Tchater maintenant avec le support
Tchattez avec un ingénieur du support

KACE Systems Management Appliance 14.1 Common Documents - Administration Guide

About the KACE Systems Management Appliance Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Managing user notifications Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings Configuring Content Security Policy
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Deploying the KACE Agent to managed devices Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates About Remote Control Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Managing Linux package upgrades Manage quarantined file attachments
Using reports and scheduling notifications Monitoring devices
Getting started with monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

Configure Active Directory as the single sign on method

Configure Active Directory as the single sign on method

Active Directory single sign on enables users who are logged on to the domain to access the appliance Administrator Console and User Console without having to re-enter their logon credentials each time.

Before you connect the appliance to an Active Directory server, verify that:

1.
Go to the appliance Control Panel:
If the Organization component is enabled on the appliance, log in to the appliance System Administration Console, https://appliance_hostname/system, or select System in the drop-down list in the top-right corner of the page, then select Settings > Control Panel.
2.
In the Single Sign On tab of the Security Settings page, select Active Directory, then provide the following information:

Option

Description

Domain

The host name of the domain of your Active Directory® server, such as example.com.

Username

The user name of the administrator account on the Active Directory server. For example, username@example.com.

Password

The password of the administrator account on the Active Directory server.

Computer Object Container

The name of the computer object container of the administrator account on the Active Directory server.

Computer Object Name

The name of the computer object container of the administrator account on the Active Directory server.

Service Account Container

The name of the service account container of the administrator account on the Active Directory server.

3.
Click Join.

These tests do not need write access and they do not check for permission to write to any directory. In addition, these tests do not verify username and password credentials. If the credentials are incorrect, the appliance might not be able to join the domain even if the tests are successful.

A message appears stating the results of the test. To view errors, if any, click Logs, then in the Log drop-down list, select Server Errors.

4.
Optional: Select Force Join to join the server to ignore errors and join the domain.
5.
Click Save.

When users are logged in to devices that are joined to the Active Directory domain, they can access the appliance User Console without having to re-enter their credentials. If users are on devices that are not joined to the Active Directory domain, the login window appears and they can log in using a local appliance user account. See Add or edit System-level user accounts.

Generate an SSL certificate

Generate an SSL certificate

You can generate a self-signed SSL certificate, or generate a certificate signing request for third-party certificates, using the Administrator Console.

1.
Go to the appliance Control Panel:
If the Organization component is enabled on the appliance, log in to the appliance System Administration Console, https://appliance_hostname/system, or select System in the drop-down list in the top-right corner of the page, then select Settings > Control Panel.
2.
In the Security Settings section, click Configure SSL to open the SSL tab on the Security Settings page.
3.
In the SSL section, click Enable SSL.
4.
Click Generate CSR (Certificate Signing Request) or Self-Signed SSL Certificate, then click SSL Certificate Form to display the SSL Certificate Form page.
5.
In the SSL Certificate Form page , provide the following information:

Option

Description

Company Name

The name of your company.

Organization Name

The name of your organizational unit or business group.

Common Name

The common name of the appliance you are creating the SSL certificate for.

Email

Your email address.

City Name

The name of your locality.

State or Province Name

The name of your state or province.

Country Name

The name of your country.

Subject Alternative name

Alternative name of the appliance you are creating the SSL certificate for. It can have multiple comma separated entries.

6.
Click Save.
If this is the first time the SSL Certificate Form has been saved, the Certificate Signing Request section appears. If the form has previously been saved, the Certificate Signing Request section is updated.
1.
Copy all of the text in the Certificate Signing Request section, including the lines "-----BEGIN CERTIFICATE REQUEST-----" and "-----END CERTIFICATE REQUEST-----" and everything in between, then send it to the certificate issuer or the person who provides your company with web server certificates.
1.
Click Generate Self-Signed Certificate to generate and display the certificate below the Certificate Signing Request section.
2.
Click Deploy Self-Signed Certificate, then click Yes.
3.
On the Security Settings page, click Save and Restart Services.
Self-signed certificates are converted to PEM files, named kbox.pem, and the files are placed in KACE Agent data folders.
NOTE: Your private key appears in the Private Key field. It is deployed to the appliance when you deploy a valid certificate. Do not send the private key to anyone. It is displayed here in case you want to deploy this certificate to another web server.

Configuring session timeout and auto-refresh settings

Configuring session timeout and auto-refresh settings

Session timeout is a System-level setting that specifies the amount of inactive time that can pass before users are automatically logged out of the Administrator Console or User Console. Auto-refresh settings are user-level settings that determine the frequency with which console pages are refreshed.

Set session timeout

Set session timeout

You can configure session timeout to meet your security requirements.

1.
Go to the appliance Control Panel:
If the Organization component is enabled on the appliance, log in to the appliance System Administration Console, https://appliance_hostname/system, or select System in the drop-down list in the top-right corner of the page, then select Settings > Control Panel.
2.
In the General Settings section, click the Customize general configurations option to display the General Options tab on the General Settings page.

Options

Description

Session Timeout

Set the number of inactive hours to allow before closing user sessions and requiring users to log in again. The default is 1. The User Console and Administrator Console have Timeout Session counters to alert users of this time limit. Only periods of inactivity are counted. The counter restarts when the user performs any action that causes the console to interact with the appliance server, such as refreshing a window, saving changes, and changing windows. When a session reaches 60 seconds before the timeout, a message box appears, allowing you to extend the session, or to log off. Once the counter reaches the limit, the user is logged out, unsaved changes are lost, and the login screen appears. The Timeout Session counter appears in the upper right of each console.

4.
Click Save and Restart Services.
Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation