Chat now with support
Tchattez avec un ingénieur du support

KACE Systems Management Appliance 9.1 Common Documents - Administrator Guide

About the KACE Systems Management Appliance (SMA) Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring Agent settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Provisioning the KACE SMA Agent Manually deploying the KACE SMA Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Managing Mac profiles Using Task Chains
Patching devices and maintaining security
About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Dell devices and updates Maintaining device and appliance security
Using reports and scheduling notifications Monitoring servers
Getting started with server monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the KACE SMA
Appendixes Glossary About us Legal notices

Add a Discovery Schedule for a thorough scan of managed Windows, Mac, Linux, and UNIX computers

Add a Discovery Schedule for a thorough scan of managed Windows, Mac, Linux, and UNIX computers

To scan your network for devices and capture information about devices, you use Discovery Schedules. After devices are discovered using the Active Directory or Authenticated discovery type, you can add those discovered devices to inventory.

1.
Go to the Discovery Schedule Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Discovery Schedules.
c.
Select Choose Action > New.
2.
Select the Discovery Type to display the form with the options for the selected type.
Active Directory. DNS Lookup and Active Directory discovery options appear.
Authenticated [WinRM, SNMP, SSH, VMware]. DNS Lookup, Relay, WinRM, SSH, and SNMP discovery options appear.
3.
In the Name field, enter a name for the scan.
This name appears on the Discovery Schedules page.
4.
In the IP Address Range field, do one of the following:
If you select the Active Directory Discovery Type, enter the IP address of the Active Directory server to be scanned.

Option

Item

Description

DNS Lookup

Enable Discovery to identify the name of the device. DNS Lookup is important if you want device names to appear in the Discovery Results and Inventory lists. You can select the DNS Lookup options for each Discovery type.

Name Server for Lookup

The hostname or IP address of the name server.

Timeout

The time, in seconds, after which a DNS lookup expires. If an address is not found during this time, the process “times out.”

Relay

Enable a KACE SMA Agent to act as a tunnel WinRM, SSH and SNMP traffic to the agent connection protocol for WinRM, SSH and SNMP discovery schedules, agentless inventory, and agent provisioning.

Relay Device

Specify the device that you want to use as a relay for agentless device inventory.

A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results.

Selected relay devices are listed on the following pages:

On the Agentless Device Connection Details page, when a new device is provisioned automatically from discovery results. For more information about this page, see Enable Agentless management by entering device information manually.
On the Provisioning Schedule Detail page, when agent provisioning is initiated from discovery results. For more information, see Install the KACE SMA Agent on a device or multiple devices.
On the Agentless Device Connection Details page, when a new device is provisioned automatically from discovery results. For more information about this page, see Enable Agentless management by entering device information manually.

Active Directory

Enable the appliance to check for device information on an Active Directory server. During Active Directory scans, the status is indicated as an approximate percentage instead of the number of devices scanned.

Privileged User

The username of the administrator account on the Active Directory server. For example, username@example.com.

Privileged User Password

The password of the administrator account on the Active Directory server.

Search Context

The criteria used to search for devices. This criteria specifies a location or container in the Active Directory structure to be searched. Enter the most specific combination of OUs, DCs, or CNs that match your criteria, ranging from left (most specific) to right (most general). For example:

DC=company,DC=com.

WinRM

WinRM is the connection type to use for Windows devices.

Timeout

The time, in seconds, up to 1 minute, after which the connection is closed if there is no activity.

Require Kerberos

If selected, Kerberos is required for authentication. NTLM will not be used as an alternative when Kerberos is unavailable.

Using Kerberos requires DNS Lookup to be enabled in the same discovery configuration. The DNS Server is also required in the local KACE SMA network settings.

Port

If this field is left blank, the default port 5985 is used.

Credentials

The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.

See Add and edit User/Password credentials.

SSH

Use the SSH protocol with authentication.

Timeout

The time, up to 5 minutes, after which the connection is closed if there is no activity.

Try SSH2 Connection

Enable the SSH2 protocol for connecting to and communicating with devices.

Use SSH2 if you want device communications to be more secure (recommended).

Credentials

The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.

See Add and edit User/Password credentials.

6.
Optional: Enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule.

Option

Description

None

Run in combination with an event rather than on a specific date or at a specific time.

Every n hours

Run at a specified interval.

Every day/specific day at HH:MM

Run daily at a specified time, or run on a designated day of the week at a specified time.

Run on the nth of every month/specific month at HH:MM

Run on the same day every month, or a specific month, at the specified time.

Run on the nth weekday of every month/specific month at HH:MM

Run on the specific weekday of every month, or a specific month, at the specified time.

Custom

Run according to a custom schedule.

Use standard 5-field cron format (extended cron format is not supported):

Use the following when specifying values:

Spaces ( ): Separate each field with a space.
Asterisks (*): Include the entire range of values in a field with an asterisk. For example, an asterisk in the hour field indicates every hour.
Commas (,): Separate multiple values in a field with a comma. For example, 0,6 in the day of the week field indicates Sunday and Saturday.
Hyphens (-): Indicate a range of values in a field with a hyphen. For example, 1-5 in the day of the week field is equivalent to 1,2,3,4,5, which indicates Monday through Friday.
Slashes (/): Specify the intervals at which to repeat an action with a slash. For example, */3 in the hour field is equivalent to 0,3,6,9,12,15,18,21. The asterisk (*) specifies every hour, but /3 restricts this to hours divisible by 3.

Examples:

View Task Schedule

Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled. Click a task to review the task details. For more information, see View task schedules.

8.
Click Save.

Obtain a Client ID and Client Secret for use in discovering Chrome devices

Obtain a Client ID and Client Secret for use in discovering Chrome devices

Working with Chrome devices requires credentials that grant the KACE SMA access to a Google Apps Domain using the Admin SDK API. You must obtain a Client ID and a Client Secret from Google so that you can get an approval code for the KACE SMA to use.

The KACE SMA is enabled to import device information about devices and users from a Google Apps Domain when the KACE SMA has access to the Admin SDK API. Part of the credentialing process requires setting up a Google project, enabling the Admin SDK API from within it, and creating a Client ID and Client Secret.

a.
Click Projects in the left navigation bar.
b.
Click Create Project to display the New Project dialog.
d.
Use the auto-generated Project ID or type a unique ID of your choice.
e.
Click Create.
The Project Dashboard for the new project appears.
a.
Click APIs & auth in the left navigation bar to expand the section, and click APIs.
b.
Find Admin SDK under Browse APIs, and click the OFF Status button on the far right of the line to toggle the status to ON and enable the API.
a.
In the APIs & auth section of the left navigation bar, click Credentials.
b.
In the OAuth section, click Create new Client ID to display the Create Client ID dialog.
c.
Click Configure consent screen to display the Consent screen dialog.
d.
Select your email from the EMAIL ADDRESS drop-down list, type the name of your product in PRODUCT NAME, and click Save to return to the Create Client ID dialog.
e.
Select Installed application.
f.
Select Other as the Installed Application Type, and click Create Client ID.
The Credentials page displays the created Client ID and Client Secret.

Add a Third Party Discovery Schedule to scan your network for G Suite devices and capture information about those devices. See Add a Discovery Schedule for a G Suite device.

Add a Discovery Schedule for a KACE Cloud Mobile Device Manager device

Add a Discovery Schedule for a KACE Cloud Mobile Device Manager device

If you use the KACE Cloud Mobile Device Manager (MDM) to manage access to smart phones and tablets, you can discover managed mobile devices using discovery scheduling. To scan your network for KACE Cloud MDM devices and capture information about those devices, add an External Integration Discovery Schedule.

1.
Go to the Discovery Schedule Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Discovery Schedules.
c.
Select Choose Action > New.
2.
Select the Discovery Type to display the form with the options for the selected type, in this case External Integration [KACE Cloud Mobile Device Manager, G Suite, AirWatch].
3.
In the Name field, enter a name for the scan.
This name appears on the Discovery Schedules page.
4.
Expand KACE Cloud Mobile Device Manager and select the Discovery options.

Option

Description

Tenant Name

The name of the tenant on the KACE Cloud MDM associated with the devices that you want to manage.

Credentials

The details of the account that is used to connect to the KACE Cloud MDM device. Select an existing credential from the drop-down list, or select Add new credential to add a new credential, as required.

For more information, see Add and edit Secret Key credentials.

Auto Provision Devices

If selected, all mobile devices discovered in the next scan are added to inventory.

5.
Optional: In the Notify section, enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule.

Option

Description

None

Run in combination with an event rather than on a specific date or at a specific time.

Every n hours

Run at a specified interval.

Every day/specific day at HH:MM

Run daily at a specified time, or run on a designated day of the week at a specified time.

Run on the nth of every month/specific month at HH:MM

Run on the same day every month, or a specific month, at the specified time.

Run on the nth weekday of every month/specific month at HH:MM

Run on the specific weekday of every month, or a specific month, at the specified time.

Custom

Run according to a custom schedule.

Use standard 5-field cron format (extended cron format is not supported):

Use the following when specifying values:

Spaces ( ): Separate each field with a space.
Asterisks (*): Include the entire range of values in a field with an asterisk. For example, an asterisk in the hour field indicates every hour.
Commas (,): Separate multiple values in a field with a comma. For example, 0,6 in the day of the week field indicates Sunday and Saturday.
Hyphens (-): Indicate a range of values in a field with a hyphen. For example, 1-5 in the day of the week field is equivalent to 1,2,3,4,5, which indicates Monday through Friday.
Slashes (/): Specify the intervals at which to repeat an action with a slash. For example, */3 in the hour field is equivalent to 0,3,6,9,12,15,18,21. The asterisk (*) specifies every hour, but /3 restricts this to hours divisible by 3.

Examples:

View Task Schedule

Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled. Click a task to review the task details. For more information, see View task schedules.

7.
Click Save.

Add a Discovery Schedule for a G Suite device

Add a Discovery Schedule for a G Suite device

To scan your network for G Suite devices and capture information about those devices, add an External Integration Schedule.

1.
Go to the Discovery Schedule Detail page:
a.
Log in to the KACE SMA Administrator Console, http://KACE_SMA_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Inventory, then click Discovery Schedules.
c.
Select Choose Action > New.
2.
Select the Discovery Type to display the form with the options for the selected type, in this case External Integration [KACE Cloud Mobile Device Manager, G Suite, AirWatch].
3.
In the Name field, enter a name for the scan.
This name appears on the Discovery Schedules page.
4.
Expand G Suite and select the Discovery options.

Option

Description

Discover Chrome Devices

If selected, any Chrome devices will be discovered in the next scan.

Discover Mobile Devices

If selected, any G Suite mobile devices will be discovered in the next scan.

Credentials

The details of the account that is used to connect to the Chrome device. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.

For more information, see Add and edit Google OAuth credentials.

Auto Provision Devices

If selected, all Chrome devices discovered in the next scan are added to inventory.

5.
Optional: In the Notify section, enter an email address for being notified of when the discovery scan completes. The email includes the name of the discovery schedule.

Option

Description

None

Run in combination with an event rather than on a specific date or at a specific time.

Every n hours

Run at a specified interval.

Every day/specific day at HH:MM

Run daily at a specified time, or run on a designated day of the week at a specified time.

Run on the nth of every month/specific month at HH:MM

Run on the same day every month, or a specific month, at the specified time.

Run on the nth weekday of every month/specific month at HH:MM

Run on the specific weekday of every month, or a specific month, at the specified time.

Custom

Run according to a custom schedule.

Use standard 5-field cron format (extended cron format is not supported):

Use the following when specifying values:

Spaces ( ): Separate each field with a space.
Asterisks (*): Include the entire range of values in a field with an asterisk. For example, an asterisk in the hour field indicates every hour.
Commas (,): Separate multiple values in a field with a comma. For example, 0,6 in the day of the week field indicates Sunday and Saturday.
Hyphens (-): Indicate a range of values in a field with a hyphen. For example, 1-5 in the day of the week field is equivalent to 1,2,3,4,5, which indicates Monday through Friday.
Slashes (/): Specify the intervals at which to repeat an action with a slash. For example, */3 in the hour field is equivalent to 0,3,6,9,12,15,18,21. The asterisk (*) specifies every hour, but /3 restricts this to hours divisible by 3.

Examples:

View Task Schedule

Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled. Click a task to review the task details. For more information, see View task schedules.

7.
Click Save.
Documents connexes