• 포털 전문가 되기
• 다운로드
• 인쇄
• 내 다운로드 ()

• 지원
• 기술 문서
• KACE Systems Management Appliance 14.0 Common Documents
• KACE Systems Management Appliance 14.0 Common Documents - Administration Guide

KACE Systems Management Appliance 14.0 Common Documents - Administration Guide

콘텐츠 탐색  

About the KACE Systems Management Appliance

About the appliance components About the Administrator Console

Components available in Admin mode without the Organization component Components available in Admin mode with the Organization component enabled Components available in System mode with the Organization component enabled Using the Home component

About Dashboards View the Dashboard in Admin mode View the Dashboard in System mode Customize Dashboard pages About Dashboard widgets View Dashboard details View task schedules View the appliance version, model, and license information View product licensing information About appliance software updates About labels

Searching for information and filtering lists

Search at the Admin level Search at the page level Searching at the page level with advanced options

Example: Search for managed devices using Filter criteria Add Smart Labels and Notifications using Advanced Search criteria Load Smart Labels from the Filter tab

Create Custom Views using Filter criteria Access product documentation

Log in to the Administrator Console: First login following initial network configuration

Getting started

Configuring the appliance

Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings

Configure appliance General Settings with the Organization component enabled Configure Admin-level or organization-specific General Settings Configure appliance General Settings without the Organization component

Configure appliance date and time settings Managing user notifications

Review user notification alerts Configure user notifications

Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access

Verify port settings Verifying the status of the NTP service Make necessary websites accessible to the appliance

Configuring network and security settings

Change appliance network settings Configure local routing tables Configure local web server settings and allow access to hosts Configure security settings for the appliance Configure Active Directory as the single sign on method Generate an SSL certificate

Configuring session timeout and auto-refresh settings

Set session timeout Set auto-refresh properties

Configuring locale settings

How locale settings are applied Configure locale settings for the Administrator Console and the Command Line Console Configure locale settings for the User Console Configure locale settings for organizations Configure locale settings for users

Configuring the default theme

Configure the default theme for the appliance Configure the default theme for a user

Configure data sharing preferences About DIACAP compliance requirements

Enable or disable the Acceptable Use Policy

Configuring Mobile Device Access

Enable Mobile Device Access for the appliance Enable Mobile Device Access for users Download and use KACE GO Disable Mobile Device Access on the appliance Disable Mobile Device Access for users

Enable fast switching for organizations and linked appliances Linking Quest KACE appliances

Enable appliance linking Add Names and Keys to appliances Enable access to Federation API settings Disable appliance linking

Configuring history settings

About history settings Managing settings history

Configure settings history subscriptions for organizations Configure settings history subscriptions for organizations View settings history

Managing asset history

Configure asset history subscriptions View asset history

Managing object history

Configure object history View object history

Using change history information

View the change history of items Search for items in change history lists Delete history records Export history records

Configuring Content Security Policy

Enable Content Security Policy

Setting up and using labels to manage groups of items

About labels

About Smart Labels About LDAP Labels About label groups About organization filters

Tracking changes to label settings Managing manual labels

Add or edit manual labels View manual label details Delete manual labels

Managing Smart Labels

Add Smart Labels Example: Combine Smart Labels to identify devices Edit Smart Labels Setting up labels for user accounts

Add an All Ticket Owners label

Using Smart Labels for patching

Add a Smart Label for critical OS patches Add a Smart Label for new patches

Using Smart Labels with Discovery Results

Add Discovery Results Smart Labels Changing the run order of Discovery Results Smart Labels

Adding Smart Labels for devices

Add a Smart Label for desktops Add a Smart Label for servers Add a Smart Label for laptops

Assign the Smart Label run order Delete Smart Labels

Managing label groups

Add, view, or edit label groups Assign labels to or remove labels from label groups Delete label groups

Managing LDAP Labels

Add or edit LDAP Labels Enable LDAP Labels Delete LDAP Labels Use the LDAP Browser

Configuring user accounts, LDAP authentication, and SSO

About user accounts and user authentication About locale settings Managing System-level user accounts

Add or edit System-level user accounts Manage appliance administrator email notifications Delete System-level user accounts

Managing organization user accounts

Add or edit User Roles Delete User Roles Add or edit organization user accounts Customize user details Archive user accounts

View or edit user profiles Using an LDAP server for user authentication

About the login account on your LDAP server Configure and test LDAP user authentication

Importing users from an LDAP server

Import user information manually Import user information according to a schedule

About single sign on (SSO)

Using external LDAP or Active Directory servers for single sign on

Enabling and disabling single sign on

Enable single sign on Disable single sign on

Using Active Directory for single sign on

Configure Active Directory as the single sign on method Configuring browser settings for single sign on

Configure Microsoft Edge browser settings Configure Firefox browser settings Use Active Directory single sign on to access the Administrator Console or User Console

Unjoin the domain and disable Active Directory single sign on

Configure SAML for single sign on

Example: Using Microsoft Active Directory in Azure as a SAML Identity Provider

Reviewing user sessions

Install and configure the location database View a list of user sessions

Deploying the KACE Agent to managed devices Using Replication Shares

Create Replication Shares View Replication Share details

Managing credentials

Tracking changes to Credentials Management settings Add and edit Secret Key credentials Add and edit User/Password credentials Add and edit LDAP User/Password credentials Add and edit Google Workspace credentials Add and edit SNMP credentials Add and edit Microsoft Office 365 OAuth credentials View credential usage Create reports from the Credentials Management list Export credentials information Delete credentials

Configuring assets

About the Asset Management component Using the Asset Management Dashboard

About the Asset Management Dashboard widgets Customize the Asset Management Dashboard

About managing assets

How asset information differs from inventory information Identifying the assets to track View assets and search for asset information Add barcodes to assets Change device owners View and configure asset lifecycle settings

Adding and customizing Asset Types and maintaining asset information

About Asset Types Customizing Asset Types

About renaming fields and changing field types in Asset Types About adding and deleting asset fields Add or customize Asset Types About customizing the Device Asset Type Example: Add custom fields to the Device Asset Type Establishing relationships between asset fields Delete Asset Types

About Asset Subtypes, custom fields, and device detail preferences

Workflow for using Asset Subtypes with SNMP devices Add Asset Subtypes and select Device Detail page preferences Edit Asset Subtypes Set an Asset Subtype as the default View subtypes available to Asset Types View Asset Subtypes on the Assets page Assign or change Device Asset Subtypes from the Devices page Assign assets to subtypes or change subtype assignments from the Assets page Update custom asset fields manually Delete Asset Subtypes

Managing Software assets

Customize the Software Asset Type Adding Software assets

Add Software assets on the Software list Add Software assets in the Assets section

Managing physical and logical assets

Add physical Asset Types Archive device Assets

Maintaining and using manual asset information Managing locations

Manage locations Add or edit locations Customize location fields

Managing contracts

Manage contracts Add or edit contracts

Managing licenses

Manage licenses Add or edit licenses

Managing purchase records

Manage purchase records Add or edit purchase records

Setting up License Compliance

About License Compliance for Software Catalog applications

About license upgrades About license downgrades

Customize the License Asset Type Add License assets for Software Catalog inventory Add License assets for Software page inventory Importing license data in CSV files

How asset information is handled during import Importing asset data using CSV files

Prepare asset data before importing Example: Import license data from prepared spreadsheets

Managing License Compliance

View License Compliance information for Software Catalog applications Reclaim unused software licenses Update software License Compliance information manually Customize license usage warning thresholds View License Compliance and Configuration information

Setting up Service Desk

Setting up roles for user accounts

About default roles Create a Service Desk staff role Assign user roles Apply labels and roles to Service Desk staff Create the DefaultTicketOwners account

Configuring email settings

About email notifications About Ticket Rules About POP3 email accounts Create and configure POP3 email accounts Configure email preferences Configuring email triggers and email templates

Configure email triggers Configure email templates

Configure CC lists for ticket categories Automatically add email addresses to ticket CC List fields Exclude addresses from ticket CC List fields Prevent email loops

Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations

About organizations

About the Default organization

Tracking changes to organization settings Managing Organization Roles and User Roles

Available default roles Add or edit Organization Roles Duplicate Organization Roles Delete roles

Adding, editing, and deleting organizations

Add or edit organizations Configure Two-Factor Authentication for organizations Delete organizations Customizing the logos used for the User Console and organization reports

Managing user accounts for organizations Managing organization filters

How organization filters work Add or edit organization Data Filters Add or edit organization LDAP Filters Test organization filters Delete organization filters

Managing devices within organizations

Using Filter for Advanced Search Filter devices Redirect devices

Understanding device details Running single organization and consolidated reports

Importing and exporting appliance resources

About importing and exporting resources Transferring resources among appliances using Samba share directories

Export resources from an appliance Import resources to an appliance

Transferring resources among organizations

Export resources from organizations Import resources to organizations

Managing exported resources at the System level

View or delete shared resources Move shared resources from the local appliance to network locations View or delete the status of resource exports

Managing inventory

Using the Inventory Dashboard

About the Inventory Dashboard widgets Customize the Inventory Dashboard

Using Device Discovery

About Device Discovery and device management Tracking changes to Discovery settings Discovering devices on your network

Add a Discovery Schedule to perform a quick "what and where" scan of your network

Things to take into consideration with Nmap discovery

Add a Discovery Schedule for a thorough scan of managed Windows, Mac, Linux, and UNIX computers Obtain a Client ID and Client Secret for use in discovering Chrome devices Add a Discovery Schedule for a KACE Cloud Mobile Device Manager device Add a Discovery Schedule for a Google Workspace device Add a Discovery Schedule for an Workspace ONE device Add a Discovery Schedule for a VMware ESXi host or a vCenter Server Add a Discovery Schedule for a Microsoft Hyper-V or System Center Virtual Machine Manager System Center Virtual Machine Manager Credential Requirements Add a Discovery Schedule for SNMP-enabled non-computer devices About Discovery Results View and search Discovery Results Provision the Agent using the discovered IP address or hostname Stop a running discovery scan Delete Discovery Schedules

Managing device inventory

About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information

Add custom data fields Schedule inventory data collection for managed devices View device inventory and details Viewing information about devices enrolled in KACE Cloud MDM Groups and sections of items in device details About Dell Data Protection | Encryption (DDP|E) and encryption information in device details Add a Dump Inventory registry key to permit inventory collection on Windows DDP|E client devices

Add the DumpXmlInventory registry key to an Agent-managed Windows device Add the DumpXmlInventory registry key to an Agentless-managed Windows device

About Intel AMT information in device details

Finding and managing devices

Finding devices in inventory Labeling devices to group them

Add, apply, and remove manual device labels Using Smart Labels for devices

Run actions on devices View devices that have been added manually Delete devices from inventory

Registering KACE Agent with the appliance

Manage KACE Agent tokens Review quarantined KACE Agents

Provisioning the KACE Agent

Enabling file sharing

Enable file sharing at the System level Enable organization-level file sharing with the Organization component enabled Enable file sharing without the Organization component enabled

Provisioning the KACE Agent using the GPO Provisioning Tool for Windows devices

Prepare to use the GPO Provisioning Tool for Agent deployment Provision KACE Agents using the appliance GPO Provisioning Tool

Provisioning the KACE Agent using onboard provisioning

Preparing to install the KACE Agent Install the KACE Agent on a device or multiple devices

Managing provisioning schedules

View, run, edit, or duplicate provisioning schedules Delete provisioning schedules View provisioning results

Managing Agent communications

Configure Agent communication and log settings View Agent task status View the Agent Command Queue Delete messages from the Agent command queue

Updating the KACE Agent on managed devices

View KACE Agent updates Configure Agent update settings Upload Agent updates manually

Manually deploying the KACE Agent

Obtaining Agent installation files Manually deploying the KACE Agent on Windows devices

Manually deploy the KACE Agent on Windows devices using the installation wizard Manually deploy the KACE Agent on Windows devices using the Command line Manage the KACE Agent on Windows devices using the Windows system tray

Manually deploying and upgrading the KACE Agent on Linux devices

Manually deploy the KACE Agent on Linux devices Deploy the KACE Agent on Linux devices at startup or login Upgrade the KACE Agent on Linux devices

Performing Agent operations on Linux devices

Start and stop the Agent on Linux devices Manually remove the Agent from Linux devices Verify that the Agent is running on Linux devices View the Agent version on Linux devices Collecting inventory information

Manually deploying and upgrading the KACE Agent on Mac devices

Deploy or upgrade the KACE Agent to Mac devices using the Agent installer Deploy the Agent to Mac devices using the terminal window Use shell scripts to deploy the KACE Agent

Performing other Agent operations on Mac devices

Start or stop the Agent on Mac devices Manually remove the Agent from Mac devices Verify that the Agent is running on Mac devices Verify the version of the Agent on Mac devices Collecting inventory information from Mac devices Manage the KACE Agent on Mac devices using the menu bar

Viewing information collected by the Agent

Using Agentless management

About Agentless device management

Operating systems supported by Agentless management About enabling Agentless management on Agent-managed devices

Managing Agentless devices

Enable Agentless management using Discovery information Enable Agentless management by entering device information manually Shell support for SSH connections Edit Agentless device connection details or delete Agentless devices

Using SNMP Inventory Configurations to identify specific SNMP objects and non-computer devices to add to inventory

Obtain a list of object identifiers (OIDs) using the Administrator Console Map Object Identifiers to fields in the inventory table Apply an SNMP Inventory Configuration to a device About printer templates

Adding devices manually in the Administrator Console or by using the API

About managing devices Tracking changes to inventory settings Add devices manually with the Administrator Console Adding devices manually using the API

Submit inventory information using the API Sample Perl script Valid XML schema for Windows Example using the XML schema for Windows devices Valid XML schema for Linux and Mac devices Upload an XML file using the Administrator Console

Forcing inventory updates

Force inventory updates from the appliance Force inventory updates from Windows devices Force inventory updates from Mac OS X devices Force inventory updates from Linux devices

Managing MIA devices

Configure MIA settings Apply labels to MIA devices Delete MIA devices manually Troubleshoot devices that fail to appear in inventory

Obtaining Dell warranty information

Obtain Dell warranty information on a single Dell device instantly Renew a Dell warranty Run Dell warranty reports

Managing applications on the Software page

About the Software page

View items in Software page inventory

Tracking changes to inventory settings Adding and deleting applications in Software page inventory

Add applications to Software page inventory manually Delete applications

Creating Software assets

Add Software assets in the Inventory section Add Software assets in the Assets section Attach digital assets to applications and select supported operating systems Copy files to the appliance Client Drop location

Using software threat levels and categories

Assign threat levels to applications Assign categories to applications

Finding and labeling applications

About finding applications using Filter Add manual software labels Apply manual labels to or remove labels from software Add software Smart Labels

Managing the ITNinja feed

Enable the ITNinja feed Viewing ITNinja information

View ITNinja information for software View ITNinja information for Managed Installations View ITNinja information for File Synchronizations

Disable the ITNinja feed

Managing Software Catalog inventory

About the Software Catalog

Application classifications About cataloged applications About Locally Cataloged applications About Not Allowed applications Application categories How Software Catalog information is collected How the Software Catalog is used with the Organization component How Software Catalog information is localized How you can help improve the Software Catalog Differences between the Software page and the Software Catalog page

Viewing Software Catalog information

View lists of Discovered and Not Discovered applications View the list of Uncataloged applications View the list of Locally Cataloged applications View details of Software Catalog applications

Adding applications to the Software Catalog

Submitting cataloging requests automatically adds applications to the local Software Catalog How Locally Cataloged applications change to Cataloged applications How custom names are resolved when Locally Cataloged applications are added to the Software Catalog Submit cataloging requests Cancel cataloging requests and remove local cataloging

Managing License assets for Software Catalog applications

Add License assets for Software Catalog inventory Migrate License assets to applications in the Software Catalog

Associate Managed Installations with Cataloged Software Using software metering

About software metering

About Classic Metering

About metering information

About the scripts that collect metering information How suites are metered

Enabling and configuring metering for devices and applications

Choosing the devices and applications to meter Enabling metering on devices Enable metering on devices using manual labels Enable metering on devices using Smart Labels Enable metering for Software Catalog applications Configure options for metering Software Catalog applications

Viewing Software Catalog metering information

View metering information on the Software Catalog Detail page View metering information on the Device Detail page

Disabling metering for Software Catalog applications and managed devices

Disable metering for Software Catalog applications Disabling metering for devices

Managing metering and scheduling inventory collection

Schedule metering and inventory collection intervals

Using Application Control

Requirements for blocking applications How applications are blocked About denying access to application editions that share executable files Applications that cannot be blocked Apply the Application Control label to devices Mark applications and suites as Not Allowed View applications and suites that are marked as Not Allowed Create reports showing applications marked as Not Allowed Remove the Not Allowed designation from applications

Update or reinstall the Software Catalog

Managing process, startup program, and service inventory

Managing process inventory

View and edit process details Add labels for processes Apply labels to or remove labels from processes Categorize processes Assign threat levels to processes Delete processes

Managing startup program inventory

View and edit startup program details Add labels for startup programs Apply labels to or remove labels from startup programs Categorize startup programs Assign threat levels to startup programs Delete startup programs

Managing service inventory

View and edit service details Add labels for services Apply labels to and remove labels from services Categorize services Assign threat levels to services Delete services

Writing custom inventory rules

About Custom Inventory rules Types of Custom Inventory rules Create Custom Inventory rules

How Custom Inventory rules are implemented Syntax for Custom Inventory rules

Checking for conditions (conditional rules) Getting values from a device (Custom Inventory Field) Matching filenames to regular expressions

Understanding regular expressions Regular Expression Rule Reference

Defining rule arguments Test Custom Inventory rules

Deploying packages to managed devices

Distributing software and using Wake-on-LAN

About software distribution

About testing software distribution

Tracking changes to distribution settings Types of distribution packages

Attaching digital assets to applications and selecting supported operating systems

Distributing packages from the appliance Distributing packages from alternate download locations and Replication Shares

About alternate download locations About Replication Shares

Distributing applications to Mac OS X devices Using Managed Installations

Adding applications to inventory About creating Managed Installations About installation parameters Identify parameters that are supported by installer files Create Managed Installations for Windows devices Examples of common deployments on Windows

Standard MSI example Standard EXE example

Create Managed Installations for ZIP files Create Managed Installations for RPM files Create Managed Installations for TAR.GZ files Create Managed Installations for macOS X devices

Create and use File Synchronization Using Wake-on-LAN

Issue Wake-on-LAN requests Schedule Wake-on-LAN requests Troubleshooting Wake-on-LAN

Exporting Managed Installations

Broadcasting alerts to managed devices

Create alerts to be broadcast

Running scripts on managed devices

About scripts

Obtaining script dependencies

Tracking changes to scripting settings About default scripts Adding and editing scripts

Token replacement variables Add offline KScripts, online KScripts, or online shell scripts Edit scripts Delete scripts from the Scripts page Delete scripts from the Script Detail page Structure of importable scripts Import scripts Duplicate scripts

Using the Run and Run Now commands

Run scripts from the Run Now page Run scripts from the Script Detail page Run scripts from the Scripts page Monitor Run Now status and view script details

Edit policies and scripts Search the scripting logs Exporting scripts

Using Task Chains

Add and edit Task Chains

Patching devices and maintaining security

Using the Security Dashboard

About the Security Dashboard widgets Customize the Security Dashboard

About patch management

Patching workflow About patch signature files About patch packages About patch testing and security

About the patch testing environment

About the patch quality assurance process Best practices for patching

Subscribing to and downloading patches

About patch subscription and downloads Websites that must be accessible to the appliance Overview of first-time patch-subscription workflow View details about operating systems and applications Subscribing to patches and configuring download settings

Subscribe to patches Select patch and feature update download settings

Viewing available patches and download status

View available patches View patch download status

Best practices for resolving patch subscription issues

Creating and managing patch schedules

About scheduling critical OS patches for desktops and servers

Workflow for critical OS patches for desktops and servers

About scheduling critical patches for laptops

Workflow for critical patches for laptops

About scheduling non-critical patches Configuring patch schedules

Configure patch schedules Error codes caused by patching and scripting

Viewing patch schedules, status, and reports

View a list of patch schedules Review patch schedule details Patching status definitions View patch status View patch status by device View files within patches View patch reports

Managing patch rollbacks

Determine whether a patch can be rolled back Undo the last patching job

Managing patch inventory

Prerequisites for managing patch inventory Viewing patch information

View downloaded patches View patch details Resetting the number of patch deploy attempts

Reset the number of patch deploy attempts from the patch Catalog Reset the number of patch deploy attempts from the patch detail page

View patch information for devices in inventory View devices missing patches

Viewing patch statistics and logs

View patch statistics View the patch log

Mark patches as inactive Patch Mac OS X devices

Managing Windows Feature Updates

Subscribe to Windows Feature Updates Configure Windows Feature Update schedules View Windows Feature Update schedules Review Windows Feature Update schedule details View available Windows Feature Updates View Windows Feature Update status

Managing Dell devices and updates

Differences between patching and Dell Updates Select Dell Update download settings Configure Dell Update schedules View Dell Update schedules Review Dell Update schedule details View available Dell Updates View Dell Update status

Managing Linux package upgrades

View Linux package upgrade schedules Configure Linux package upgrade schedules Review Linux package upgrade schedule details Review Linux package upgrades

Manage quarantined file attachments

Using reports and scheduling notifications

About reports and notifications

About reports About notifications Tracking changes to report settings

Creating and modifying reports

Creating reports

Create reports using the report wizard Create reports using SQL queries Create reports from list pages Duplicate reports Edit SQL statements on reports created with the report wizard Create reports from history lists

Modifying reports

Edit reports Delete reports

Customizing logos used for reports

Scheduling reports and notifications

Running single-organization and consolidated reports

Run single-organization reports Run consolidated organization reports

Scheduling reports

Add report schedules Delete report schedules

Scheduling notifications

Add notification schedules from the Reporting section Add notification schedules from list pages Edit notification schedules Delete notification schedules

Monitoring devices

Getting started with monitoring

Enable monitoring for a device

Enable monitoring for one or more devices from the Devices inventory list Enable monitoring for a server from its Device Detail page

Obtaining a new license key to increase server monitoring capacity Apply a new license key to increase server monitoring capacity

Working with monitoring profiles

Edit a profile Configure SNMP trap messages and alerting criteria Create a new profile using a default profile as a template Profile log paths for MySQL and Apache Upload a profile that was created by another user Download a profile so that it can be used by others Bind an additional profile to a device Define nonstandard log date format Configuring application and threshold monitoring with Log Enablement Packages

Install one or more LEPs on monitored devices Edit the monitoring Log Enablement Package (LEP) for a Windows Server 2008 or higher device

Managing monitoring for devices

Pause monitoring for a device Pause or resume monitoring for multiple devices Set the polling interval and any automatic dismissal or deletion of alerts Disable ping probe Receive alerts when device configurations change Schedule a Maintenance Window during which time alerts are not collected from a device Create and assign monitoring-specific roles Disable monitoring for one or more devices Enable monitoring for one or more devices

Working with alerts

Add notification schedules from the Monitoring Alerts list page Create a Service Desk ticket from an alert Search for alerts using Filter criteria Filtering alerts using the Include Text and Exclude Text capability

Filter alerts using the Include Text and Exclude Text capability from the Profile Details page Filter alerts using the Exclude Text capability from the Monitoring Alerts list page Examples of Include Text and Exclude Text for monitoring profiles

Dismiss an alert Retrieve and review alerts that have been dismissed from the alerts list Delete alerts

Using the Service Desk

Configuring Service Desk

System requirements About Service Desk Overview of setup tasks Import tickets from another system Configuring Service Desk business hours and holidays

Configure Service Desk business hours Configure Service Desk holidays

Configuring Service Level Agreements

Enable Service Level Agreements

Configuring Service Desk ticket queues

Configure ticket queues Configure queue-specific email settings Rename Service Desk titles and labels Enable or disable the conflict warning View and edit response templates

Configuring ticket settings

Customize the Ticket Detail page

Customizing the User Console home page

Change the User Console logo and text at the System level Change the User Console logo and login text at the Admin-level Show or hide action buttons and widgets on the User Console home page Show or hide links to Knowledge Base articles on the User Console home page Add, edit, hide, or delete User Console announcements Prioritize User Console announcements or mark an announcement as urgent Add, edit, or delete custom links on the User Console home page Add ticket links to the User Console home page Add a quick-action link for reporting problems on the User Console home page About the session timeout period

Using the Satisfaction Survey

Changing the Satisfaction Survey default behavior

Change the Satisfaction Survey label Remove the Satisfaction Survey field from tickets

Enable or disable security for Service Desk attachments

Using the Service Desk Dashboard

About the Service Desk Dashboard widgets Customize the Service Desk Dashboard

Managing Service Desk tickets, processes, and reports

Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console

Create tickets from the User Console Create tickets from the Administrator Console Ticket page Create tickets from the Device Detail page Create tickets from the Asset Detail page Create a Service Desk ticket from an alert

Creating and managing tickets by email

About attachments to tickets created through email Enable email ticket creation Create a ticket by email Modifying ticket attributes using email Clearing a ticket field using email Changing ticket fields using email Changing ticket approval fields using email

Setting or changing custom fields using email

Viewing tickets and managing comments, work, and attachments

Navigate among tickets, related devices, and assets Add work information for tickets Use default views for tickets Create Filter views for tickets Set a view as the default view for tickets Add comments to tickets Add owner-only comments to tickets View ticket comments Add or delete screen shots and attachments from Service Desk tickets View ticket activity history Send ticket information through email Run Device Actions from tickets

Merging tickets

Enable ticket merge Merge tickets from the Tickets list page Merge tickets from the Ticket Detail page

Using the ticket escalation process

Understanding ticket states Understanding the escalation time limit Understanding escalation Changing ticket escalation settings Change the list of escalation email recipients Change the Response and Resolution time limits Change the default escalation email message

Using Service Desk processes

Add, edit, and enable process templates Define process types Create process tickets to manage related tasks Create process tickets by email View process information Cancel or complete process tickets Delete process templates Convert process tickets to regular tickets Convert regular tickets to process tickets

Using Ticket Rules

Using and configuring system Ticket Rules Understanding and customizing system Ticket Rules Create custom Ticket Rules Duplicate a custom Ticket Rule Delete a custom Ticket Rule Move a Ticket Rule from one queue to another

Run Service Desk reports Archiving, restoring, and deleting tickets

Enable ticket archival Configure queue archive settings Archive selected tickets Restore archived tickets Delete archived tickets

Managing ticket deletion

Configure ticket deletion settings Delete tickets

Managing Service Desk ticket queues

About Service Desk ticket queues Adding and deleting queues

Add a queue Add a queue by duplicating an existing queue Delete a queue or queues

Viewing tickets in queues

View tickets across all queues

Setting the default queue

Set the default queue at the system level Set the default queue at the user level

Set the default fields for the All Queues ticket list Move tickets between queues Bulk edit tickets in a queue

About User Downloads and Knowledge Base articles

Managing User Downloads

Add User Downloads Apply labels to User Downloads Remove labels from User Downloads Delete User Downloads

Managing Knowledge Base articles

Add, edit, or duplicate Knowledge Base articles Delete Knowledge Base articles View user ratings and the number of views for Knowledge Base articles

Customizing Service Desk ticket settings

About customizing Service Desk ticket settings Create ticket categories and subcategories Customizing ticket values

Customize ticket status values Customize ticket priority values Customize ticket impact values

Customizing ticket layout

Customize Layout and Related Ticket Fields Configure Comment Field Options Define custom ticket fields Customize the ticket list layout Manage ticket templates Configure a ticket template Preview ticket layout

Using parent-child ticket relationships

Enable parent-child ticket relationships for a queue Enable parent tickets to close child tickets Create child tickets for any ticket Designate tickets as parents and add existing tickets as their children Use a parent ticket as a to-do list Use parent tickets to organize duplicate tickets

Using ticket approvers

Configure ticket approvers Approving tickets by email

Configuring SMTP email servers

Connect your email server to the appliance Using internal and external SMTP servers

Use the internal SMTP server Use an external SMTP server or Secure SMTP server

Maintenance and troubleshooting

Maintaining the appliance

Tracking changes to settings About appliance backups

Set the daily backup schedule and the number of backups to retain Back up the appliance manually Download backup files from the Administrator Console Access backup files through FTP About deleting appliance backup data

Disable or enable appliance backups

Configure offboard backup transfer

Restoring the appliance

Restore the appliance using the most recent backup Upload backup files to the appliance Restore the appliance from backups Restore the appliance to factory settings

Updating appliance software

Check for and apply advertised appliance updates Upload an update file to the appliance manually Verify updates Update the appliance license key

Reboot or shut down the appliance Understanding the daily run output

Disk status Appliance network interface status Appliance up-time and load averages Email system health

Verify SMTP settings

Appliance backup status Status of RAID drives

Troubleshooting the appliance

Using Troubleshooting Tools

Verify the status of devices on the network Identify device issues Enable a tether to Quest KACE Support

Troubleshooting appliance issues

View appliance logs Download appliance activity logs Viewing the daily run output

Troubleshooting and debugging the KACE Agent

Resolve Windows security issues that prevent Agent provisioning

Testing and troubleshooting email communication

Test outgoing email Test incoming email Use Telnet to test incoming email Access appliance logs to view Microsoft Exchange Server errors Troubleshooting email errors

About Diagnostic Console Two-Factor Authentication

Appendixes

Database table names Adding steps to task sections of scripts LDAP variables

Glossary

A B C D E F I K L M N O P R S T U V W

About us

Technical support resources

Legal notices

• Viewing Topics 153 - 156 of 1029

×

Using an LDAP server for user authentication

Using an LDAP server for user authentication

About the login account on your LDAP server

Configure and test LDAP user authentication

User authentication can be done locally, using accounts created on the appliance, or externally, using an LDAP server.

If you use external LDAP server authentication, the appliance accesses a directory service to authenticate users. This allows users to log in to the appliance Administrator Console, User Console, or System Administration Console using their domain username and password.

For information about adding user accounts to the appliance for local user authentication, see:

•	About user accounts and user authentication

•	Managing user accounts for organizations

About the login account on your LDAP server

About the login account on your LDAP server

To set up LDAP user authentication, you need to create a login account for the appliance on your LDAP server. The appliance uses this account to read and import user information from the LDAP server.

The account needs read-only access to the Search Base DN field on the LDAP server. The account does not need write access, because the appliance does not write to the LDAP server.

In addition, the account must have a password that never expires. Because the password never expires, make sure it is very secure. The user can change the password (that complies with the appropriate security requirements), however, the password must be updated on the appliance. You can give the account a username, such as KACE_Login, or you can attempt to connect to the LDAP server using an anonymous bind.

Configure and test LDAP user authentication

Configure and test LDAP user authentication

You can configure and test connections from the appliance to an external LDAP server.

1.	Do one of the following:

◦	Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if Show organization menu in admin header is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.

◦	Log in to the appliance System Administration Console, https://appliance_hostname/system, or select System from the drop-down list in the top-right corner of the page.

The Dashboard or System Dashboard page appears.

2.	Go to the Admin-level or System-Level Authentication Settings page:

a.	On the left navigation bar, click Settings, then click Control Panel.

b.	On the Control Panel, in the User Authentication section. click Configure Trust with LDAP (Administrator Console only), or Configure Trust with LDAP (System Administration Console only).

3.	If you want to disable the local admin account, and you are logged in as an administrative-level user through LDAP or SAML, select Configure Trust with LDAP.

Disabling the built-in admin account does not affect a tether used by KACE Support, when required. For more information about this feature, see Enable a tether to Quest KACE Support.

4.	Select the LDAP Authentication option:

Option	Description
Local Authentication	Enable local authentication (the default). If local authentication is enabled, the password is authenticated against the existing entries in the local database at Settings > Users.
LDAP Authentication	Enable external user authentication using an LDAP server or Active Directory server. If LDAP Authentication is enabled, the password is authenticated against the external LDAP server. For assistance with authentication, contact Quest Support at https://support.quest.com/contact-support.

5.	Click the buttons next to the server names to perform the following actions:

Button	Action
	Schedule a user import for the server.
	Modify the server definition. For information about the fields in this section, see Table 5.
	Remove the server.
	Change the order of the server in the list of servers.

6.	Optional: Click New to add an LDAP server. You can have more than one LDAP server configured.

NOTE: All servers must have a valid IP address or hostname. Otherwise, the operation times out, which results in login delays when using LDAP authentication.

7.	To add a server, provide the following information:

Table 5. Server information

Option	Description
Name	The name you want to use to identify the server.
Host Name or IP Address	The IP address or the hostname of the LDAP server. If the IP address is not valid, the appliance waits to timeout, resulting in login delays during LDAP authentication.   NOTE: To connect through SSL, use an IP address or hostname. For example: ldaps://hostname.
Port	The LDAP port number, which is usually 389 (LDAP) or 636 (secure LDAP).
Base DN	The criteria used to search for accounts. This criteria specifies a location or container in the LDAP or Active Directory structure, and the criteria should include all the users that you want to authenticate. Enter the most specific combination of OUs, DCs, or CNs that match your criteria, ranging from left (most specific) to right (most general). For example, this path leads to the container with users that you need to authenticate: OU=end_users,DC=company,DC=com.   NOTE: Domain Users is a special group that is not added to the memberof attribute values. For Domain Users members, use this format: (primaryGroupId=513).
Advanced Search	The search filter. For example: (&(sAMAccountName=KBOX_USERNAME)(memberOf=CN=financial,DC=example,DC=com))
Login	The credentials of the account the appliance uses to log in to the LDAP server to read accounts. For example: LDAP Login:CN=service_account,CN=Users, DC=company,DC=com. If user name and password are not provided, the tree lookup is not performed. Each LDAP Label can connect to a different LDAP or Active Directory server.
Password	The password of the account the appliance uses to log in to the LDAP server.
Role	(Required) The user’s role: • Global Administrator: The user can access the System Administration Console, and each organization’s Administrator Console as an administrator with full read/write permissions. They must first log in to the System Administration Console, and then log in to the applicable organization account using the drop-down list in the top-right corner. • Administrator: The user can log in to and access all features of the Administrator Console, User Console, or System Administration Console. • Read Only Administrator: The user can log in, but cannot modify any settings in the Administrator Console, User Console, or System Administration Console. • User Console Only: The user can log in only to the User Console . This role is only available in the Administrator Console. • No Access: The user cannot log in to the Administrator Console, System Administration Console or User Console. No Access is the default role.   NOTE: These roles are predefined and you cannot edit them. However, you can create and edit custom roles as needed.

NOTE: Record the search and filtering criteria you use for filling out this form. You use this same information to import user data, and later to schedule user import on a regular basis.

8.	Click Save.

9.	Test authentication on an external LDAP server as follows:

a.	Select the LDAP Authentication.

b.	Click the Edit button next to the server on which the user account you are testing is located .

c.	In the Advanced Search: box, replace KBOX_USER with the username to test. The syntax is sAMAccountName=username.

d.	Enter the user’s password in the Password for test field.

e.	Click Test.

If the test is successful, the authentication setup is complete for this user, and other users in the same LDAP container.

Importing users from an LDAP server

Importing users from an LDAP server

Import user information manually

Import user information according to a schedule

You can import user information from LDAP servers to create user accounts on the appliance. This provides administrators, such as Service Desk staff, with a richer set of data to use when working with users.

There are two ways to import user information:

•	Manually: See Import user information manually

•	According to a schedule: See Import user information according to a schedule

NOTE: User information is overwritten each time users are imported to the appliance. Password information, however, is not imported. Users must enter their passwords each time they log in to the Administrator Console or User Console.

•  이전
• Viewing Topics 153 - 156 of 1029
• 다음 

이 문서 검색 이 제품 버전에 대한 모든 문서 검색 이 제품에 대한 모든 문서 검색 모든 문서 검색

×

 지원 시작

계열사 지원 사이트에서 Quest *제품*에 대한 온라인 지원 도움말을 볼 수 있습니다. 올바른 *제품* 지원 콘텐츠 및 지원에 연결하려면 계속을 클릭하십시오.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택

© ALL RIGHTS RESERVED. 이용 약관 개인정보 보호정책 Cookie Preference Center