Chat now with support
Chat with Support

KACE Systems Management Appliance 11.1 Common Documents - Release Notes

Quest® KACE® Systems Management Appliance 11.1 Release Notes

Quest® KACE® Systems Management Appliance 11.1 Release Notes

This document provides information about the KACE Systems Management Appliance version 11.1.

About KACE Systems Management Appliance 11.1

About KACE Systems Management Appliance 11.1

KACE Systems Management Appliance is a virtual appliance designed to automate device management, application deployment, patching, asset management, and Service Desk ticket management. For more information about KACE Systems Management Appliance series, go to https://www.quest.com/products/kace-systems-management-appliance/. This release contains a number of new features, resolved issues, and security enhancements.

New features

New features

This release of the KACE Systems Management Appliance includes the following features.

Device communications

KACE Agent system tray additions: More functionality added to the agent icon in the system tray, such as opening links. Your system administrators can specify up to ten links that appear in the new Shortcuts menu item. This menu item only appears when one or more links are specified in the agent communication settings, in the Agent Status Icon Shortcuts section.

Standard Uniform Resource Identifier (URI) links are supported, such as HTTP, SSH, and FTP URLs. Clicking this link causes your system to launch the application associated with the selected resource. For example, when you click an HTTP-type link, your system opens the link in the default browser.

Hyper-V Inventory: Inventory information and related device commands are added in this release for the Virtual Machine Manager and MS Hyper-V data, for agent-managed devices. Inventory details include a list of virtual machines and Hyper-V hosts to inventory. This is similar to the VMware inventory feature created in version 10.0.
Operating system support updates: The appliance now supports the following OS versions on agent-managed devices:
When connecting to the User Console using HTTPS from a macOS 11.0 system, the appliance cannot determine the Unique Identifier (KUID) of the agent associated with that system. This impacts the My Devices list and Software Library installs. The root cause of this problem is the new requirement for macOS 11.0 that all certificate trust setting must be approved by the user. This issue also causes the following entry to appear in the konea.log on the agent:

Patching

Linux package upgrades: The appliance now allows you to automate the process of installing and managing Linux package upgrades that keeps the Linux OS up to date on your managed Linux RedHat, SUSE, Ubuntu, CentOS, and Raspbian devices. These upgrades improve the overall performance of your managed Linux devices and protect them from potential vulnerabilities.

Use this feature to create upgrade schedules which allow you to either detect package upgrades, or detect and upgrade all applicable packages. You can review the list of the available package upgrades after a detect-only schedule action, for each Linux flavor.

The upgrade process relies on the assumption that your managed Linux devices point to the appropriate package repositories. Only the packages that include security updates are identified. The appliance does not attempt to detect or upgrade all packages, or to the entire OS to the latest version.

NOTE: The term update in KACE Systems Management Appliance assumes the following: if there are new versions of the packages available in the distribution’s repositories, the appliance uses the standard system commands to ensure that the system installs the latest version possible. This is not in any way meant to be exactly the same way that the word update (or upgrade) is used in the underlying system commands.
Integration with the new Dell hardware update catalog: Starting in this release, the appliance uses a new version of the Dell hardware catalog. The process of detecting and deploying hardware updates is very similar to the one used for device patching. Start by creating schedule updates to either detect, deploy, or both detect and deploy hardware updates. You can review the list of the available Dell updates on the catalog page. This page lists the updates for which signature files exist on the appliance.

Infrastructure

Oval for Linux and Mac: In this release, the appliance extends Oval support beyond existing MS Windows-only using the world's biggest and best selection of CVE data in the world.
License renewal alerts: When the appliance maintenance expires, some features such as patching support become unavailable. This causes an error alert to appear on the Home Dashboard. To renew your license, visit https://support.quest.com/contact-us/renewals.

Service Desk

Service Desk ticket category hierarchy: The Administrator Console is improved to allow you to make setting up categories and subcategories for Service Desk more streamlined. You can create and edit ticket category and subcategory nodes using a tree widget. The tree view allows you to better understand and manage the relationships between the categories. You can easily add new category nodes, rename, delete, or sort them, as needed. A search function is also available, to quickly locate a specific category or sub-category.
Ability to specify Service Desk ticket prefix: Starting in this release, you can use a different prefix for each queue to organize your Service Desk workflow, and to associate them with applicable categories, such as HELP: for Helpdesk or HDREQ: for hardware and software requisitions.
Support Microsoft 365 GCC High service: Your MS Office 365 OAuth credentials now allow you to specify your Azure AD tenant type and endpoint URL, to acquire tokens for the national cloud associated with your environment. When select an Office 365 OAuth for inbound Service Desk emails, you can point to an applicable Microsoft 365 API Service, such as Microsoft 365 GCC, Microsoft 365 GCC High, and others. Microsoft 365 GCC High in particular is used in high-security environments.

Enhancements

Enhancements

The following is a list of enhancements implemented in this release.

Enhancement

Issue ID

Windows Installer now preserves the NoHooks userinit registry setting during upgrade.

K1A-2393

Managed Installation can continue if the Agent disconnects.

K1A-2392

KACE Agent no verifies the Konea tunnel and alerts the server if broken.

K1A-2384

The user is alerted when reboot is pending and patching operations are skipped as a result.

K1A-2381

11.1 KACE macOS agents use PKG installer file rather than DMG disk image.

K1A-2374

API access can now be restricted through the Access Control List Details page.

K1-30596

This version includes the ability to sort by custom ticket fields in KACE GO.

K1-30562

SAML-enabled systems can now be locked down to allow access only to SAML-authenticated users and the local admin user.

K1-30246

This version includes an option to reject SAML users who do not already have an account on the appliance.

K1-30211

Approval Status column is added to the Quarantine list and Quarantine Detail pages.

K1-30105

In the General Settings page, an option is added to indicate interest in participation in a future Beta program.

K1-30071

The appliance now includes the ability to select an Azure AD GCC High account during the creation of credentials for a Office365 OAuth account, and to set the URL endpoint for a .us domain.

K1-22281

In the email notification text editor, the $ button now allows insertion of tokens.

K1-22082

Added the ability to select a single-tenant Azure AD account type during the creation of credentials for a Office365 OAuth account.

K1-21914

User's manager can now be reset to Unassigned either manually through the Administrator Console, or during LDAP import with an empty manager mapped field.

K1-19328

Discovery schedules for devices associated with an Active Directory server, now include a new option for enabling the appliance to use a secure port for LDAP communication, Use Secure LDAP (LDAPS). This check box is available in the Active Directory section on the Discovery Schedule Detail page, when you select Active Directory as the Discovery Type.

N/A

Access Control List restrictions can be now applied based on sub-domains. You can specify the sub-domain name on the Access Control List page, in the IP Address/Doomain column of the Allow List.

N/A

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating