About the KACE Systems Deployment Appliance
Getting started
Tasks for getting started using the appliance
About the appliance components
Log in to the Administrator Console
Filter lists and search for information
Access product documentation
Configure the language settings
Change a default theme for the appliance
Using the Dashboard
Configuring the appliance
Configure the initial network settings
Modify the initial network settings
Changing the default passwords
Setting up user accounts and user authentication
Use the Command Line Console to reset the Administrator's password
Change the Samba share password
Set the VNC® password
Enable Boot Manager authentication
Add custom background image to iPXE console
Configuring the appliance date and time settings
Manage files on the appliance
Configure email notifications
Configure User Interface notifications
Enabling link aggregation
Configuring the data sharing preferences
Participate in KACE Beta program
Linking Quest KACE appliances
Enable appliance linking
Generate KACE Linking Hash
Add Names and Keys to appliances
Disable linked appliances
Migrating appliances
Add or edit local administrator accounts
Configure an LDAP server for user authentication
Test the LDAP server
Delete user accounts
Reviewing user sessions
Configuring security settings
Enable SNMP monitoring
Enable SSL using an existing certificate
Generate private key for new SSL certificate
Disable SSL
Enable database access
Enable SSH Root Login (KACE Support)
Prevent brute-force login attacks
Enable Two-Factor Authentication
Preparing for deployment
Set up the deployment environment
Enable the on-board DHCP server
Configure the offboard DHCP server
Download and install the KACE Media Manager
Download and install Windows ADK
Upload files using the KACE Media Manager
Upload files from shared directory
View source media details
Fingerprint source media OS
View or update source media metadata
Choosing the type of deployment
Supported images types
Managing device inventory
Configure and run a network scan
Add network inventory to the appliance
Scan active and non-active devices on the network
Add devices manually
Join devices to a domain
Issue a Wake-on-LAN request
Deploy to devices in the KACE Systems Management Appliance inventory
View device details from a network scan
Apply a KUID to the KACE Agent
Delete devices from Device Inventory
Delete devices from Network Inventory
Unregister devices
About the device action icons
Run device actions
Access remote devices using a VNC session
Using labels
Create and apply labels
Remove components from a label
Delete a label from the appliance
View the components assigned to a label
Creating a Windows or Linux Boot Environment
Create a Windows boot environment
Create a Linux boot Environment
Update Windows drivers
Set new KBE as default for the appliance
Hide boot environments from the PXE boot menu
Best practices: Create a KACE Boot Environment (KBE) for Windows
Managing drivers
Add drivers to system images
Adding drivers to scripted installation deployments
Capturing images
Enable Driver Feed to automate driver updates
Install driver packages to the appliance
Disable Driver Feed
Create folders to add device-specific drivers
Generate appliance package to import large driver files
Import driver packages to the appliance
Understanding KACE Boot Environment drivers
Add network and storage drivers manually
Re-cache the network and storage driver directory
Add drivers as a post-installation task
View list of missing drivers
Managing network drivers
Download network and storage drivers
Import driver packages
Display device compatibility
View driver compatibility details
Export drivers
Re-cache drivers
Managing operating system drivers
Preparing for capture
Capture system images
Create a single partition
Format C drive as NTFS
Create a UEFI partition
Apply a UEFI partition
Capture System-provided WIM images
Edit a system image
Import WIM images
Managing answer files for Sysprepped images
Best practices for creating Windows system images
Capturing user states
Upload USMT software from the appliance
Upload USMT software from Media Manager
Create USMT Scan Template
Scan user states
Scan user states offline
Deploy user states to target devices automatically
Deploy user states to target devices manually
Creating scripted installations
Create a scripted installation
Edit a scripted installation
Create a configuration file
Registration Data settings
Administrator Account settings
General settings
Network settings
Windows Components setting
Modify a scripted installation to change the source media
Specify deployment options
Modify scripted installation setup configuration file
Install Vista MBR
Install XP 2003 MBR
Creating a task sequence
Adding tasks
Automating deployments
Add Application
Add BAT Script
Add Custom HAL Replacement
Add DiskPart Script
Adding Managed Installation tasks
Add Naming Rule
Add PowerShell Script
Add Provisioning Package
Add Service Pack
Add Shell Script
Add KACE Agent Installer
Add Windows Script
Working with task groups
About uploading files
About runtime environments
Set task error handling option
Assign tasks to system deployment
Assign tasks to scripted installation deployment
Assign tasks to custom deployment
Edit deployment tasks
Create a boot action
Run deployment on next network boot
Modify a boot action
Set default boot action
Configure new WIM images to stream directly from or to the server
Specify deployment options
Schedule a deployment
Delete a boot action
Create a multicast WIM image deployment
Edit the default multicast settings
View automated deployments in progress
View completed automated deployments
Edit failed tasks
View the automated deployment image details
Performing manual deployments
Download the boot environment as bootable ISO
Network boot a target device
Deploy the image manually
View the manual deployments in progress
View the completed manual deployments
Managing custom deployments
Managing offline deployments
About the Remote Site Appliance
Remote Site Appliance setup requirements
Install the RSA on a host device
Configure the RSA network settings
Link the KACE Systems Deployment Appliance to an RSA
Set default KBE for the RSA
Review RSA settings
Next steps
Importing and exporting appliance components
Schedule the export of components
Use Off-Board Package Transfer
Upload packages for import
Import appliance components
Package components to export
Package file names
Managing disk space
Verify available disk space
Delete images not associated with devices
Delete images associated with devices
Delete unassigned scripted installations
Delete unassigned boot environments
Delete source media
Delete unassigned pre-installation tasks
Delete unassigned post-installation tasks
Enabling offboard storage
Add a virtual disk for offboard storage
Revert offboard data to onboard storage
Configure an off-board storage device
Best practices for using external storage
Troubleshooting appliance issues
Test device connections on the network
Enable a tether to Quest KACE Technical Support
Open a support ticket
Troubleshooting the Boot Manager
Updating appliance software
Glossary
About us
Legal notices
Test whether a target device can network boot
Set the Boot Manager timeout
Select the local hard disk boot method
Recovering devices
Shutting down and rebooting the appliance
Best practices for backing up appliance data
Enable SSH Root Login (KACE Support)
Enable SSH Root Login (KACE Support)
|
1. |
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page. |
|
2. |
|
3. |
Prevent brute-force login attacks
Prevent brute-force login attacks
The Brute Force Detection settings on the Security Settings page allow you to configure the number of failed authentication attempts within a specified time frame, after which the appliance prevents any logins for that user name.
|
1. |
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page. |
|
2. |
|
3. |
Enable Two-Factor Authentication
Enable Two-Factor Authentication
Start by installing the authenticator app on your mobile Android or iOS device. You can download the app from Google Play and Apple App Store.
|
NOTE: Using the reset_admin_password command to reset the administrator's password also resets the 2FA token. For more information about this command, see Use the Command Line Console to reset the Administrator's password. |
|
1. |
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page. |
|
2. |
On the Security Settings page, under Two-Factor Authentication, select Enable Two-Factor Authentication. |
|
3. |
|
4. |
|
d. |
|
e. |
The Configure Two-Factor Authentication page closes and the Dashboard appears, indicating that you are now logged in to the appliance with the newly configured 2FA credentials.
|
a. |
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page. |
|
b. |
When you enable 2FA on the appliance, only those users who have 2FA enabled can log in using this additional layer of security. To enforce 2FA for all users logging into the appliance, under Two-Factor Authentication, select Require Two-Factor Authentication for all users. This option overrides the 2FA configuration associated with individual user accounts. For more information, see Add or edit local administrator accounts. |
|
c. |
To specify the length of time during which users who require 2FA can bypass 2FA authentication, under Transition Window, specify the desired time period. This way, for example, if a user leaves their phone at home and cannot generate a new code, they can still access the appliance during the specified amount of time. |
|
6. |