Chat now with support
Chat with Support

KACE Systems Management Appliance 7.1 - Administrator Guide

About the KACE Systems Management Appliance (K1000) Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Verifying port settings, NTP service, and website access Configuring network and security settings Configuring Agent settings Configuring session timeout and auto-refresh settings Configuring locale settings Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Using Replication Shares Managing credentials Configuring assets
About the Asset Management component About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations
Setting up License Compliance Managing License Compliance Setting up Service Desk Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Provisioning the K1000 Agent Manually deploying the K1000 Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Managing Mac profiles
Patching devices and maintaining security
About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Dell devices and updates Maintaining device and appliance security
Using reports and scheduling notifications Monitoring servers
Getting started with server monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the K1000
Appendixes Glossary About us Legal notices

Disable single sign on

Disable single sign on

You can disable single sign on without removing the K1000 appliance from the domain.

1.
Go to the appliance Control Panel:
If the Organization component is enabled on the appliance, log in to the K1000 System Administration Console, http://K1000_hostname/system, or select System in the drop-down list in the top-right corner of the page, then click Settings.
2.
Click Security Settings to display the Security Settings page.
3.
In the Single Sign On section, select Disable.
Single sign on is disabled. Users who are currently logged in to the Administrator Console or User Console remain logged in until their sessions end. The next time they attempt to access the Administrator Console or User Console, however, they are required to enter their credentials.

Using Active Directory for single sign on

Using Active Directory for single sign on

When single sign on is configured to use Active Directory, authenticated users can access the Administrator Console or the User Console without having to enter login credentials.

To do so, users must type the hostname of the K1000 appliance in the browser address field. If users enter an IP address, they are directed to the appliance login page, instead of being signed on automatically, and they must enter their credentials to log in.

If you use Active Directory for single sign on, you must configure Internet Explorer and Firefox browsers to use the appropriate security settings.

Configure Active Directory as the single sign on method

Configure Active Directory as the single sign on method

Active Directory single sign on enables users who are logged on to the domain to access the K1000 Administrator Console and User Console without having to re-enter their logon credentials each time.

Before you connect the K1000 to an Active Directory server, verify that:

1.
Go to the appliance Control Panel:
If the Organization component is enabled on the appliance, log in to the K1000 System Administration Console, http://K1000_hostname/system, or select System in the drop-down list in the top-right corner of the page, then click Settings.
2.
In the Single Sign On section of the Security Settings page, select Active Directory, then provide the following information:

Option

Description

Domain

The hostname of the domain of your Active Directory® server, such as example.com.

Username

The username of the administrator account on the Active Directory server. For example, username@example.com.

Password

The password of the administrator account on the Active Directory server.

3.
Click Join.

These tests do not need write access and they do not check for permission to write to any directory. In addition, these tests do not verify username and password credentials. If the credentials are incorrect, the K1000 might not be able to join the domain even if the tests are successful.

A message appears stating the results of the test. To view errors, if any, click Logs, then in the Log drop-down list, select Server Errors.

4.
Optional: Select Force Join to join the server to ignore errors and join the domain.
5.
Click Save and Restart Services.

When users are logged in to devices that are joined to the Active Directory domain, they can access the K1000 User Console without having to re-enter their credentials. If users are on devices that are not joined to the Active Directory domain, the login window appears and they can log in using a local K1000 user account. See Add or edit System-level user accounts.

Configuring browser settings for single sign on

Configuring browser settings for single sign on

To use Active Directory single sign on with Internet Explorer and Firefox browsers, users must configure their browser settings to use the appropriate authentication. The Chrome™ browser does not require any special configuration.

Configure Internet Explorer browser settings

To use Active Directory single sign on with the Internet Explorer, you must configure the browser's security settings.

1.
In the Internet Explorer browser, click Tools > Internet Options > Security.
3.
Click custom level, then scroll to the bottom of the list.
4.
Select automatic logon with current username and password. If this option is not selected, Internet Explorer cannot automatically log in to the Administrator Console or User Console even if single sign on is enabled on the K1000.
Configure Firefox browser settings

To use Active Directory single sign on with Firefox, you must configure the browser's authentication settings.

1.
In the Firefox browser, type about:config in the address bar.
2.
In the Search field type the following network.negotiate-auth.trusted-uris.
Use Active Directory single sign on to access the Administrator Console or User Console

When Active Directory single sign on is enabled on the appliance, users who are logged in to the domain can access the Administrator Console or User Console without entering their credentials on the K1000 login page.

The Administrator Console or User Console appears, depending on user account privileges.
Related Documents