Chatee ahora con Soporte
Chat con el soporte

KACE Systems Management Appliance 14.1 Common Documents - Administration Guide

About the KACE Systems Management Appliance Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Managing user notifications Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings Configuring Content Security Policy
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Deploying the KACE Agent to managed devices Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates About Remote Control Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Managing Linux package upgrades Manage quarantined file attachments
Using reports and scheduling notifications Monitoring devices
Getting started with monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

Subscribe to Windows Feature Updates

Subscribe to Windows Feature Updates

You can subscribe to Windows Feature Updates for your managed Microsoft Windows 10 devices.

Before you subscribe to and download Windows Feature Updates, identify the operating systems installed on managed devices, and verify their update requirements. You can only download updates for your managed Windows 10 devices.

1.
Go to the Windows Feature Update Subscriptions page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click Windows Feature Updates.
c.
On the Windows Feature Updates panel, click Choose available Windows Feature Updates in the Subscriptions section.
2.
Specify the Subscription settings. The operating systems and locales specified in the subscription control the patches that are downloaded.

Option

Description

Windows Feature Update Versions

Download selected Windows Feature Updates. Click the edit button to manage the list of operating systems: . Click Select Versions and select one or more update versions that you want to install on your managed Windows 10 devices,. To ignore Windows Feature Updates, select Disabled.

Selected items are displayed after you save the settings.

Locales

Download patches for the selected languages. Click the edit button to manage the list of locales: . Select All Locales to download patches regardless of the locale or select the check boxes next to one or more locales.

Selected items are displayed after you save the settings.

3.
Click Save.

Selected Windows Feature Updates are downloaded automatically at the next scheduled download time.

Next, you can configure Windows Feature Update download settings. See Select patch and feature update download settings.

Configure Windows Feature Update schedules

Configure Windows Feature Update schedules

You can create and configure Windows Feature Update schedules and set a time for them to run. Windows Feature Update schedules do not interfere with Managed Installations or other distributions.

1.
Start the Windows Feature Update Schedule Detail wizard:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click Windows Feature Updates.
c.
On the Windows Feature Updates panel, click Detect and deploy Windows Feature Updates in the Subscriptions section.
d.
On the Windows Feature Update Schedules list page, do one of the following:
To create a new Windows Feature Update schedule using the Schedule Detail wizard, click Choose Action > New (Wizard).
To create a new Windows Feature Update schedule using the Schedule Detail page, click Choose Action > New (Classic).
To edit an existing schedule, click the schedule name in the list, then on the Windows Feature Update Schedule Summary page that appears, click Edit.
The Schedule Detail page or wizard appears, as selected. The same options are available in each selection. You can switch between the page and wizard by clicking Classic View or Wizard View in the top-right corner, as applicable.

Option

Description

Name

A name that identifies the schedule. This name appears on the Windows Feature Update Schedules list page.

Description

A brief description of the Windows Feature Update schedule.

3.
In the Action tab, in the Choose Windows Feature Update section, configure the following options:

Option

Description

Select a build

Select a version of the Windows Feature Update that you want to detect, stage, or deploy. This section lists the updates selected in your subscription.

Select editions

Select one or more editions of the selected version. This section lists all editions for the selected version, for example, Business and Consumer editions for the different platforms (32- and 64-bit).

Action

Description

Detect

Scans for compatible Windows Feature Updates.

Detect and Stage

Scans for compatible Windows Feature Updates, and downloads the applicable files to the agent device for later deployment.

Detect, Stage and On-demand Deploy

Detects Windows Feature Updates that are installed or missing from managed devices, downloads the applicable files to the agent device, and causes the Windows system tray icon to alert the user.

The Agent Status Icon On Device option must be enabled in the agent communication settings. You can find these settings on the Organization Detail page, under Communication and Agent Settings (if one or more Organization components are enabled), or on the Communication Settings page (if you do not have an Organization component). For more information, see Configure Agent communication and log settings.

Detect and Deploy

Scans for compatible Windows Feature Updates, downloads the applicable files to the agent device, and deploys the update to the selected devices.

5.
Select the target devices in the Devices tab using the following options.

Action

Description

All Devices

To apply this schedule to all managed devices, select this options. Clear the check box to limit the patch action to specific labels or devices.

Device Labels

Restrict the action to the feature updates using the labels that you select here. This is the most commonly used option.

1.
Click Manage Associated Labels.
2.
In the Select Labels dialog box that appears, drag one or more labels (as applicable) to the Limit Run to area, then click OK.

To use this option, you must already have Smart Labels for the feature updates. See Using Smart Labels for patching.

Devices

Run patch actions on the devices that you select.

Detect Timeout

Set limit to the total length of time allowed for the associated phase.

6.
In the Schedule tab, specify the applicable options for the schedule.

Option

Description

None

Run in combination with an event rather than on a specific date or at a specific time. This option is useful if you want to patch servers manually, or perform patch actions that you do not want to run on a schedule.

Every _ hours

Run at a specified interval.

Every day/specific day at HH:MM

Run daily at a specified time, or run on a designated day of the week at a specified time.

Run on the nth of every month/specific month at HH:MM

Run on the nth day every month, (for example, the first or the second) day of every month, or a specific month, at the specified time.

Run on the nth weekday of every month/specific month at HH:MM

Run on the specific weekday of every month, or a specific month, at the specified time.

Custom

Run according to a custom schedule.

Use standard 5-field cron format (extended cron format is not supported):

Use the following when specifying values:

Spaces ( ): Separate each field with a space.
Asterisks (*): Include the entire range of values in a field with an asterisk. For example, an asterisk in the hour field indicates every hour.
Commas (,): Separate multiple values in a field with a comma. For example, 0,6 in the day of the week field indicates Sunday and Saturday.
Hyphens (-): Indicate a range of values in a field with a hyphen. For example, 1-5 in the day of the week field is equivalent to 1,2,3,4,5, which indicates Monday through Friday.
Slashes (/): Specify the intervals at which to repeat an action with a slash. For example, */3 in the hour field is equivalent to 0,3,6,9,12,15,18,21. The asterisk (*) specifies every hour, but /3 restricts this to hours divisible by 3.

Examples:

View Task Schedule

Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled. Click a task to review the task details. For more information, see View task schedules.

Timezone

The timezone to use when scheduling the action. Select Server to use the timezone of the appliance. Select Agent to use the timezone of the managed device.

Run on next connection if offline

Run the action the next time the managed device connects to the appliance, if the device is currently offline. This option is useful for laptops and other devices that are periodically offline. If this option is not selected, and the device is offline, the action does not run again until the next scheduled time.

Delay run after reconnect

Delay the schedule by a specified amount of time. The time delay period begins when the patch action is scheduled to run.

End after

The time limit for patching actions.

For example, if you schedule patches to run at 04:00, you might want all patching actions to stop at 07:00 to prevent bandwidth issues when users start work. To do so, you could specify 180 in the minutes box.

When this time limit is reached, any patching tasks that are in progress are suspended, and their status on Security logs is Suspended.

These patching tasks do not resume on the next run and instead start from the beginning with each scheduled patching action.

7.
Click Save.
The Windows Feature Update Schedule Summary page appears, displaying the newly created or updated schedule. For more information about this page, see View Windows Feature Update status.

View Windows Feature Update schedules

View Windows Feature Update schedules

You can view summary information for the Windows Feature Update schedules that exist on the appliance. If the Organization component is enabled on your appliance, you view Windows Feature Update schedules for each organization separately.

1.
Go to the Windows Feature Update Schedules page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click Windows Feature Updates.
2.
On the Windows Feature Updates panel, click the Detect and deploy Windows Feature Updates link in the Schedules section.
Columns available on the Windows Feature Update Schedules page are identical to the ones on the Patch Schedules page. For more information about the fields on the Patch Schedules page, see View a list of patch schedules.
3.
(Optional) To change column visibility, select Column Visibility from the Table Options drop-down list above the table on the right.

Review Windows Feature Update schedule details

Review Windows Feature Update schedule details

When you configure a Windows Feature Update schedule, this page displays details about the schedule configuration and its status.

1.
Go to the Windows Feature Update Schedule Summary page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Security, then click Windows Feature Updates.
c.
On the Windows Feature Updates panel, click Detect and deploy Windows Feature Updates in the Subscriptions section.
2.
Review the contents of the Configuration section.

Option

Description

Created

The date and time the schedule is created.

Modified

The date and time the schedule is last modified.

Last Run

The date and time the schedule is last run.

Name

A name that identifies the schedule. This name appears on the Windows Feature Update Schedules list page.

Action

The action associated with the schedule:

Detect: Scans for compatible Windows Feature Updates.
Detect and Stage: Scans for compatible Windows Feature Updates, and downloads the applicable files to the agent device for later deployment.
Detect, Stage and On-demand Deploy: Detects Windows Feature Updates that are installed or missing from managed devices, downloads the applicable files to the agent device, and causes the Windows system tray on the agent device to alert the user that the updates are ready for deployment. The user can then initiate the deployment process at their convenience.
The Agent Status Icon On Device option must be enabled in the agent communication settings. You can find these settings on the Organization Detail page, under Communication and Agent Settings (if one or more Organization components are enabled), or on the Communication Settings page (if you do not have an Organization component). For more information, see Configure Agent communication and log settings.
Detect and Deploy: Scans for compatible Windows Feature Updates, downloads the applicable files to the agent device, and deploys the update to the selected devices.

Description

A brief description of the Windows Feature Update schedule.

Devices

This field only appears when the schedule is configured to apply to all devices.

Windows Feature Update

The name and version of the Windows Feature Update.

Device Label

One or more Smart Labels associated with the devices against which the schedule runs. For more information, see Using Smart Labels for patching. This field only appears when the schedule is configured to apply to selected devices.

Device Name

One or more selected devices against which the schedule runs. This field only appears when the schedule is configured to apply to selected devices.

Detect Label

One or more Smart Labels associated with the scheduled updates. For more information, see Using Smart Labels for patching. This field only appears when the schedule is configured to detect selected updates.

Alerts

Detect and Deploy schedules only. The alerts displayed to users when update actions run:

OK: Run immediately.
Cancel: Cancel until the next scheduled run.
Snooze: Prompt the user again after the Snooze Duration.

Reboot

Detect and Deploy schedules only. The options for rebooting the managed device:

No Reboot: The device does not reboot even though a reboot might be required for the update to take effect. This option is not recommended because deploying updates without rebooting when required can leave systems unstable. Further, updates that require reboots are only shown as deployed after the reboot.
Prompt User: Waits for the user to accept the reboot before restarting the device. If the user snoozes or cancels the reboot, the update stops until a reboot occurs. Selecting a Snooze Duration in the agent dialog box that appears on the target device pauses the reboot prompt for the specified snooze interval.
Force Reboot: Reboots as soon as an update that requires it is deployed. Forced reboots cannot be canceled. Force Reboot works well for desktops and servers. You might not want to force reboot on laptops. Force Reboot works well with servers because they usually have no dedicated users. However, it is important to warn users that services will not be available when servers are being updated and re-booted. See Best practices for patching.

Schedule

The selected update schedule. Click View Task Schedule to see a detailed task scheduler. In the dialog box that appears, click a task to review the task details. For more information, see View task schedules.

Run on Next Connection in Offline

Indicates if the schedule runs the action the next time the managed device connects to the appliance, if the device is currently offline.

Delay Run After Reconnect

If configured, this option indicates the amount of time the schedule is delayed for. The time delay period begins when the update action is scheduled to run.

End After

If configured, this option indicates the maximum amount of time the schedule can run for. When this time limit is reached, any update tasks that are in progress are suspended.

3.
In the Schedule Status section, review the overall schedule status on any of the following tabs:

Tab

Contents

By Machine

Devices selected for updating. Each entry displays the device name, its IP address, the update status (see Fields in the Patch Schedule Detail pages), update results, and the date the update completed. You can expand a device node to view the applicable updates. Each entry shows the update ID, associated Knowledge Base article number, update name, and the current status (Installed, Not Installed, Staged, and Detect, Stage, or Deploy Failure).

By Feature Update

Updates selected for detection, staging, and deployment. Each entry displays the update ID, associated Knowledge Base article number, update name, and the numbers of devices that are updated, not updated, and those that encountered detect or deploy failures.

Installed

Updates successfully installed on devices. Each entry displays the update ID, associated Knowledge Base article number, and the update name. You can expand an update node to view the devices on which the update is installed.

Not Installed

Updates that are not installed on devices. Each entry displays the update ID, associated Knowledge Base article number, and the update name. You can expand an update node to view the devices on which the update is to be installed.

Staged

Update that are staged for installation. Staging refers to update files being copied to the agent device for later deployment. Each entry displays the update ID, associated Knowledge Base article number, and the update name. You can expand an update node to view the devices on which the update is to be installed.

Detect Failures

Incomplete updates that resulted in a detection failure. Each entry displays the update ID, associated Knowledge Base, update name, and the associated error code (see Error codes caused by patching and scripting). You can expand an update node to view the devices on which the failure is encountered.

Stage Failures

Incomplete updates that resulted in a staging failure. Each entry displays the update ID, associated Knowledge Base article number, update name, and the associated error code (see Error codes caused by patching and scripting). You can expand an update node to view the devices on which the failure is encountered.

Deploy Failures

Incomplete updates that resulted in a deployment failure. Each entry displays the update ID, associated Knowledge Base, update name, and the associated error code (see Error codes caused by patching and scripting). You can expand an update node to view the devices on which the failure is encountered.

4.
Optional. After reviewing the schedule details, you can perform any of the following actions:
Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación