We're in the process of rolling out the new Pulse Secure branded version of the Pulse desktop client and enabled a post authentication notification message to reasure the users nothings really changed other then the branding.
The message is set up to only show if they are using the new client and the "Skip if already shown" option is enabled on the sign-in policy so in theory they only see it the first time they connection.
This seems to work for a while and then suddenly they get the message again.
In the admin logs I am seeing messages (ADM22862) for the users being removed from the authentications server. Could this be causing the issue and if so how to I control the removal?
If not any other ideas why the system is not remembering the user has seen the message?
I think the 'ADM22862' event is the root cause. Since the 'Skip if already shown' feature works when you sign in from different clients the value must be stored on server side and not client. And on server-side almost all user related data is stored in a user record (which is what gets deleted in 'ADM22862' event).
Can you try enabling the role level option "Show Last Login IP or Time" to test if above is the root cause? (http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB9984)