What technology area does this patent fall under?

Primary CPC classification G06F21/575. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Apr 28 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Persistent enrollment of a computing device based on a temporary user

US10635819B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10635819-B2
Application number	US-201715466837-A
Country	US
Kind code	B2
Filing date	Mar 22, 2017
Priority date	Mar 22, 2017
Publication date	Apr 28, 2020
Grant date	Apr 28, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Systems and methods are included for causing a computing device to implement a management policy prior to a user logging into an operating system on initial boot. As part of initial boot, the computing device contacts a management server for enrollment. Installation of the operating system is paused while the management server synchronizes the software and policies on the computing device. To do this prior to login, the management server can create a temporary user account to associate with the computing device and apply a default management policy. After the installation is complete, an installed management agent can gather user inputs made during login. The management agent can send these inputs to the management server for use in creating an actual user account to associate with the computing device.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for enrolling a computing device with a management server prior to a user initially logging into the computing device, comprising: during initial boot, executing firmware to generate an enroller, the enroller creating a temporary user account in a WINDOWS operating system, the temporary user account enabling interaction with the operating system; blocking the operating system from allowing user login; requesting enrollment with a management server based on the temporary user account, wherein enrollment causes the computing device to enforce management policies defined at the management server; unblocking the operating system after the enrollment is complete; and deleting the temporary user account. 2. The method of claim 1 , further comprising: receiving an update to the enroller from the management server, the update altering functionality related to creation of the temporary user account. 3. The method of claim 1 , wherein creating the temporary user account includes providing account information in an XML file that WINDOWS executes during the initial boot. 4. The method of claim 1 , further comprising displaying graphics to notify a user that enrollment is occurring prior to unblocking the operating system. 5. The method of claim 1 , further comprising: receiving login information from a user after unblocking the operating system; deleting the enroller; and reporting the login information to the management server. 6. The method of claim 5 , wherein the management server associates the enrolled user device with a user account based on the login information. 7. The method of claim 5 , further comprising downloading a management agent from the management server, the management agent enforcing the management policies defined at the management server, wherein the management agent reports the login information to the management server. 8. The method of claim 1 , wherein the enroller blocks login by pausing a binary that is part of a boot process for the operating system. 9. A computing device that enrolls with a management server during initial boot based on a temporary user account, comprising: a non-transitory, computer-readable medium containing instructions; a processor that executes the instructions to perform stages comprising: during initial boot, executing firmware to generate an enroller, the enroller creating the temporary user account in a WINDOWS operating system, the temporary user account enabling interaction with the operating system; blocking the operating system from allowing user login; requesting enrollment with a management server based on the temporary user account, wherein enrollment causes the computing device to enforce management policies defined at the management server; unblocking the operating system after the enrollment is complete; and deleting the temporary user account. 10. The computing device of claim 9 , the stages further comprising: receiving an update to the enroller from the management server, the update altering functionality related to creation of the temporary user account. 11. The computing device of claim 9 , wherein creating the temporary user account includes providing account information in an XML file that WINDOWS executes during the initial boot. 12. The computing device of claim 9 , the stages further comprising displaying graphics to notify a user that enrollment is occurring prior to unblocking the operating system. 13. The computing device of claim 9 , the stages further comprising: receiving login information from a user after unblocking the operating system; deleting the enroller; and reporting the login information to the management server. 14. The computing device of claim 13 , wherein the management server associates the enrolled user device with a user account based on the login information. 15. The computing device of claim 13 , the stages further comprising downloading a management agent from the management server, the management agent enforcing the management policies defined at the management server, wherein the management agent reports the login information to the management server. 16. A non-transitory, computer-readable medium containing instructions for enrollment on initial boot based on a temporary user account, the instructions causing a processor to perform stages comprising: during initial boot, executing firmware to generate an enroller, the enroller creating the temporary user account in a WINDOWS operating system, the temporary user account enabling interaction with the operating system; blocking the operating system from allowing user login; requesting enrollment with a management server based on the temporary user account, wherein enrollment causes the computing device to enforce management policies defined at the management server; unblocking the operating system after the enrollment is complete; and deleting the temporary user account. 17. The non-transitory, computer-readable medium of claim 16 , the stages further comprising: receiving an update to the enroller from the management server, the update altering functionality related to creation of the temporary user account. 18. The non-transitory, computer-readable medium of claim 16 , wherein creating the temporary user account includes providing account information in an XML file that WINDOWS executes during the initial boot. 19. The non-transitory, computer-readable medium of claim 16 , the stages further comprising displaying graphics to notify a user that enrollment is occurring prior to unblocking the operating system. 20. The non-transitory, computer-readable medium of claim 16 , the stages further comprising: receiving login information from a user after unblocking the operating system; deleting the enroller; and reporting the login information to the management server.

Assignees

Vmware Inc

Inventors

Classifications

G06F9/452
Remote windowing, e.g. X-Window System, desktop virtualisation (protocols for virtual reality H04L67/131) · CPC title
G06F21/575Primary
Secure boot · CPC title
H04L63/0815
providing single-sign-on or federations · CPC title
G06F9/4416
Network booting; Remote initial program loading [RIPL] · CPC title
G06F8/61
Installation · CPC title

Patent family

Related publications grouped by family.

View patent family 63582741

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10635819B2 cover?: Systems and methods are included for causing a computing device to implement a management policy prior to a user logging into an operating system on initial boot. As part of initial boot, the computing device contacts a management server for enrollment. Installation of the operating system is paused while the management server synchronizes the software and policies on the computing device. To d…
Who is the assignee on this patent?: Vmware Inc
What technology area does this patent fall under?: Primary CPC classification G06F21/575. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Apr 28 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).