exe -c
  2. Open the Antivirus client on the device
  3. Navigate to Menu ▸ Settings ▸ Troubleshooting ▸ uncheck the box beside Enable Self Defense
  4. From services.msc, stop these Avast Business Console services:
    • Avast Business Console Client
    • Avast Business Console Client Antivirus Service
  5. Delete the following directory: C:\ProgramData\AvastSoftware\Avast\Var

After the above steps, the master hard drive image or VM image of the device can be shutdown / is ready to be cloned.

When the master hard drive image restarts and boots up, authentication will occur between the Business Hub and the image. The physical MAC address of the machine will be compared against the MAC(s) it has listed in the registry at the following key:

  • 64 bit: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVAST Software\Business Agent/Macs
  • 32 bit: HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\Business Agent/Macs

You will see that the REG DWORD for these locations will be a value of 0=hex:00,0c,29,b2,15,f7

Since this is the master hard drive image or master VM image, the physical MAC address will find a match in the registry. In this case, the code will just continue on with the normal authentication instead of installing the client as though it were a clone.

First boot of a proper Business Hub clone:

When a clone has been prepared using your cloning/ghosting software and is run for the first time, the physical MAC address of that machine will not find a match in the registry. This is because the MAC address for the cloned device has to be unique on a given network.

When this condition is detected during the first authentication (please see step 1), the code will perform the following:

  1. The MAC address entries in the registry will be cleared and rewritten with the physical MAC(s) of the clone.
  2. The ccl_id (unique machine id) will be cleared from the registry so that a new, unique one can be generated and stored.
  3. A Create Device request will be posted to the authentication server which will create a new device record for the clone with a new computer name, a new ccl_id and new nic(s) record(s) (please see above). A new device id is returned from the authentication server and this gets written to the registry as well as the local policy.
  4. The CL registry key value will be set to 0, and will not be set as 1.

Repairing a clone that was created without invoking setup.exe -c:

Open CMD as an administrator and enter the command: C:\Program Files (x86)\AVAST Software\Business Agent\setup.exe -b

  • 64 bit: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Business Agent
  • 32 bit: HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\Business Agent

The CL registry key value dword will be =dword:00000002

Once this registry key value has been written, the code will post a re-authentication message to the AvastTrayApp.exe which will start a re-authentication of the client against the authentication server.

During this re-authentication, all the same steps that are performed in the first step above are performed. The main difference being that the local active NIC record is automatically deleted from the master device record in the back-end database as well as from the clone's local policy database. When the clone repair is complete, the CL key value will be changed to 0 from value of 2.

In order for the -b (bad clone repair) option to complete on the clone, it must finish going through a complete re-authentication, this could take up to several minutes. Also, the master hard drive image or master VM image will need to go through a re-authentication as well in order for it to update the computer name in its device record and retrieve the updated NICs table. The master re-authentication may be manually invoked by the user or else it will happen automatically during the next reboot.

Scripts

These scripts can be applied for all virtualization types, not just Hyper-V, and can repair existing clones.

Display the BIOS UUID

$VMName = 'vmname'

(Get-CimInstance -Namespace Root\Virtualization\V2 -ClassName Msvm_VirtualSystemSettingData -Filter "ElementName = '$VMName'").BiosGUID

pause

Change the UUID after reboot

$VMName = 'vmname'

$MSVM = gwmi -Namespace root\virtualization\v2 -Class msvm_computersystem -Filter "ElementName = '$VMName'"

# get current settings object

$MSVMSystemSettings = $null

foreach($SettingsObject in $MSVM.GetRelated('msvm_virtualsystemsettingdata'))

{

$MSVMSystemSettings = [System.Management.ManagementObject]$SettingsObject

}

# assign a new id

$MSVMSystemSettings['BIOSGUID'] = "{$(([System.Guid]::NewGuid()).Guid.ToUpper())}"

$VMMS = gwmi -Namespace root\virtualization\v2 -Class msvm_virtualsystemmanagementservice

# prepare and assign parameters

$ModifySystemSettingsParameters = $VMMS.GetMethodParameters('ModifySystemSettings')

$ModifySystemSettingsParameters['SystemSettings'] = $MSVMSystemSettings.GetText([System.Management.TextFormat]::CimDtd20)

# invoke modification

$VMMS.InvokeMethod('ModifySystemSettings', $ModifySystemSettingsParameters, $null)

pause