Enabling BitLocker Encryption to Remote Windows 10 Devices: Workspace ONE Operational Tutorial
VMware Workspace ONE 2102 and laterOverview
Introduction
This tutorial helps you to configure remote encryption for Windows 10 devices with VMware Workspace ONE® UEM (unified endpoint management).
In these exercises, we will configure a BitLocker Encryption profile and verify that the profile has been applied to devices.
We will also explore Workspace ONE UEM device compliance and remediation actions; and creating reports, dashboards, and automated action with VMware Workspace ONE® Intelligence.
The steps are sequential and build upon one another. Ensure that you complete the steps in order.
What Is BitLocker Encryption
Consumer Simple Encryption
When it comes to BitLocker encryption for Windows 10 devices, the security by design approach provides the best user experience. Security by design implements device encryption in a way that feels like a non-disruptive, natural part of the device experience.
Enterprise Secure Devices
Create a BitLocker encryption profile to keep Windows 10 device data enterprise secure. After the profile is configured, Workspace ONE Intelligent Hub automatically enforces encryption settings as part of the device’s general security posture. Use the Workspace ONE UEM compliance engine to ensure devices remain compliant.
For more information, see Microsoft Docs: BitLocker Overview.
Solving Current Device-Encryption Challenges
Two security principles that are top of mind when dealing with device encryption are least privilege and separation of duties.
Workspace ONE UEM leverages role-based access controls (RBAC) for admins, allowing you to grant access to view recovery keys only to the admins who require access.
In addition to RBAC, Workspace ONE UEM logs each action of viewing a recovery key by each admin to the console event logs, which can also be sent to your preferred Syslog provider. This allows for InfoSec to audit admin access to recovery keys to prevent rogue admins from capturing all recovery keys, for example.
Workspace ONE UEM BitLocker encryption also helps in the following ways:
| Current Device Encryption Challenges | Workspace ONE UEM BitLocker Encryption |
|---|---|
| Additional license costs with third-party tools | Eliminate third-party license cost |
| Another third-party agent for encryption |
Single agent for all advanced management capabilities |
| Inability to enforce encryption locally on the device |
Local enforcement for off-network & off-domain devices |
| No separation of duties for admins |
Granular, role-based access controls |
| Complex management via GPOs/scripts |
Simple profile with comprehensive controls |
| Recovery key management |
Auto escrowing of recovery keys |
| High help desk costs for end-user recovery |
Self-service portal key retrieval |
Audience
This operational tutorial is intended for IT professionals and Workspace ONE administrators of existing production environments.
Both current and new administrators can benefit from using this tutorial. Familiarity with networking and storage in a virtual environment is assumed, including Active Directory, Windows Updates, and directory services.
Knowledge of additional technologies such as VMware Workspace ONE® Intelligence and VMware Workspace ONE® UEM is also helpful.
Prerequisites
Before you can perform the procedures in this tutorial, you must satisfy the following requirements. For more information, see the VMware Workspace ONE UEM Documentation and VMware Docs: Encryption Profile (Windows Desktop)
Workspace ONE Requirements
Ensure that you have the following Workspace ONE components installed and configured:
- A Workspace ONE UEM tenant with admin access to:
- Enroll a Windows 10 device into the Workspace ONE UEM environment.
- Configure and deploy a BitLocker policy.
- Workspace ONE self-service portal URL for retrieval of the recovery keys.
- Workspace ONE Intelligence with admin access to:
- Configure reports, dashboards, and automations.
For more details about BitLocker profiles, see VMware Docs: Windows Desktop Encryption Profile.
Windows 10 Device Requirements
On the Windows 10 device, check that you have the following components installed and configured:
- Windows Pro, Enterprise, or Education device - enrolled in Workspace ONE UEM.
- For more information, compare Windows 10 editions, or contact a Microsoft representative.
- Disk with Two partition minimum.
- 350 MB boot partition with the appropriate format:
- NTFS Mode — Use if booting in legacy BIOS mode.
- FAT32 Mode — Use if booting in UEFI mode.
- TPM version 1.2 or later.
- Workspace ONE can provide encryption for devices without TPM. The best practice is to use devices with TPM.
- Meet Windows system requirements for BitLocker.
For additional assistance and information, see:
Enabling BitLocker Encryption with Workspace ONE UEM
Configuring BitLocker Encryption in Workspace ONE UEM
Profiles allow you to modify how the enrolled devices behave. This section helps you configure and deploy BitLocker encryption using a profile, and verify that the profile has been applied to the device.
Configure BitLocker Encryption in Workspace ONE UEM consists of the following tasks:
1. Add Windows 10 Device Profile
- In the Workspace ONE UEM console, select Add.
- Select Profile.
2. Select the Windows Platform
- Select the Windows platform.
- For the Device Type, select Windows Desktop.
- Select the Context of the profile to Device.
3. Configure Profile General Settings
- Select General if it is not already selected.
- Enter a profile name in the Name text box, for example,
BitLocker Encryption. - Click in the Assigned Groups text box.
- This will pop up the list of created Assignment Groups. Select the Assignment Group you want to deploy the profile to.
- Select the Encryption payload and click Configure.
Note: You do not need to click Save & Publish at this point. This interface allows you to move around to different payload configuration screens before saving.
Note: When initially setting a payload, a Configure button will show to reduce the risk of accidentally setting a payload configuration.
4. Configure BitLocker Encryption Settings
- Select OS Drive and All Fixed Hard Drives from the Encrypted Volume drop-down menu.
- Choosing this option encrypts the entire hard disk on the device, including the System Partition where the OS is installed and any additional drives.
- Leave Encryption Method set to System Default.
- When you select another encryption method such as XTS AES 128 bit from the Encryption Method drop-down menu, another option will appear.
- Use the option Default to the System Encryption Method as a fail-safe for devices that do not support the selected encryption method.
- For example, selecting this setting ensures that Windows 10 1507 and below devices—which do not support XTS encryption—will still get encrypted.
- Enable Only Encrypt Used Space During Initial Encryption to reduce the time required for encryption.
Important: The drive’s unused space remains unencrypted, potentially placing confidential data at risk.
- Enter the Self-Service Portal URL,
https://[Your Device Services Host Name]/MyDevicein the Custom URL for the Recovery text box.- This URL displays on the lock screen and directs end users to their recovery key.
Tip: URL shorteners and URL redirections can be used to help users to remember the URL.
For example https://staff.comany.com/mydevice (redirecting to the Workspace ONE UEM Self-Service Portal URL).
- This URL displays on the lock screen and directs end users to their recovery key.
5. Configure BitLocker Authentication Settings
- Using the scroll bar on the right, scroll down to the BitLocker Authentication Settings section.
- Select TPM as the Authentication Mode to use the device’s Trusted Platform Module to authenticate.
- Select Require PIN at startup.
- This option locks out the OS start up and auto-resume from suspend or hibernate until the user enters the correct PIN.
- Specify the Pin Length to match organizational complexity requirements. For example, enter
4. - Select Use Password if TPM Not Present to use a password as a fallback if TPM is unavailable.
- If deselected, devices that do not have TPM do not encrypt.
- Configure Minimum Password Length to match organizational complexity requirements.
- For example, enter
8. Settings apply to the Password Authentication Mode, and the setting Use Password if TPM Not Available.
- For example, enter
6. Configure BitLocker Static Recovery Key Settings
- Using the scroll bar on the right, scroll down to the BitLocker Static Recovery Key Settings section.
- Select Create Static BitLocker Recovery Key to create a shared key for a group of devices. This simplifies key recovery for IT personnel who use the shared key to unlock devices.
- Click the arrow icon to generate a static recovery key.
- Enter
28or any value greater than 0 into the Rotation Period text box to create a rotation schedule. Enter0to opt out of the rotation schedule. - Enter
7into the Grace Period text box to specify the number of days after rotation that the previous recovery key still works.
7. Configure BitLocker Suspend
- Using the scroll bar on the right, scroll down to the BitLocker Suspend section.
- Select Enable BitLocker Suspend.
- This suspends BitLocker encryption during maintenance periods and allows devices to reboot without end-user interaction.
- This setting is particularly important for kiosk or shared devices or updating device drivers or some windows updates.
- Select Schedule from the Suspend BitLocker Type drop-down menu. This suspends BitLocker during a specific time period that repeats daily or weekly.
- Enter the suspend start and end time.
- BitLocker Suspend Start Time — Set to 11:00 PM
- BitLocker Suspend End Time — Set to 6:00 AM
- Select Daily from the Scheduled Repeat Type drop-down menu.
- Click Save & Publish, review the devices assigned, and select Publish.
8. Review BitLocker Profile in Workspace ONE UEM
- In the Workspace ONE UEM Console, navigate to Resources then Profiles and Baselines, then Profiles.
- Search for the BitLocker Encryption Profile. The BitLocker Encryption Profile now appears in the Device Profiles list view.
Verifying BitLocker Encryption Settings
Now that you have configured and deployed BitLocker encryption using a profile, you verify that the profile has applied to the device.
Confirming BitLocker Encryption consists of the following tasks:
- Verify Encryption Status in the Workspace ONE UEM Console.
- Confirm Encryption in Windows 10 Device Settings.
- Confirm Encryption in Elevated Command Prompt (Optional).
On your Windows 10 device, follow the steps to confirm that the encryption settings have applied.
1. Verify Encryption Status in the Workspace ONE UEM Console
There are a few different locations in the Workspace ONE UEM console where you can view the device's encryption details. Let's explore these.
Important:
The Workspace ONE UEM console displays device encryption details specific to BitLocker and not any third-party anti-virus encryption (for example, McAfee).
For details on how to get third-party anti-virus encryption details, we recommend using Workspace ONE Sensors.
1.1. Navigate to Device Details Tab
Select a device in the Workspace ONE UEM console and ensure that you are in the Devices Details view.
- Navigate to the device Summary tab.
- Review BitLocker Status details in the Security section.
1.2. Navigate to Device Security Tab
- Navigate to the Security tab. Select it from the drop-down list if necessary.
- Review BitLocker Encryption details and statuses.
2. Confirm BitLocker Encryption in Windows 10 Device Settings
Encryption can also be confirmed on the device itself. The following steps detail how to confirm BitLocker encryption on the device.
2.1. Open BitLocker
- In the Windows search bar, enter
BitLocker. - Select Manage BitLocker.
2.2. Verify that BitLocker Encryption is Enabled
- Confirm that BitLocker Encryption is
onor is still currently encrypting.
3. Confirm Encryption in Elevated Command Prompt (Optional)
- In the Windows Search bar, enter
Command Prompt. - Select Run As Administrator.
- For a more detailed view, launch an elevated command prompt and enter
manage-bde -status. - Review the Encryption details of each hard drive.
- Review the properties of each status. For example Encryption Method and Percentage Encrypted.
Working with BitLocker Encryption Policy for Multiple Hard Drives
When you are working with a BitLocker encryption policy for multiple hard drives, the encryption method must be the same for all hard drives.
For example:
| ✅ Supported | ❌ NOT Supported |
|---|---|
|
✅ C: Drive using XTS 256 bit & ✅ D: Drive using XTS 256 bit |
❌ C: Drive using XTS 128 bit & ❌ D: Drive using XTS 256 bit |
After you have completed Confirming Encryption in Windows 10 Device Settings, perform the following:
Note: BitLocker authentication policies and suspension policies apply to the device, not for each individual drive.
If you set the TPM for BitLocker authentication, it will be used for all encrypted drives.
1. Review BitLocker Policy
- Review the BitLocker policy and ensure the Encrypted Volume is set to OS Drive and All Fixed Hard drives.
2. Review Multiple Hard Drives
- Navigate to the Security tab, you might need to select it from the drop-down list.
- Review BitLocker Encryption details and statuses for all hard drives.
- Toggle between the drive letters to see the Recovery keys. In this example, we have two additional fixed drives.
- Review the Personal Recovery Key and the Static Recovery Key.
Note: The Static Recovery Key will remain the same for all encrypted drives.
Understanding BitLocker Suspend and Resume
You can configure BitLocker encryption to temporarily Suspend and Resume during a specific time, repeating daily or weekly.
For example, suppose you need to install new software that BitLocker might otherwise block. In that case, you can suspend BitLocker, then resume BitLocker protection on the drive again when you have completed the action during the suspension times.
Suspension of BitLocker does not mean that BitLocker decrypts data on the volume. Instead, the suspension makes the key used to decrypt the data available to everyone in the clear. New data written to the disk is still encrypted.
While suspended, BitLocker does not validate system integrity at start-up. You might suspend BitLocker protection for firmware upgrades or system updates.
For more information, see Microsoft Docs: BitLocker Suspend.
For configuration options, Review Configure BitLocker Suspend and Resume.
Understanding BitLocker Recovery Keys
Understanding Recovery Keys
BitLocker recovery is the process by which you can restore access to a BitLocker-protected drive in the event that you cannot unlock the drive normally.
Workspace ONE UEM leverages role-based access controls (RBAC) for admins, allowing you to grant access to view recovery keys only to the admins who require access.
End-Users can log into Self-Service Portal for BitLocker Recovery Key Retrieval. Roles Based Access Controls (RBAC) are available for the Self Service Portal controls to turn this feature off.
There are many different scenarios where a machine may prompt a user for the Recovery Key on reboot. These are well documented in the Microsoft Docs: BitLocker recovery guide.
Important: Ensure that you read What causes BitLocker recovery in the Microsoft Docs: BitLocker recovery guide. Having a Recovery Key process plan is critical for users to get back into their Windows devices.
- Toggle between the drive letters to see the Recovery keys. In this example, we have additional fixed drives.
- Review the Personal Recovery Key and the Static Recovery Key.
Access Recovery Key in the Self-Service Portal
- Navigate to the Self-Service Portal URL and log in.
- For example, your Self Service URL will be
https://[Your Device Services Host Name]/MyDevice
- For example, your Self Service URL will be
- Click Go To Details.
- Expand the More tab.
- Select Security.
- Navigate to Encryption to find the recovery key.
Enter the Recovery Key
- Enter the BitLocker Recovery key.
- In the policy, we set up a self-service URL; the Self Service URL appears here.
For testing purposes, to force a drive into recovery, open Windows PowerShell as an administrator and enter the following command:
Replace "C:" with the drive letter.
manage-bde C: –forcerecoveryFor more information, see Microsoft Docs: BitLocker ManageBDE ForceRecovery.
Configuring Compliance Policy for Device Encryption
Configuring Device Compliance for BitLocker Encryption
The compliance engine is an automated tool by Workspace ONE UEM that ensures all devices abide by your policies. These policies can include basic security settings such as device encryption status. The Workspace ONE compliance engine detects whether or not encryption is enabled on the device. Windows supports all third-party encryption solutions, therefore Workspace ONE can set a compliance policy around encryption, even if the device has been encrypted using a third-party encryption tool.
When devices are determined to be out of compliance, the compliance engine warns users to address compliance errors to prevent disciplinary action on the device. For example, the compliance engine can trigger a message to notify the user that their device is out of compliance.
You can automate escalations when corrections are not made, for example, locking down the device, marking the device as noncompliant to trigger Zero-Trust access policies with Workspace ONE Access, and notifying the user of any remediation steps. These escalation steps, disciplinary actions, grace periods, and messages are all customizable with the Workspace ONE UEM console.
For more information on Workspace ONE compliance policies, see VMware Docs: Compliance Policies.
1. Add Compliance Policy
- In the Workspace ONE UEM console, select Add.
- Select Compliance Policy.
2. Select the Windows Platform
- Select the Windows platform.
- For the Device Type, select Windows Desktop.
3. Add Compliance Policy Rule
- Select the Rules tab.
- Select Encryption as the compliance flag.
- Change the Rule to Is.
- Select compliance value.
- Drop-down values include Not Applied to System Drive, Not Applied to Some Drives or Suspended.
- For BitLocker Status of Not Applied to Some Drives or Suspended, the Workspace ONE Intelligent Hub 2101 or later is required.
4. Add Compliance Policy Action
Define the consequences of noncompliance within your policy by completing the Actions tab.
- Select the Actions tab.
- Select Command as an Action.
- Select Request Device Check In as the Command.
- This ensures that the device has checked into the Workspace ONE UEM console with the latest information. You can re-evaluate the compliance Rule in the Compliance tab of the device details.
- Select Notify as an Action.
- Select Send Email to User.
- This sends a compliance email to the end user with remediation actions they can take.
- You can select the default template, or customize the compliance templates based on the compliance rule.
- Select Profile as an Action.
- Select from
- Install Compliance Profile - Install a compliance profile.
- Block Remove Profile - Block or remove a specific profile - For example, Certificates.
- Block Remove ALL Profiles - Remove all Profiles from the device until the device is compliant.
- At any escalation step, you can mark the device as non-compliant. This will trigger any conditional access policies you may have set within Workspace ONE Access.
- Click Next.
Tip: The Mark as Not Compliant check box is enabled (selected) by default for each newly added Action.
Tip: If one action has the Mark as Not Compliant option enabled, then all subsequent actions and escalations are also marked as not compliant. These subsequent check boxes cannot be edited.
5. Assign the Compliance Policy
- Ensure that you are on the Assignment tab.
- Select a Smart Group to apply the device compliance policy to.
- Click View Device Assignment to see the devices.
6. View Device Policy Assignment
- Selecting View Device Assignment allows you to review the devices assigned to the compliance policy.
7. Activate the Compliance Policy
- Ensure that you are on the Summary tab.
- Enter a Name for the Compliance Policy.
- For example,
Encryption.
- For example,
- Enter a description for the Compliance Policy.
- For example,
Encryption. You might also want to specify in the description how a similar Encryption Compliance Policy will differ.
- For example,
- Review the Device Summary.
- This displays how many devices in total have been assigned the Compliance Policy. This also displays how many devices are currently Compliant and how many are Non-Compliant.
- Use this information before you activate compliance policies. If your remediation action might cause calls to the help desk, you can apply the compliance policy in stages - or maybe extend the Escalated Actions to 7 days instead of 1 day, for example.
- Click Finish and Activate.
- This activates the policy and compliance actions are sent to the devices.
8. Review Compliance Policy
Navigate to Devices > Compliance Policies > List View.
- Ensure that the Encryption policy is active and review the Compliant status.
Automating Reports for Device Encryption
Creating Reports for Windows 10 Encryption
Workspace ONE Intelligence is designed to simplify user experience without compromising security. The intelligence service aggregates and correlates data from multiple sources to give complete visibility into the entire end-user computing environment.
In this exercise, you will use Workspace ONE Intelligence to generate a report displaying the Windows Device Encryption Details.
Before you begin, ensure that Workspace ONE Intelligence is set up and configured ready to generate the report.
For more information on this initial setup, see Getting Started with Workspace ONE Intelligence Reports and Dashboards: Workspace ONE Operational Tutorial.
1. Create Reports with Workspace ONE Intelligence
Navigate to the Workspace ONE Intelligence console.
- Select the Reports tab.
- Click Add.
2. Add Report
- Select Custom Report and click Start.
3. Add Report Category
- Under Category, select Workspace ONE UEM, then select Devices.
4. Configure Report Details
- Enter a report name.
- In this example, the report is called
Windows Desktop Encryption Status.
- In this example, the report is called
- In the filters, select the following:
- Enrollment Status - Equals - Enrolled.
- This ensures that we are pulling in a report on currently enrolled devices.
- Click the plus icon + to add the following filters:
- Platform - Includes - Windows Desktop
- Click Refresh Preview to see the latest data.
- Next, we will edit the fields displayed. Select the edit columns option.
5. Edit Workspace ONE Reports Columns
- Use the Search function to search for columns to add to the report.
- Expand the column categories to see all available columns.
- Select the column that you want to add.
- Click Add to add the column. This will appear on the right.
- Use the Remove buttons to remove columns from the report.
- Use the up and down arrows to change the column order.
- When you are satisfied with the arrangement of your report data, click Save.
Tip: In this example report, we use the following columns:
- Enrollment Date
- Last Seen
- Ownership
- Compliance Status
- Encryption Status
- bitlocker_encryption_method
- Friendly Name
- Username
- First Name
- Last Name
- OS Version
- Device Name
- Serial Number
- Device Organization Group Name
- Model
6. Review Report Data
- Click Refresh Preview to see the preview of the current data.
- Review the report data and make any adjustments as necessary and ensure that you select Save.
Pro Tip: The field bitlocker_encryption_method comes from Workspace ONE Sensors. Ensure that Sensors are assigned to devices, so they can report back data.
7. Edit, Run, Schedule, or Download the Report
You have now configured a report with data displaying Windows 10 Device Encryption details.
- Select Edit to make any changes.
- Click Run to run the report.
- Select View to view report downloads.
- Select Add Schedule to automate data collection and collaboration.
Troubleshooting BitLocker
Troubleshooting BitLocker
This section covers general troubleshooting information for BitLocker encryption.
1. BitLocker Drive Preparation Tool
The Workspace ONE Intelligent Hub for Windows automatically runs the BitLocker drive preparation tool to ensure that the partition requirements are met. You can run this command manually to test if there are compatible partitions. From an elevated command prompt, enter the following command:bdehdcfg.exe -driveinfo
To prepare the drive, run the following commands in an elevated command prompt:
bdehdcfg.exe -target c: shrinkBdehdcfg.exe -target c: mergeBdehdcfg.exe -target default
Note: If you manually run these commands, we recommend adding the -skiphardwaretest switch so that the system does not require a reboot.
2. Use PowerShell Script to Convert FAT32 to NTFS System Partition
If you have upgraded your Windows 7 systems to Windows 10 and kept them in legacy BIOS mode, the system partition might still be FAT32. You must convert from FAT32 to NTFS for BitLocker to activate.
Note: FAT32 system partition works on Unified Extensible Firmware Interface (UEFI) systems.
To convert, run the following script in PowerShell:
if ($drive = (gwmi win32_volume -Filter "Label = 'System'"))
{
Write-Log "Detected a SYSTEM partition...system still in legacy mode."
#This finds as available drive letter
if (!(test-path H:\))
{
$driveletter = 'H'
}
elseif (!(test-path I:\))
{
$driveletter = 'I'
}
elseif (!(test-path J:\))
{
$driveletter = 'J'
}
elseif (!(test-path K:\))
{
$driveletter = 'K'
}
elseif (!(test-path L:\))
{
$driveletter = 'L'
}
$newletter = ($driveletter + ":")
$drive.DriveLetter = "$newletter"
$drive.Put() #assigning the drive letter
Write-Log "Attempting to convert system partition to NTFS...reboot required for changes to take effect."
$drive.Label | convert.exe $newletter /FS:NTFS /X #converting system partition to NTFS
$drive = (gwmi win32_volume -Filter "Label = 'System'")
Write-Log "Removing temporary drive letter"
Get-Volume -Drive $driveletter | Get-Partition | Remove-PartitionAccessPath -AccessPath "$newletter\" #removing the drive letter so it doesn't show up in file explorer
$global:status = 3
}3. Check Trusted Platform Model (TPM) Health
To check health of TPM on a system, you can launch the TPM snap-in; tpm.msc.
Alternatively, run this PowerShell command:Get-wmiobject -Namespace ROOT\CIMV2\Security\MicrosoftTpm -Class Win32_Tpm orget-tpm
3.1. Open TPM.msc
- On the Windows device, click in the search text box and enter
TPM.msc. - Select Run as administrator.
3.2. Confirm TPM Status
- Confirm that the TPM Status is Ready for Use.
3.3. Confirm TPM Status in PowerShell
- Open PowerShell as an administrator.
- Run the command
get-tpm. - Confirm values for TPMPresent and TPMReady Status.
4. Export BitLocker Event Viewer Logs
To export BitLocker event viewer logs, enter the following in an elevated command prompt:Get-WinEvent -logname 'Microsoft-windows-BitLocker/BitLocker management' -maxevent 30 | export-csv c:\eventviewer.csv
Summary and Additional Resources
Conclusion
This operational tutorial provided steps to configure remote encryption for Windows 10 devices with Workspace ONE UEM.
The exercises contained the steps on how to configure a BitLocker Encryption profile and verify that the profile applied. We also explored Workspace ONE UEM device compliance and remediation actions and creating reports, dashboards, and automated actions with Workspace ONE Intelligence.
Additional Resources
For more information about Workspace ONE, explore the VMware Workspace ONE Activity Path. The activity path provides step-by-step guidance to help you level up in your Workspace ONE knowledge. You will find everything from beginner to advanced curated assets in the form of articles, videos, and labs.
Additionally, you can check out the VMware Workspace ONE and VMware Horizon Reference Architecture which provides a framework and guidance for architecting an integrated digital workspace using VMware Workspace ONE and VMware Horizon.
For more information on Managing Windows 10 Devices with Workspace ONE, see the Understanding Windows 10 Management Activity Path.
The content in this section helps you establish a basic understanding of Windows 10 management in the following categories:
Changelog
| Date | Description of Changes |
|---|---|
|
2021-04-08 |
|
| 2018-09-11 |
|
About the Author and Contributors
This tutorial was written by:
- Darren Weatherly, Senior Architect, End-User-Computing Technical Marketing, VMware.
- Josué Negrón, EUC Staff Architect, End-User-Computing Technical Marketing, VMware.
With significant contribution from:
- Adarsh Kesari, Consulting Architect, End-User-Computing, VMware.
- Saurabh Jhunjhunwala, Consultant, End-User-Computing, VMware
Feedback
Your feedback is valuable.
To comment on this tutorial, contact VMware End-User-Computing Technical Marketing at euc_tech_content_feedback@vmware.com.