Chatee ahora con Soporte
Chat con el soporte

KACE Systems Management Appliance 11.0 Common Documents - Administrator Guide

About the KACE Systems Management Appliance Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring Agent settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Managing Mac profiles Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Maintaining device and appliance security
Using reports and scheduling notifications Monitoring servers
Getting started with server monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

Adding, editing, and deleting organizations

Adding, editing, and deleting organizations

You can add, edit, and delete organizations as needed. In addition, you can rename the Default organization and edit its settings.

Add or edit organizations

Add or edit organizations

You can add or edit up to 50 organizations on a single appliance.

When you add organizations, you need to assign them Organization Roles. You can use the Default Role, but if you want to use a custom Organization Role, add that role before you add the organization. See Add or edit Organization Roles.

1.
Go to the Organization Detail page:
a.
Log in to the appliance System Administration Console, http://appliance_hostname/system, or select System from the drop-down list in the top-right corner of the page.
b.
On the left navigation bar, click Organizations, then click Organizations.
c.
Display the Organization Detail page by doing one of the following:
Select Choose Action > New.

Option

Description

Name

Enter a name for the organization. You can modify the name later if required. If the fast switching option is enabled, this name appears in the drop-down list in the top-right corner of the page. See Enable fast switching for organizations and linked appliances.

Description

A description of the organization. You can modify the description later if necessary.

Role

The user role you want to assign to the organization. You can modify this selection later if required.

NOTE: To create a role, go to Organizations > Roles.

Client Drop Size

A file-size filter for the organization's Client Drop location.

The Client Drop location is a storage area (Samba share) for the organization on the appliance. This storage area is used to upload large files, such as application installers and appliance backup files, to the appliance. Uploading files to the Client Drop location is an alternative to uploading files through the Administrator Console using the default HTTP mechanism, which can result in browser timeouts for large files.

The Client Drop Size filter determines whether files uploaded to the organization's Client Drop location are displayed on the Upload and Associate Client Drop File list on the Software Detail page. For example, if the Client Drop Size filter is set to 1 GB, the Upload and Associate Client Drop File list shows files that are 1 GB in size or larger. Files that are less than 1 GB in size are not displayed on the list.

Application files are moved from the organization's Client Drop location to the appropriate area when the file is selected on the Software Detail page and saved.

Appliance backup files that are placed in the Client Drop location are automatically identified as appliance backup files, and they become available for selection on the Backup Settings page within five minutes.

If you have multiple organizations, each organization has its own Client Drop location and Client Drop Size filter setting. See Copy files to the appliance Client Drop location.

Option

Description

Name

Modify the name of the organization as needed. If the fast switching option is enabled, this name appears in the drop-down list in the top-right corner of the page. See Enable fast switching for organizations and linked appliances.

Locale

The language to use for the organization’s Administrator Console and User Console.

Virtual Host Name

A unique domain name for this organization. When this field is configured, and you log in to the appliance from the specified location, the appliance selects this organization automatically, and you only need to provide your user credentials. If you use Security Assertion Markup Language (SAML) login, the configured virtual host name logs you directly into that organization's Identity Provider (IdP). For more information about SAML login, see Configure SAML for single sign on.

Virtual Host IP

A unique IP address for this organization. When this field is configured, and you log in to the appliance from the specified location, the appliance selects this organization automatically, and you only need to provide your user credentials. If you use SAML login, the configured virtual host IP address logs you directly into that organization's IdP. For more information about SAML login, see Configure SAML for single sign on.

Description

A description of the organization. You can modify the description later if necessary.

Database Name

(Read-only) Displays the name of the database the organization is using.

Report User

(Read-only) The username used to generate reports. The report username provides access to the database (for additional reporting tools), but does not give write access to anyone.

Report User Password

The report user password. This password is used only by the reporting system and MySQL.

Role

The user role you want to assign to the organization. You can modify this selection later if required.

NOTE: To create a role, go to Organizations > Roles.

Client Drop Size

A file-size filter for the organization's Client Drop location.

The Client Drop location is a storage area (Samba share) for the organization on the appliance. This storage area is used to upload large files, such as application installers and appliance backup files, to the appliance. Uploading files to the Client Drop location is an alternative to uploading files through the Administrator Console using the default HTTP mechanism, which can result in browser timeouts for large files.

The Client Drop Size filter determines whether files uploaded to the organization's Client Drop location are displayed on the Upload and Associate Client Drop File list on the Software Detail page. For example, if the Client Drop Size filter is set to 1 GB, the Upload and Associate Client Drop File list shows files that are 1 GB in size or larger. Files that are less than 1 GB in size are not displayed on the list.

Application files are moved from the organization's Client Drop location to the appropriate area when the file is selected on the Software Detail page and saved.

Appliance backup files that are placed in the Client Drop location are automatically identified as appliance backup files, and they become available for selection on the Backup Settings page within five minutes.

If you have multiple organizations, each organization has its own Client Drop location and Client Drop Size filter setting. See Copy files to the appliance Client Drop location.

Filters

The filters you want to use to assign new devices to the organization when devices check in to the appliance. To select multiple filters, use Ctrl-click or Command-click.

Devices

(Read-only) Displays the number of devices assigned to the organization.

Option

Suggested Setting

Notes

Agent Logging

Enabled

Whether the appliance stores scripting results provided by Agents installed on managed devices. Agent logs can consume as much as 1GB of disk space in the database. If disk space is not an issue, enable Agent Logging to keep all log information for Agent-managed devices. These logs can be useful during troubleshooting. To save disk space, and enable faster Agent communication, disable Agent Logging.

Agent Debug Trace

Enabled

If selected, this option allows you to record the Agent's debug trace. This information allows administrators to monitor the Agent's performance, and to diagnose common problems.

Agent Inventory

12 hours

The frequency at which Agents on managed devices report inventory. This information is displayed in the Inventory section.

Agentless Inventory

1 Day

The frequency at which Agentless devices report inventory. This information is displayed in the Inventory section.

Catalog Inventory

24 hours

The frequency at which managed devices report inventory to the Software Catalog page.

Metering

4 hours

The frequency at which managed devices report metering information to the appliance. Requires metering to be enabled on devices and applications.

Scripting Update

4 hours

The frequency at which Agents on managed devices request updated copies of scripts that are enabled on managed devices. This interval does not affect how often scripts run.

Agent Status Icon On Device

Enabled

If selected, this option allows you to display the agent status on managed devices.

Agent Snooze on Device

Enabled

If selected, this option allows you to suspend the agent's activity on managed devices using the system tray (Windows) or menu bar (Mac OS).

Agent Snooze Max Count (per day)

1 snooze

The maximum number of times you can snooze the agent each day on managed devices.

Max Download Speed

As required

The maximum download speed, as required. Choose from the available options.

Process Timeout

1 hour

The maximum length of time the agent process run before being terminated. For more details, visit https://support.quest.com/kb/177093/how-to-allow-more-time-for-a-kace-script-to-run-before-it-times-out-.

Disable Wait for Bootup Tasks

Disabled

If selected, this option stops the agent from executing bootup tasks.

Disable Wait for Login Tasks

Disabled

If selected, this option stops the agent from executing login tasks.

5.
In the Notify section, specify the message to use for Agent communications:

Option

Suggested Setting

Notes

Agent Splash Page Message

Default text:

KACE Systems Management Appliance is verifying your PC Configuration and managing software updates. Please Wait...

The message that appears to users when Agents are performing tasks, such as running scripts, on their devices.

Agent Splash Bitmap

As required

The path to an existing .bmp file that you want to use as the splash logo.

Disable Bootup Splash

Disabled

If selected, this option stops the agent from displaying the boot-up splash logo.

Disable Login Splash

Disabled

If selected, this option stops the agent from displaying the login splash logo.

6.
In the Schedule section, specify the Communication Window:

Option

Suggested Setting

Notes

Communication Window

00:00 to 00:00 (+1 day)

The period during which Agents on managed devices are allowed to connect with the appliance. For example, to allow Agents to connect between the hours of 01:00 and 06:00 only, select 01:00 from the first drop-down list, and 06:00 from the second drop-down list.

You can set the communications window to avoid times when your devices are busiest.

7.
In the Agentless Settings section, specify communications settings for Agentless devices:

Option

Description

SSH Timeout

The time, in seconds, after which the connection is closed if there is no activity.

SNMP Timeout

The time, in seconds, after which the connection is closed if there is no activity.

Retry Attempts

The number of times the connection is attempted.

WinRM Timeout

The time, in seconds, after which the connection is closed if there is no activity.

VMware Timeout

The amount of time in seconds to wait for a connection to the VMware vSphere API service running on a VMware host.

8.
In the Agentless Settings section, specify communications settings for Agentless devices:

Option

Description

SSH Timeout

The time, in seconds, after which the connection is closed if there is no activity.

SNMP Timeout

The time, in seconds, after which the connection is closed if there is no activity.

Retry Attempts

The number of times the connection is attempted.

WinRM Timeout

The time, in seconds, after which the connection is closed if there is no activity.

VMware Timeout

The amount of time in seconds to wait for a connection to the VMware vSphere API service running on a VMware host.

9.
Click Save.

The organization is added. If fast switching is enabled, and the default admin account passwords for the System and for your organizations are the same, you can switch between organizations and the System using the drop-down list in the top-right corner of the page. To see new organizations in the list, you need to log out of the Administrator Console and then log back in. In addition, if the option to require organization selection at login is enabled at the System level, the organization is available in the drop-down list on the Administrator Console login page, http://appliance_hostname/admin, where appliance_hostname is the hostname of your appliance.

NOTE: For new organizations, the password for the default admin account is the same as the password for the default admin account at the System level. This is assigned automatically. To change the admin account password, edit the admin user account.
NOTE: However, be aware that organizations with different admin account passwords are not available for fast switching using the drop-down list in the top-right corner of the page.

For more information about System-level settings, see Configure appliance General Settings with the Organization component enabled.

Configure Two-Factor Authentication for organizations

Configure Two-Factor Authentication for organizations

Two-Factor Authentication (2FA) provides stronger security for users logging into the appliance by adding an extra step to the login process. It relies on the Google Authenticator app to generate verification codes. The app generates a new six-digit code at regular intervals. When enabled, end users will be prompted for the current verification code each time they log in.

To download the Google Authenticator app, visit one of the following sites, as applicable:

You can enable or disable 2FA access to the Administrator Console and User Console for one or more organizations using the System Administration Console, as described below. Alternatively, you can enable 2FA access to the Administrator Console and User Console for all users in an organization using the Two-Factor Authentication page in the Administrator Console For more information, see Enable Two-Factor Authentication for all users.

1.
Go to the Organizations list page:
a.
Log in to the appliance System Administration Console, http://appliance_hostname/system, or select System from the drop-down list in the top-right corner of the page.
b.
On the left navigation bar, click Organizations, then click Organizations.
2.
On the Organization list page that appears, select one or more organizations for which you want to configure 2FA.
3.
To enable 2FA for all users in the selected organizations in the Administrator Console, click Choose Action > Two-Factor Authentication > Admin Portal > Required for all Users.
4.
To disable 2FA for all users in the selected organizations in the Administrator Console, click Choose Action > Two-Factor Authentication > Admin Portal > Not Required.
5.
To enable 2FA for all users in the selected organizations in the User Console, click Choose Action > Two-Factor Authentication > User Portal > Required for all Users.
6.
To disable 2FA for all users in the selected organizations in the User Console, click Choose Action > Two-Factor Authentication > User Portal > Not Required.

Delete organizations

Delete organizations

You can delete organizations as needed. However, if you have a single organization on your appliance, you cannot delete that organization until you add another one. The appliance must always have at least one organization available.

1.
Go to the Organization Detail page:
a.
Log in to the appliance System Administration Console, http://appliance_hostname/system, or select System from the drop-down list in the top-right corner of the page.
b.
On the left navigation bar, click Organizations, then click Organizations.
2.
Select Choose Action > Delete, then click Yes to confirm.

The organization, including information in the organization database, is removed from the appliance.

Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación