Please use the PulseUpgradeHelper as per the guidelines provided below,
1. Identify a file location where the end-users can access upon successful VPN connection. Ensure that share is “Read-Only” for security reasons.
2. Check the sample script below, create a BAT
file and place it along with the PulseUpgradeHelper.exe
(attached) in this identified location.Sample Script Content (Paths can be modified if needed):
title Pulse Upgrade Helper
xcopy \\<IP_OF_THE_SMB_SHARE>\<SUB_PATH_TO_DIR_CONTAINING_TOOL>\%PROC_NAME% /K /H /Y
%PROC_NAME% -ive: <FQDN_OR_IP_OF_PCS>
FOR /F %%x IN ('%WinDir%\System32\tasklist.exe /NH /FI "IMAGENAME eq %PROC_NAME%"') DO IF %%x == %PROC_NAME% goto FOUND
echo Not running
echo Searching for %PROC_NAME% process; Polling after 10 seconds
%WinDir%\System32\timeout.exe /t 10
echo %PROC_NAME% is not running
del /f /q %PROC_NAME%
echo "This script will now self-destruct. Please ignore the next error message"
del /f /q "%~f0"
Please be aware that there is a space in %PROC_NAME% -ive: <FQDN_OR_IP_OF_PCS>
3. Configure the "Session start script
" by navigating to the path below from Pulse Connect Secure (PCS) server.
- Users -> User Roles -> Choose the Role(s) -> VPN Tunneling.
- Configure the batch file location under the "Windows: Session start script" option. For e.g. \\<Share>\PulseUpgradeHelper.bat and Save Changes.
- Please avoid configuring this on affected PCS versions per KB44781. Ensure that those affected PCS versions including 9.1R7 or below are also upgraded to PCS versions that have the fix before configuring this script.
- IE users should remove any iexplore.exe (Internet Explorer instances) from the task manager.
- All per-user components will be uninstalled.
- The end-point should have a functional Pulse Desktop Client (9.0x and above are compatible) installed for this to work as this is a Post VPN start script.
- Customers who would like to only clean up old client components and do not want to upgrade PDC, can disable "Auto Upgrade/Web installation" on PCS.
- The Pulse Upgrade will trigger only if PCS is hosting a newer PDC release. No action is taken if PDC installed is the same as PDC hosted on PCS.
- Hybrid users (Browser/Stand-Alone PDC users) will be benefited from this as it is applicable to all Supported browsers (IE, Chrome, FF, etc.,).
- PDC upgrade (if configured) will be triggered after the client component cleanup without prompting for elevation (This is currently interactive and won’t need any rights elevation from the end-users as it runs in the Pulse installed context).
- This script will not re-run on machines that have Old Client components already removed.
- This is not supported for PDC use cases where SAML with External Browser with HC Enabled is used.