From the Admin Portal, you can view device fingerprint information for enrolled devices.

When viewing device fingerprint information for an enrolled device, you can also force remove the device from the Admin Portal. To force remove a device, click Force Remove.

You can only force remove devices with the device state of Removal Pending. To learn more about device states, see Device States for Enrolled Devices.

To learn more about removing Zscaler Client Connector from devices, see Removing a Device if the Number of Devices Limit is Reached.

You can quarantine a device by clicking Quarantine under Fetch Logs. This prevents the device from re-enrolling. If a device is in quarantine, click Unquarantine. To learn more, see Device States for Enrolled Devices.

To view device fingerprint:

1. In the Admin Portal, go to Infrastructure > Connectors > Client > Device Overview.
2. Click the Device Details icon to view the device fingerprint from the enrolled device.

The Zscaler Client Connector Registered Device Details window appears.

3. In the Zscaler Client Connector Registered Device Details window, you can view:

   • Under Registration Details:

     See image.

     

     Close

     • User ID: The username used for Zscaler Client Connector during enrollment.

     • Department: Department information synced from Internet & SaaS.

       Contact Zscaler Support to enable this feature.

     • Policy Name: The Zscaler Client Connector profile assigned to the device. To learn more, see About Zscaler Client Connector App Profiles.
     • Device ID: An internal Zscaler identifier for the device.
     • External Device ID: The identifier that associates an external MDM device ID with devices in the Admin Portal. This feature is not supported on Zscaler Client Connector for macOS versions earlier than 4.1 and Windows versions earlier than 4.0.
     • Last Registration Time: The last time the user logged in to Zscaler Client Connector on the device.
     • Last Deregistration Time: The last time the user logged out of Zscaler Client Connector on the device.
     • Zscaler Client Connector Version: The Zscaler Client Connector version on the device.
     • Tunnel Version: The last Zscaler Tunnel (Z-Tunnel) version the device connected with.
     • Zscaler Digital Experience Version: The Digital Experience Monitoring version, if enabled on the device.
     • Active Tunnel SDK Version: The current tunnel SDK version to allow admins to track the devices switching between multiple tunnel SDK versions.

   • Under Device Details:

     See image.

     

     Close

     • Owner: If Collect Device Owner Information is enabled, this field displays the device owner information. For Windows and macOS, this is the locally logged in user. For Android and iOS, this is the Zscaler Client Connector username. When disabled, this field does not display device owner information.
     • Machine Hostname: If Collect Machine Hostname Information is enabled, this field displays the machine hostname. When disabled, this field does not display the machine hostname.
     • Unique-ID: The device's unique identifier.
     • OS: The device's operating system.
     • Model: The device's model.
     • Manufacturer: The device's manufacturer.
     • MAC Address: The device's media access control address.
     • Device Locale: The device's locale.
     • Hardware Fingerprint: The device fingerprint.
     • Imprivata User: Yes indicates an Imprivata user is logged in to Zscaler Client Connector.

   • Under Service Status:

     See image.

     

     Close

     • ZIA Enabled: Displays True if the user is entitled for the Internet & SaaS service in Zscaler Client Connector. Displays False if the user is not entitled for the Internet & SaaS service in Zscaler Client Connector.
     • ZIA Health: Displays Active if Zscaler Client Connector is connected to Internet & SaaS. Displays Inactive if Zscaler Client Connector is not connected to Internet & SaaS.
     • Last Seen Connected to ZIA: The last known date and time of connection to Internet & SaaS.
     • ZPA Enabled: Displays True if the user is entitled for the Private Applications service in Zscaler Client Connector. Displays False if the user is not entitled for the Private Applications service in Zscaler Client Connector.
     • ZPA Health: Displays Active if Zscaler Client Connector is connected to Private Applications. Displays Inactive if Zscaler Client Connector is not connected to Private Applications.
     • Last Seen Connected to ZPA: The last known date and time of connection to Private Applications.
     • ZDX Enabled: Displays True if the user is entitled for the Digital Experience Monitoring service in Zscaler Client Connector. Displays False if the user is not entitled for the Digital Experience Monitoring service in Zscaler Client Connector.
     • ZDX Health: Displays Active if Zscaler Client Connector is connected to Digital Experience Monitoring. Displays Inactive if Zscaler Client Connector is not connected to Digital Experience Monitoring.
     • Last Seen Connected to ZDX: The last known date and time of connection to Digital Experience Monitoring.
     • Zscaler Deception Enabled: Displays True if the user is entitled for the Deception service in Zscaler Client Connector. Displays False if the user is not entitled for the Deception service in Zscaler Client Connector.
     • Zscaler Deception Health: Displays Active if Zscaler Client Connector is connected to Deception. Displays Inactive if Zscaler Client Connector is not connected to Deception.
     • Last Seen Connected to Zscaler Deception: The last known date and time of connection to Deception.

   • Under Compliance Status:

     See image.

     

     Close

     • Device State: The device’s policy status. To learn more, see Device States for Enrolled Devices.
     • Last Seen with Zscaler Client Connector Active: The last time that Zscaler Client Connector was active on the device.
     • Last Configuration Download Time: The last time the Zscaler Client Connector profile was updated. To learn more, see Zscaler Client Connector Update Intervals.
     • Configuration Download Count: The total number of times the app profile was updated since enrollment.
     • One-Time Password: Displays a temporary password for log in.
     • Logout, Disable, Uninstall Password: (For Zscaler Client Connector version 4.0 for Windows and Zscaler Client Connector version 4.1 for macOS): The password associated with the device’s app profile. To learn more, see Configuring Zscaler Client Connector App Profiles.

     • For Zscaler Client Connector version 4.0 and later for Windows and Zscaler Client Connector version 4.1 and later for macOS, the following optional one-time passwords listed are associated with the device’s app profile and are configured in app profiles:

       Click the Copy icon to copy the password to your clipboard.

       • Logout OTP: The password users must enter to log out of Zscaler Client Connector.
       • Revert OTP: The password users must enter to revert to the previous Zscaler Client Connector version.
       • Uninstall OTP: The password users must enter to uninstall Zscaler Client Connector.
       • Exit OTP: The password that users can enter to exit the app from the system tray without disabling Internet & SaaS.
       • Disable ZIA OTP: The password users must enter to disable the Internet & SaaS service.
       • Disable ZPA OTP: The password users must enter to disable the Private Applications service.
       • Disable ZDX OTP: The password users must enter to disable the Digital Experience Monitoring service.
       • Disable Endpoint DLP OTP: The password users must enter to disable data protection in Zscaler Client Connector.
     • Device Trust Level: Displays the device trust level based on the configured levels in Internet & SaaS posture profiles. Trust levels can be Low, Medium, High, or Unknown.
     • Anti-Tampering Status: Displays whether anti-tampering is enabled or disabled.

   • Under Fetch Logs:

     See image.

     

     Close

     These fields reflect the process to remotely fetch logs from the device. The Fetch Logs button becomes active for a registered device if an email address has already been configured in Infrastructure > Connectors > Client > App Supportability > Enable Support Access in Zscaler Client Connector. When you click Fetch Logs, Zscaler Client Connector uploads logs from the previous 14-day period to the web server.

     • Fetch Log Status: The following messages display to keep you informed of the fetch log status:
       • Waiting for KeepAlive: Displays after the fetch log request is initiated.
       • Extraction in progress: Displays after the KeepAlive message is displayed.
       • Completion: Displays if the fetch log request is successful.
       • Error while fetching logs: Displays if the fetch log request fails.
     • Log Timestamp: The date and time you click Fetch Logs and Zscaler Client Connector begins uploading the logs to the web server.
     • Log Acknowledge Timestamp: Indicates the date and time the log fetch successfully completed.
     • Log URL: The URL provided after Zscaler Client Connector completes uploading logs.