Chat now with support
Chat with Support

KACE Desktop Authority 11.1 - Administrator Guide

Administrator's Guide
Product Improvement Program Installation Help Concepts User Interface Validation Logic Configuration Computer Management User Management Reference File Paths
Setup Tool

Master Services

The Desktop Authority Master services are composed of the Operations and Manager services and are background services that are used to push data through the system. The Operations and Manager services can be configured using a single user account.

The Operations service (formerly known as the Master service) is a background service that is used to manage and configure Desktop Authority's plugins. It will reach out to each server on the network where the Desktop Authority Administrative service is installed (SLETL$ share). The user account used to configure this service must have appropriate permissions to access the share. The ETLProcessor and ReportScheduler plugins are used to manage collected data and execute scheduled reports. The Operations service requires a user account that is a local administrator of the Operations Master server.

The Desktop Authority Manager service (formerly known as the OpsMaster service) is used to manage the Web-based Manager, replication, assign scripts, and connectivity and communication between the Manager and the database. It requires a user account that is a local administrator of the Operations Master server and any other servers that will run Desktop Authority services. This service account is also used when browsing out to Active Directory objects, files and folders and for GPO deployment, unless the system preference option, 'Use current user rights for browsing resources' is selected. This option can be changed in the Desktop Authority Setup Tool on the Global System Settings tab.

The default ports for these services are 8017 and 57238. If either of these ports are being used, a new port must be selected. The installer will check each port for usage and will notify you if they are currently in use. However, if you know that some other application uses either of these ports (but is not currently running) be sure to change them on this dialog. These ports may be changed at a later point in time using the Desktop Authority Setup tool.

Click the Browse button to select an appropriate user account and enter the credentials for each service. Check the box to create a database login if necessary.

Modify the default ports if necessary.

Note: If Windows Authentication is chosen for the SQL database installation credentials, the accounts selected for the Operations and Manager services should have login access to the database. Select the Create database login if absent checkbox to allow the installer to create a SQL login for these accounts. Otherwise, they should be created manually. This option is only available when Windows Authentication is chosen for SQL.

User or Group

The User or Group dialog gives you the opportunity to designate a User or Group as the Super User(s). Any user (or users within a group) designated as a Super User will be given full control in the Desktop Authority Manager. Click the Browse button to select the appropriate User or Group.

Note: The user account of the person installing Desktop Authority will automatically be added as a Super User.

 

Website Configuration

IIS Application Pool

Note: The IIS Application pool identity section is available when using SQL Windows Authentication only.

The IIS Application pool identity is used to allow IIS to host web applications/virtual folders as standalone processes to avoid application crashes. Select a Domain User account for the IIS Application pool to use. This account will automatically be granted the necessary permissions if needed.

If Windows Authentication is chosen for the SQL database installation credentials, the account selected for the IIS Application pool will need to have login access to the database. Select the Create database login if absent checkbox to allow the installer to create a SQL login for these accounts. Otherwise, they should be created manually.

The Website Configuration dialog is used to configure the Web based console (Manager). These configurations are made in Internet Information Services (IIS).

The Web Site selection allows you to configure Desktop Authority to use a site other than the default site in IIS. If you choose to use a site other than the default, it must be created prior to getting to this part of the installation. The selected site must have an HTTP port binding defined for it.

Specify Desktop Authority and Web Service virtual directories. Please reference the File Paths table in the appendices for default path locations. IIS Virtual directories are mapped to these folders.

The Global Session Timeout value is the maximum amount of time the Desktop Authority Console can sit idle before logging the user out due to inactivity. This timeout value can be overwritten for individual users in the Desktop Authority Console Preferences dialog.

Publisher Evidence will disable for all ASP.NET applications to disable .NETs automatic validity checking of Authenticode signed signatures at startup. If publisher evidence is not disabled, some services may fail to start correctly at boot time due to lengthy delays imposed by the verification process.

Since Desktop Authority updates IIS, you have the option of performing a backup of IIS before any changes are made. It is recommended to always perform this backup of IIS since there is a possibility that other applications on the same site may conflict with each other. If there are any IIS problems following the install, the backup can be restored. Select the IIS metabase Backup option to enable the backup. The backup file created in the %systemroot%\system32\inetsrv\MetaBack folder. The default file name is created using a date, time format.

Off Network Remote Management

In order to remotely manage a client that is off-network, you must configure the feature here during install (or later in the DA Setup tool). Turn on the feature by selecting the I want to use Off Network Remote Management check box. A default IIS Virtual Directory and LAN TCP Port will be used. These may be overwritten if necessary.

Related Documents