Chat now with support
Chat mit Support

KACE Systems Management Appliance 14.1 Common Documents - Administration Guide

About the KACE Systems Management Appliance Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Managing user notifications Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings Configuring Content Security Policy
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Deploying the KACE Agent to managed devices Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates About Remote Control Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Managing Linux package upgrades Manage quarantined file attachments
Using reports and scheduling notifications Monitoring devices
Getting started with monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

About Agentless device management

About Agentless device management

Agentless device management is a method of managing devices without the need to deploy and maintain the KACE Agent software on those devices.

Agentless management uses SSH, SNMP, and other methods to connect to Agent-intolerant devices, such as printers, network devices, and storage devices, and report the collected inventory information to the appliance Administrator Console. Using Agentless management is useful for operating system versions and distributions that are not supported by the KACE Agent, and where Agentless management is preferred over installing the Agent.

There are some differences between the features that are supported for Agent devices and Agentless devices. See Features available for each device management method.

Operating systems supported by Agentless management

Agentless management supports a variety of device operating systems.

The following table shows the device operating systems that are supported by Agentless management:

Operating system

CentOS

Chrome OS

Debian

Fedora

FreeBSD

Mac OS X

Oracle Enterprise Linux

Red Hat Enterprise Linux*

SUSE*

Solaris

Ubuntu*

Windows

Windows Server

*Most recent versions can also be managed with the KACE Agent.

About enabling Agentless management on Agent-managed devices

Agentless management can be enabled for any discovered device, including devices that have the KACE Agent installed.

However, using both methods for managing a single device is not recommended. If both methods are enabled for a device, both the device, and its software, appear twice on inventory lists. As a result, it is better to not to enable Agentless management on Agent-managed devices.

Operating systems supported by Agentless management

About Agentless device management

Agentless device management is a method of managing devices without the need to deploy and maintain the KACE Agent software on those devices.

Agentless management uses SSH, SNMP, and other methods to connect to Agent-intolerant devices, such as printers, network devices, and storage devices, and report the collected inventory information to the appliance Administrator Console. Using Agentless management is useful for operating system versions and distributions that are not supported by the KACE Agent, and where Agentless management is preferred over installing the Agent.

There are some differences between the features that are supported for Agent devices and Agentless devices. See Features available for each device management method.

Operating systems supported by Agentless management

Agentless management supports a variety of device operating systems.

The following table shows the device operating systems that are supported by Agentless management:

Operating system

CentOS

Chrome OS

Debian

Fedora

FreeBSD

Mac OS X

Oracle Enterprise Linux

Red Hat Enterprise Linux*

SUSE*

Solaris

Ubuntu*

Windows

Windows Server

*Most recent versions can also be managed with the KACE Agent.

About enabling Agentless management on Agent-managed devices

Agentless management can be enabled for any discovered device, including devices that have the KACE Agent installed.

However, using both methods for managing a single device is not recommended. If both methods are enabled for a device, both the device, and its software, appear twice on inventory lists. As a result, it is better to not to enable Agentless management on Agent-managed devices.

About enabling Agentless management on Agent-managed devices

About Agentless device management

Agentless device management is a method of managing devices without the need to deploy and maintain the KACE Agent software on those devices.

Agentless management uses SSH, SNMP, and other methods to connect to Agent-intolerant devices, such as printers, network devices, and storage devices, and report the collected inventory information to the appliance Administrator Console. Using Agentless management is useful for operating system versions and distributions that are not supported by the KACE Agent, and where Agentless management is preferred over installing the Agent.

There are some differences between the features that are supported for Agent devices and Agentless devices. See Features available for each device management method.

Operating systems supported by Agentless management

Agentless management supports a variety of device operating systems.

The following table shows the device operating systems that are supported by Agentless management:

Operating system

CentOS

Chrome OS

Debian

Fedora

FreeBSD

Mac OS X

Oracle Enterprise Linux

Red Hat Enterprise Linux*

SUSE*

Solaris

Ubuntu*

Windows

Windows Server

*Most recent versions can also be managed with the KACE Agent.

About enabling Agentless management on Agent-managed devices

Agentless management can be enabled for any discovered device, including devices that have the KACE Agent installed.

However, using both methods for managing a single device is not recommended. If both methods are enabled for a device, both the device, and its software, appear twice on inventory lists. As a result, it is better to not to enable Agentless management on Agent-managed devices.

Managing Agentless devices

Managing Agentless devices

To manage devices without installing KACE Agent software, you can enable Agentless management using Discovery information or by entering device connection details manually.

Features available to Agentless devices differ from those features available to Agent-managed devices. See Features available for each device management method.

Enable Agentless management using Discovery information

You can enable Agentless management using Discovery information.

1.
Go to the Discovery Results list:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Discovery Results.
3.
Select Choose Action > Provision > Agentless: Automatic.

: Agentless management is enabled for the device.

: Agentless management is enabled for the device, but the device is not currently reachable.

Depending on the device, the appliance uses various connection types to run commands on the selected devices, obtain inventory information, and display that information on the Device Detail page. Information is updated according to the inventory schedule for Agentless devices. See:

Enable Agentless management by entering device information manually

You can enable Agentless management by entering device information manually.

You can choose from the following connection types: SSH, SNMP, WinRM, and VMware. WinRM is the connection type to use for Windows devices.

1.
Go to the Devices list:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Devices.
2.
Select Choose Action > New > Agentless Device to display the Agentless Device Connection Details page.

Option

Description

Name

The hostname or IP address of the device.

Asset Subtype

The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.

NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates.

Connection Type

The connection method to use to connect to the device and obtain inventory information, in this case, SSH.

Port

The port number the appliance uses to connect to the device. No input is required for the following the default port number (22).

Credentials

The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.

See Add and edit User/Password credentials.

Sudo Password

The name of a service user account with permission to connect to devices. Using a service account and Sudo Password is useful when you want to avoid using root credentials to access devices. On some devices, however, higher privileges enable the appliance to retrieve more detailed inventory information.

Operating System

The operating system of the device.

Shell

The shell to use during connections. See Shell support for SSH connections.

Log Level

The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug.

Enable Inventory

The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted.

DNS Server

The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails.

Relay Device

The name of the device that you want to use as a relay for agentless device inventory.

A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network.

Option

Description

Name

The hostname or IP address of the device.

Asset Subtype

The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.

NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates.

Connection Type

The connection method to use to connect to the device and obtain inventory information, in this case, SNMP.

SNMP (Simple Network Management Protocol) is a protocol for monitoring managed devices on a network. To enable SNMP, port 161 must be open on the appliance and on the device.

SNMP scan results include all SNMP capable devices. Remote shell extensions enable the appliance to connect, run commands, and capture information that can be managed as inventory. For more information about SNMP options, see Add a Discovery Schedule for SNMP-enabled non-computer devices.

SNMP Version

The version of SNMP to use for connections. SNMPv1 and SNMPv2c do not use authentication or encryption.

SNMP v3 uses authentication and encryption algorithms to increase the security of SNMP communications. When you configure the SNMP v3 options, the appliance performs an SNMP v3 scan on selected devices. If that scan fails, the appliance attempts an SNMP v1 scan using the specified Public String

Credentials

The details of the service account required to connect to the device and run commands using SNMP v3. Select existing credentials from the drop-down list, or click Add new credential to add credentials not already listed. Credentials are not required for SNMPv1 and SNMPv2c.

See Add and edit User/Password credentials.

Inventory Configurations

One or more inventory configurations for the new SNMP agentless device, such as Brother Laser Printer: Color, and others.

Inventory Type

The method used to collect inventory information.

Inventory: Collect a subset of device information, such as the IP Address, MAC Address, and device name.
Inventory/Walk: Conduct a full SNMP walk to collect inventory information. The full walk results appear on the Device Detail page.

Log Level

The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug.

Enable Inventory

The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted.

DNS Server

The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails.

Relay Device

The name of the device that you want to use as a relay for agentless device inventory.

A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network.

Option

Description

Name

The hostname or IP address of the device.

Asset Subtype

The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.

NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates.

Connection Type

The connection method to use to connect to the Windows device and obtain inventory information, in this case, WinRM.

Port

The port number the appliance uses to connect to the device. No input is required for the following default port number: 5985.

Credentials

The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.

See Add and edit User/Password credentials.

Require Kerberos

If selected, Kerberos is required for authentication. NTLM will not be used as an alternative when Kerberos is unavailable.

Using Kerberos requires DNS Lookup to be enabled in the same discovery configuration. The DNS Server is also required in the local appliance network settings.

Log Level

The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug.

Enable Inventory

The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted.

DNS Server

The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails.

Inventory Hyper-V or Virtual Machine Manager

Select this option to allow the appliance to import a Microsoft Hyper-V or System Center Virtual Machine Manager infrastructure using agentless management. For more information about this feature, see Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager.

Relay Device

The name of the device that you want to use as a relay for agentless device inventory.

A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network.

Option

Description

Name

The host name or IP address of the ESXi host or the vCenter Server.

Asset Subtype

The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as VMware devices. For example, hypervisors (ESXi hosts). See About Asset Subtypes, custom fields, and device detail preferences.

Connection Type

The connection method to use to connect to the VMware device and obtain inventory information.

VMware Type

The VMware device type: ESXi or vCenter Server.

Credentials

The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. An account with read-only access can be used. See Add and edit User/Password credentials.

Log Level

The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug.

Enable Inventory

The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted.

DNS Server

The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails.

4.
Click Test Connection.
5.
Click Save.
The Agentless device is added. If Enable Inventory is selected, inventory information is updated according to the Agentless device inventory schedule. See Schedule inventory data collection for managed devices.
Shell support for SSH connections

Operating systems vary in their support of shells used for SSH connections between the appliance and managed devices.

The following table shows the shells available for SSH connections for each operating system.

Table 22. Shell support for SSH connections by operating system

Operating system

Default shell

Supported shells

CentOS

bash

bash, sh

Debian Linux

bash

bash, sh

Fedora

bash

bash, sh

FreeBSD

csh

bash, csh, sh

Mac OS X

sh

bash, sh

openSUSE/SLES™

bash

bash, sh

Oracle Enterprise Linux

bash

bash, sh

Red Hat® Enterprise Linux®

bash

bash, sh

Ubuntu

bash

bash, sh

Edit Agentless device connection details or delete Agentless devices

You can edit the device connection details for Agentless devices and you can delete Agentless devices as needed.

1.
Go to the Devices list:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Devices.
3.
In the Summary section, click Edit in the Device Entry Type row to display the Agentless Device Connection Details page.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen