Managing Agentless devices
To manage devices without installing KACE Agent software, you can enable Agentless management using Discovery information or by entering device connection details manually.
Features available to Agentless devices differ from those features available to Agent-managed devices. See Features available for each device management method.
You can enable Agentless management using Discovery information.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
Select Choose Action > Provision > Agentless: Automatic. |
: Agentless management is enabled for the device.
: Agentless management is enabled for the device, but the device is not currently reachable. |
Depending on the device, the appliance uses various connection types to run commands on the selected devices, obtain inventory information, and display that information on the Device Detail page. Information is updated according to the inventory schedule for Agentless devices. See:
You can enable Agentless management by entering device information manually.
You can choose from the following connection types: SSH, SNMP, WinRM, and VMware. WinRM is the connection type to use for Windows devices.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
2. |
Select Choose Action > New > Agentless Device to display the Agentless Device Connection Details page. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SSH. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following the default port number (22). |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Sudo Password |
The name of a service user account with permission to connect to devices. Using a service account and Sudo Password is useful when you want to avoid using root credentials to access devices. On some devices, however, higher privileges enable the appliance to retrieve more detailed inventory information. |
Operating System |
The operating system of the device. |
Shell |
The shell to use during connections. See Shell support for SSH connections. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SNMP.
SNMP (Simple Network Management Protocol) is a protocol for monitoring managed devices on a network. To enable SNMP, port 161 must be open on the appliance and on the device.
SNMP scan results include all SNMP capable devices. Remote shell extensions enable the appliance to connect, run commands, and capture information that can be managed as inventory. For more information about SNMP options, see Add a Discovery Schedule for SNMP-enabled non-computer devices. |
SNMP Version |
The version of SNMP to use for connections. SNMPv1 and SNMPv2c do not use authentication or encryption.
SNMP v3 uses authentication and encryption algorithms to increase the security of SNMP communications. When you configure the SNMP v3 options, the appliance performs an SNMP v3 scan on selected devices. If that scan fails, the appliance attempts an SNMP v1 scan using the specified Public String |
Read Community |
(SNMP v1, SNMP v2c) The community string to query. The default is Public. The Public String is required if authentication is not required. When authentication is required, the scan returns SNMP enabled with no system data. |
Credentials |
The details of the service account required to connect to the device and run commands using SNMP v3. Select existing credentials from the drop-down list, or click Add new credential to add credentials not already listed. Credentials are not required for SNMPv1 and SNMPv2c.
See Add and edit User/Password credentials. |
Inventory Configurations |
One or more inventory configurations for the new SNMP agentless device, such as Brother Laser Printer: Color, and others. |
Inventory Type |
The method used to collect inventory information.
• |
Inventory: Collect a subset of device information, such as the IP Address, MAC Address, and device name. |
• |
Inventory/Walk: Conduct a full SNMP walk to collect inventory information. The full walk results appear on the Device Detail page. |
|
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the Windows device and obtain inventory information, in this case, WinRM. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following default port number: 5985. |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Require Kerberos |
If selected, Kerberos is required for authentication. NTLM will not be used as an alternative when Kerberos is unavailable.
Using Kerberos requires DNS Lookup to be enabled in the same discovery configuration. The DNS Server is also required in the local appliance network settings. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Inventory Hyper-V or Virtual Machine Manager |
Select this option to allow the appliance to import a Microsoft Hyper-V or System Center Virtual Machine Manager infrastructure using agentless management. For more information about this feature, see Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The host name or IP address of the ESXi host or the vCenter Server. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as VMware devices. For example, hypervisors (ESXi hosts). See About Asset Subtypes, custom fields, and device detail preferences. |
Connection Type |
The connection method to use to connect to the VMware device and obtain inventory information. |
VMware Type |
The VMware device type: ESXi or vCenter Server.
|
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. An account with read-only access can be used. See Add and edit User/Password credentials. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Operating systems vary in their support of shells used for SSH connections between the appliance and managed devices.
The following table shows the shells available for SSH connections for each operating system.
Table 22. Shell support for SSH connections by operating system
Operating system |
Default shell |
Supported shells |
CentOS |
bash |
bash, sh |
Debian Linux |
bash |
bash, sh |
Fedora |
bash |
bash, sh |
FreeBSD |
csh |
bash, csh, sh |
Mac OS X |
sh |
bash, sh |
openSUSE/SLES™ |
bash |
bash, sh |
Oracle Enterprise Linux |
bash |
bash, sh |
Red Hat® Enterprise Linux® |
bash |
bash, sh |
Ubuntu |
bash |
bash, sh |
You can edit the device connection details for Agentless devices and you can delete Agentless devices as needed.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
In the Summary section, click Edit in the Device Entry Type row to display the Agentless Device Connection Details page. |
Enable Agentless management using Discovery information
To manage devices without installing KACE Agent software, you can enable Agentless management using Discovery information or by entering device connection details manually.
Features available to Agentless devices differ from those features available to Agent-managed devices. See Features available for each device management method.
You can enable Agentless management using Discovery information.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
Select Choose Action > Provision > Agentless: Automatic. |
: Agentless management is enabled for the device.
: Agentless management is enabled for the device, but the device is not currently reachable. |
Depending on the device, the appliance uses various connection types to run commands on the selected devices, obtain inventory information, and display that information on the Device Detail page. Information is updated according to the inventory schedule for Agentless devices. See:
You can enable Agentless management by entering device information manually.
You can choose from the following connection types: SSH, SNMP, WinRM, and VMware. WinRM is the connection type to use for Windows devices.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
2. |
Select Choose Action > New > Agentless Device to display the Agentless Device Connection Details page. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SSH. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following the default port number (22). |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Sudo Password |
The name of a service user account with permission to connect to devices. Using a service account and Sudo Password is useful when you want to avoid using root credentials to access devices. On some devices, however, higher privileges enable the appliance to retrieve more detailed inventory information. |
Operating System |
The operating system of the device. |
Shell |
The shell to use during connections. See Shell support for SSH connections. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SNMP.
SNMP (Simple Network Management Protocol) is a protocol for monitoring managed devices on a network. To enable SNMP, port 161 must be open on the appliance and on the device.
SNMP scan results include all SNMP capable devices. Remote shell extensions enable the appliance to connect, run commands, and capture information that can be managed as inventory. For more information about SNMP options, see Add a Discovery Schedule for SNMP-enabled non-computer devices. |
SNMP Version |
The version of SNMP to use for connections. SNMPv1 and SNMPv2c do not use authentication or encryption.
SNMP v3 uses authentication and encryption algorithms to increase the security of SNMP communications. When you configure the SNMP v3 options, the appliance performs an SNMP v3 scan on selected devices. If that scan fails, the appliance attempts an SNMP v1 scan using the specified Public String |
Read Community |
(SNMP v1, SNMP v2c) The community string to query. The default is Public. The Public String is required if authentication is not required. When authentication is required, the scan returns SNMP enabled with no system data. |
Credentials |
The details of the service account required to connect to the device and run commands using SNMP v3. Select existing credentials from the drop-down list, or click Add new credential to add credentials not already listed. Credentials are not required for SNMPv1 and SNMPv2c.
See Add and edit User/Password credentials. |
Inventory Configurations |
One or more inventory configurations for the new SNMP agentless device, such as Brother Laser Printer: Color, and others. |
Inventory Type |
The method used to collect inventory information.
• |
Inventory: Collect a subset of device information, such as the IP Address, MAC Address, and device name. |
• |
Inventory/Walk: Conduct a full SNMP walk to collect inventory information. The full walk results appear on the Device Detail page. |
|
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the Windows device and obtain inventory information, in this case, WinRM. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following default port number: 5985. |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Require Kerberos |
If selected, Kerberos is required for authentication. NTLM will not be used as an alternative when Kerberos is unavailable.
Using Kerberos requires DNS Lookup to be enabled in the same discovery configuration. The DNS Server is also required in the local appliance network settings. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Inventory Hyper-V or Virtual Machine Manager |
Select this option to allow the appliance to import a Microsoft Hyper-V or System Center Virtual Machine Manager infrastructure using agentless management. For more information about this feature, see Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The host name or IP address of the ESXi host or the vCenter Server. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as VMware devices. For example, hypervisors (ESXi hosts). See About Asset Subtypes, custom fields, and device detail preferences. |
Connection Type |
The connection method to use to connect to the VMware device and obtain inventory information. |
VMware Type |
The VMware device type: ESXi or vCenter Server.
|
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. An account with read-only access can be used. See Add and edit User/Password credentials. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Operating systems vary in their support of shells used for SSH connections between the appliance and managed devices.
The following table shows the shells available for SSH connections for each operating system.
Table 22. Shell support for SSH connections by operating system
Operating system |
Default shell |
Supported shells |
CentOS |
bash |
bash, sh |
Debian Linux |
bash |
bash, sh |
Fedora |
bash |
bash, sh |
FreeBSD |
csh |
bash, csh, sh |
Mac OS X |
sh |
bash, sh |
openSUSE/SLES™ |
bash |
bash, sh |
Oracle Enterprise Linux |
bash |
bash, sh |
Red Hat® Enterprise Linux® |
bash |
bash, sh |
Ubuntu |
bash |
bash, sh |
You can edit the device connection details for Agentless devices and you can delete Agentless devices as needed.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
In the Summary section, click Edit in the Device Entry Type row to display the Agentless Device Connection Details page. |
Enable Agentless management by entering device information manually
To manage devices without installing KACE Agent software, you can enable Agentless management using Discovery information or by entering device connection details manually.
Features available to Agentless devices differ from those features available to Agent-managed devices. See Features available for each device management method.
You can enable Agentless management using Discovery information.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
Select Choose Action > Provision > Agentless: Automatic. |
: Agentless management is enabled for the device.
: Agentless management is enabled for the device, but the device is not currently reachable. |
Depending on the device, the appliance uses various connection types to run commands on the selected devices, obtain inventory information, and display that information on the Device Detail page. Information is updated according to the inventory schedule for Agentless devices. See:
You can enable Agentless management by entering device information manually.
You can choose from the following connection types: SSH, SNMP, WinRM, and VMware. WinRM is the connection type to use for Windows devices.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
2. |
Select Choose Action > New > Agentless Device to display the Agentless Device Connection Details page. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SSH. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following the default port number (22). |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Sudo Password |
The name of a service user account with permission to connect to devices. Using a service account and Sudo Password is useful when you want to avoid using root credentials to access devices. On some devices, however, higher privileges enable the appliance to retrieve more detailed inventory information. |
Operating System |
The operating system of the device. |
Shell |
The shell to use during connections. See Shell support for SSH connections. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SNMP.
SNMP (Simple Network Management Protocol) is a protocol for monitoring managed devices on a network. To enable SNMP, port 161 must be open on the appliance and on the device.
SNMP scan results include all SNMP capable devices. Remote shell extensions enable the appliance to connect, run commands, and capture information that can be managed as inventory. For more information about SNMP options, see Add a Discovery Schedule for SNMP-enabled non-computer devices. |
SNMP Version |
The version of SNMP to use for connections. SNMPv1 and SNMPv2c do not use authentication or encryption.
SNMP v3 uses authentication and encryption algorithms to increase the security of SNMP communications. When you configure the SNMP v3 options, the appliance performs an SNMP v3 scan on selected devices. If that scan fails, the appliance attempts an SNMP v1 scan using the specified Public String |
Read Community |
(SNMP v1, SNMP v2c) The community string to query. The default is Public. The Public String is required if authentication is not required. When authentication is required, the scan returns SNMP enabled with no system data. |
Credentials |
The details of the service account required to connect to the device and run commands using SNMP v3. Select existing credentials from the drop-down list, or click Add new credential to add credentials not already listed. Credentials are not required for SNMPv1 and SNMPv2c.
See Add and edit User/Password credentials. |
Inventory Configurations |
One or more inventory configurations for the new SNMP agentless device, such as Brother Laser Printer: Color, and others. |
Inventory Type |
The method used to collect inventory information.
• |
Inventory: Collect a subset of device information, such as the IP Address, MAC Address, and device name. |
• |
Inventory/Walk: Conduct a full SNMP walk to collect inventory information. The full walk results appear on the Device Detail page. |
|
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the Windows device and obtain inventory information, in this case, WinRM. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following default port number: 5985. |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Require Kerberos |
If selected, Kerberos is required for authentication. NTLM will not be used as an alternative when Kerberos is unavailable.
Using Kerberos requires DNS Lookup to be enabled in the same discovery configuration. The DNS Server is also required in the local appliance network settings. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Inventory Hyper-V or Virtual Machine Manager |
Select this option to allow the appliance to import a Microsoft Hyper-V or System Center Virtual Machine Manager infrastructure using agentless management. For more information about this feature, see Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The host name or IP address of the ESXi host or the vCenter Server. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as VMware devices. For example, hypervisors (ESXi hosts). See About Asset Subtypes, custom fields, and device detail preferences. |
Connection Type |
The connection method to use to connect to the VMware device and obtain inventory information. |
VMware Type |
The VMware device type: ESXi or vCenter Server.
|
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. An account with read-only access can be used. See Add and edit User/Password credentials. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Operating systems vary in their support of shells used for SSH connections between the appliance and managed devices.
The following table shows the shells available for SSH connections for each operating system.
Table 22. Shell support for SSH connections by operating system
Operating system |
Default shell |
Supported shells |
CentOS |
bash |
bash, sh |
Debian Linux |
bash |
bash, sh |
Fedora |
bash |
bash, sh |
FreeBSD |
csh |
bash, csh, sh |
Mac OS X |
sh |
bash, sh |
openSUSE/SLES™ |
bash |
bash, sh |
Oracle Enterprise Linux |
bash |
bash, sh |
Red Hat® Enterprise Linux® |
bash |
bash, sh |
Ubuntu |
bash |
bash, sh |
You can edit the device connection details for Agentless devices and you can delete Agentless devices as needed.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
In the Summary section, click Edit in the Device Entry Type row to display the Agentless Device Connection Details page. |
Shell support for SSH connections
To manage devices without installing KACE Agent software, you can enable Agentless management using Discovery information or by entering device connection details manually.
Features available to Agentless devices differ from those features available to Agent-managed devices. See Features available for each device management method.
You can enable Agentless management using Discovery information.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
Select Choose Action > Provision > Agentless: Automatic. |
: Agentless management is enabled for the device.
: Agentless management is enabled for the device, but the device is not currently reachable. |
Depending on the device, the appliance uses various connection types to run commands on the selected devices, obtain inventory information, and display that information on the Device Detail page. Information is updated according to the inventory schedule for Agentless devices. See:
You can enable Agentless management by entering device information manually.
You can choose from the following connection types: SSH, SNMP, WinRM, and VMware. WinRM is the connection type to use for Windows devices.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
2. |
Select Choose Action > New > Agentless Device to display the Agentless Device Connection Details page. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SSH. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following the default port number (22). |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Sudo Password |
The name of a service user account with permission to connect to devices. Using a service account and Sudo Password is useful when you want to avoid using root credentials to access devices. On some devices, however, higher privileges enable the appliance to retrieve more detailed inventory information. |
Operating System |
The operating system of the device. |
Shell |
The shell to use during connections. See Shell support for SSH connections. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the device and obtain inventory information, in this case, SNMP.
SNMP (Simple Network Management Protocol) is a protocol for monitoring managed devices on a network. To enable SNMP, port 161 must be open on the appliance and on the device.
SNMP scan results include all SNMP capable devices. Remote shell extensions enable the appliance to connect, run commands, and capture information that can be managed as inventory. For more information about SNMP options, see Add a Discovery Schedule for SNMP-enabled non-computer devices. |
SNMP Version |
The version of SNMP to use for connections. SNMPv1 and SNMPv2c do not use authentication or encryption.
SNMP v3 uses authentication and encryption algorithms to increase the security of SNMP communications. When you configure the SNMP v3 options, the appliance performs an SNMP v3 scan on selected devices. If that scan fails, the appliance attempts an SNMP v1 scan using the specified Public String |
Read Community |
(SNMP v1, SNMP v2c) The community string to query. The default is Public. The Public String is required if authentication is not required. When authentication is required, the scan returns SNMP enabled with no system data. |
Credentials |
The details of the service account required to connect to the device and run commands using SNMP v3. Select existing credentials from the drop-down list, or click Add new credential to add credentials not already listed. Credentials are not required for SNMPv1 and SNMPv2c.
See Add and edit User/Password credentials. |
Inventory Configurations |
One or more inventory configurations for the new SNMP agentless device, such as Brother Laser Printer: Color, and others. |
Inventory Type |
The method used to collect inventory information.
• |
Inventory: Collect a subset of device information, such as the IP Address, MAC Address, and device name. |
• |
Inventory/Walk: Conduct a full SNMP walk to collect inventory information. The full walk results appear on the Device Detail page. |
|
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The hostname or IP address of the device. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as Device assets that are computers, printers, or routers, and Software assets that run on Windows, Mac, or Linux systems in the inventory. See About Asset Subtypes, custom fields, and device detail preferences.
|
NOTE: In a default installation, Device Assets include two Asset Subtypes for printer devices: Laser Printer: Color and Laser Printer: Monochrome. Each of these subtypes provides a common set of fields that apply to most printers. The appliance also comes with a set of printer templates for typical SNMP-enabled printer models, based on these Asset Subtypes. You can edit these templates or add new ones, as needed. When you apply a printer template to a device, the data defined in the template, such as toner levels or descriptions, is collected for the printer in the next inventory cycle. For more information, see About printer templates. | |
Connection Type |
The connection method to use to connect to the Windows device and obtain inventory information, in this case, WinRM. |
Port |
The port number the appliance uses to connect to the device. No input is required for the following default port number: 5985. |
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed.
See Add and edit User/Password credentials. |
Require Kerberos |
If selected, Kerberos is required for authentication. NTLM will not be used as an alternative when Kerberos is unavailable.
Using Kerberos requires DNS Lookup to be enabled in the same discovery configuration. The DNS Server is also required in the local appliance network settings. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Inventory Hyper-V or Virtual Machine Manager |
Select this option to allow the appliance to import a Microsoft Hyper-V or System Center Virtual Machine Manager infrastructure using agentless management. For more information about this feature, see Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager. |
Relay Device |
The name of the device that you want to use as a relay for agentless device inventory.
A relay device that is used during discovery as a relay is used for agentless inventory, when a new device is provisioned automatically from discovery results. You can select a relay device on the Discovery Schedule Detail page. For more information, see Add a Discovery Schedule to perform a quick "what and where" scan of your network. |
Option |
Description |
Name |
The host name or IP address of the ESXi host or the vCenter Server. |
Asset Subtype |
The asset subcategory, if applicable. This information enables you to identify and manage subtypes of assets, such as VMware devices. For example, hypervisors (ESXi hosts). See About Asset Subtypes, custom fields, and device detail preferences. |
Connection Type |
The connection method to use to connect to the VMware device and obtain inventory information. |
VMware Type |
The VMware device type: ESXi or vCenter Server.
|
Credentials |
The details of the service account required to connect to the device and run commands. Select existing credentials from the drop-down list, or select Add new credential to add credentials not already listed. An account with read-only access can be used. See Add and edit User/Password credentials. |
Log Level |
The level of information to display on the Device Detail page. To see only the most important messages, select Critical. To see all messages, select Debug. |
Enable Inventory |
The inventory collection option. If this option is selected, the appliance collects inventory information for the device according to the Agentless device inventory schedule. If this option is cleared, inventory information is not collected. In both cases, however, Agentless devices are counted. |
DNS Server |
The hostname of the DNS server to use when identifying the device hostname and other information. Providing the DNS server information enables the appliance to match the device to existing inventory information during updates. If the appliance cannot detect the device due to changes made to its hostname or IP address, inventory fails. |
Operating systems vary in their support of shells used for SSH connections between the appliance and managed devices.
The following table shows the shells available for SSH connections for each operating system.
Table 22. Shell support for SSH connections by operating system
Operating system |
Default shell |
Supported shells |
CentOS |
bash |
bash, sh |
Debian Linux |
bash |
bash, sh |
Fedora |
bash |
bash, sh |
FreeBSD |
csh |
bash, csh, sh |
Mac OS X |
sh |
bash, sh |
openSUSE/SLES™ |
bash |
bash, sh |
Oracle Enterprise Linux |
bash |
bash, sh |
Red Hat® Enterprise Linux® |
bash |
bash, sh |
Ubuntu |
bash |
bash, sh |
You can edit the device connection details for Agentless devices and you can delete Agentless devices as needed.
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
3. |
In the Summary section, click Edit in the Device Entry Type row to display the Agentless Device Connection Details page. |