Professional Documents
Culture Documents
Administrator Guide
Release 5.2
© 2004-2011 Dell, Inc. All rights reserved.
Information concerning third-party copyrights and agreements, hardware and software warranty,
hardware replacement, product returns, technical support terms and product licensing is in the
KACE End User License agreement accessible at:
http://www.kace.com/license/standard_eula
4: Agent Provisioning 45
Overview of first time agent provisioning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
System requirements for agents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Preparing to provision the agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Enabling file sharing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Preparing for Windows Platform provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Single Machine Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
To deploy the agent on a single machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Advanced Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
To add a new item using Auto Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
To add a new item using Manual Provisioning by IP . . . . . . . . . . . . . . . . . . . . . . . . . . 52
To add a new item using Manual Provisioning by Hostname . . . . . . . . . . . . . . . . . . . 55
To run provisioned configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
To duplicate a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
To delete a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Deploying Agents from a Network Share . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Provisioned Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
To create a new configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
To delete a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
To enable a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
To disable a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Index 309
This chapter starts with an overview of this guide and the Dell KACE K1000 Management
Appliance interface components. The chapter then explains how to install and set up your
K1000, and finally it provides an overview of the K1000 Management Appliance
Administrator Console Home page features.
• A repository for software titles that are not required for all users.
• A way for users to submit and track Service Desk (or Service Desk tickets).
• Assistance for users in routine tasks like software installation and getting help from
the Knowledge Base.
Service Desk is accessible by browsing to http://k1000_hostname.
Hardware specifications
The K1000 Management Appliance include a high-performance server with the following
hardware configuration:
DNS Considerations
The K1000 Management Appliance requires its own unique static IP address. By default its
hostname is kbox. Whatever name used should be specified in the appropriate “A” record
created in your internal Domain Name System (DNS) server. An “MX” record containing the
hostname defined by the “A” record is required so that the users can e-mail tickets to the
Service Desk. A Split DNS is required if the appliance is connected to the Internet using a
reverse proxy or by being placed in the DMZ (demilitarized zone or Screened Subnet). A
DMZ adds an additional layer of security to a LAN (Local Area Network).
Field Description
Field Description
Network Speed User the Right arrow key to select from the available speeds if
you need to change the default.
SMTP Server To enable email notifications, specify an SMTP server,
enclosing the IP address with square brackets [].
SSH Enabled Permits console access to the K1000. Use the Right arrow key
to enable.
Proxy Enter any necessary proxy information.
4. Press the Down arrow to move the cursor to Save, and then press Enter or Return.
The appliance restarts.
5. While your appliance reboots, connect an Ethernet cable into the port labeled “Gb 1”
and to a switch on your network.
3. Enter the license key (including dashes) that you in received in the welcome email from
Dell KACE.
If you cannot find your license key, contact Dell KACE Customer support at
www.kace.com/support.
4. Enter a secure and unique password for the admin account.
5. Enter the name of your company or organization.
6. Select the timezone for your K1000 location.
7. Click Apply Settings and Reboot.
The appliance restarts.
8. When the appliance has restarted, refresh the browser page.
9. After accepting the EULA, log in using the username “admin” and the password you
chose.
You are now ready to start using the Administrator Interface. The following sections explain
the various K1000 Management Appliance feature components.
You can restore the factory settings of the appliance. For more information, refer to
Restoring to factory settings, on page 176.
The components are illustrated above, and the tabs are as follows:
Home Guided Tour Manage labels, which are a method for grouping
Summary machines, software, people, and so on. You can also
Labels have labels dynamically assigned by using “Smart
Search Labels.”
Provide overview statistics of your running
processes.
Also includes guided tours for learning more about
your K1000 Management Appliance.
Inventory Computers Administer the hardware and software managed by
Software your appliance.
Processes
Startup
Service
IP Scan
MIA
Asset Assets Track computers and other physical assets, such as
(Asset Management) Asset Types software, printers, and so on. Also used to:
Asset Import
• Determine software compliance.
Metering
• Establish relationships between assets (using
logical assets).
• Meter actual software usage.
For more information, see Asset Management
Guide.
Distribution Managed Installation Remote software distribution and administration,
File Synchronization including iPhones and Dell OpenManage updates.
Wake-on-LAN
Replication
iPhone (optional iPhone
Management)
Dell Updates
Scripting Scripts Automate system administration tasks.
Run Now
Run Now Status
Search Logs
Configuration Policy
Security Policy
Security Patching Reduce the risks from malware, spyware, and
OVAL viruses.
Secure Browsers. For more information about patching and security,
see Patching and Security Guide.
Using Home
The Home component includes tabs for:
Guided Tours
Tutorials that help you learn the appliance by walking you through some of basic tasks. The
Guided Tours supplement, but don’t replace, Boot Kamp and documentation.
Summary
The K1000 Summary page provides information about the configuration and operation of
your appliance. When you log on to the Administrator Console, the Home component
displaying the Summary tab appears by default.
The top of the K1000 Summary page provides updated news and popular FAQ information
about your Dell KACE K1000 Management Appliance:
Below the Summary are dashboard meters and graphs to give you a quick view of your
appliance status:.
Distributions
Displays the number of managed installations, scripts, and file synchronizations that are
enabled. This also displays the number of alerts that you have configured.
The following sections describe summary details sections. Each organization has its own
summary details.
Computer Statistics The computers on your network, including a breakdown of the operating
systems in use. In addition, if the number of computers on your network
exceeds the number allowed by your Dell KACE K1000 Management
Appliance license key, you are notified of it here.
Software Statistics The software in Inventory. The summary the number of software titles that
have been uploaded to the appliance.
Software Distribution The packages that have been distributed to the computers on your network,
Summary separated out by distribution method. The summary also indicates the
number of packages that are enabled and disabled.
Alert Summary The alerts that have been distributed to the computers on your network,
separated by message type. This also indicates the number of alerts that are
active and expired.
The IT Advisory refers to the number of Knowledge Base articles in Service
Desk.
Patch Bulletin The patches received from Microsoft, Apple, and so on. The summary
Information includes the date and time of the last patch (successful and attempted), total
patches, and total packages downloaded.
OVAL Information The OVAL definitions received and the number of vulnerabilities detected on
nodes in your network. The summary includes the date and time of the last
OVAL download (successful and attempted) and the number of OVAL tests
in the appliance, in addition to the numbers of computers scanned.
Network Scan Summary The results of Network Scans run on the network, including the number of IP
addresses scanned, the number of services discovered, the number of devices
discovered, and the number of detected devices that are SNMP-enabled.
This section explains how to accept the latest appliance server upgrade.
For details on how to find your current appliance version, see To Find Your Software
Version, on page 15.
Label
You can find the Label tab by going to Home > Label. However, you can also create labels
and smart labels within the other components of the Dell KACE K1000 Management
Appliance that use labels.
Search
You can perform a global search for terms through out the appliance on this tab.
What’s Next
Now that your appliance is installed and running, you need to configure it to fit your
company’s needs.
For the rest of the setup instructions, see Chapter 2: Configuring your Appliance, starting on
page 19.
This chapter explains the configuration settings necessary to set up and use your Dell KACE
K1000 Management Appliance.
Company- Enter the name of your company. This name appears in every pop-up window or
Institution alerts displayed to your users. For example, Dell.
Name
User Email Enter the domain to which your users send email. For example, dell.com.
Suffix
System Enter the email address of the appliance administrator.
Administrator This address receives system-related alerts, including any critical messages.
Email
Login Click the check box to enable the Login Organization drop-down.
Organization By enabling the Login Organization drop-down, the empty Organization: field on
Drop-down the Welcome login page will be replaced by a drop-down of the configured
organizations. For information about Organizational Management, see Chapter
13: Using Organizational Management, starting on page 209.
Note: The organization field or drop-down only appears if more than one
organization is configured.
Organization Click the check box to enable Organization Fast Switching.
Fast Switching By enabling Organization Fast Switching, the static Organization: field at the top
right corner of every page is replaced with a drop-down of organizations to which
the user has access.
Only those organizations that have the same user name and password appear in the
drop-down. For information about Organizational Management, see Chapter
13: Using Organizational Management, starting on page 209.
Send to Kace Crash reports Click the check box to send a report in the event of a
appliance crash.
This option is recommended because it provides additional
information to the Dell KACE Technical Support team in
case you need assistance.
Enable AppDeploy Click the check box to enable your appliance to share data
Live! with the AppDeploy Live! web site.
Session Set the number of inactive hours to allow all users before closing their session and
Timeout: requiring another login. The default is 1. Service Desk windows have Timeout
Session counters to alert users of this time limit. This time limit only counts periods
of inactivity. Users restart this timer with any action that causes the appliance
interface to interact with the appliance server (refresh a window, save changes,
change windows, etc.). If the session times out, any unsaved changes are lost, and
the users is presented with the login screen again.
Current K1000 The value in the field depicts the load on an appliance server at any
Load Average given point of time. For the server to run normally, the value in this
field must be between 0.0 and 10.0.
Last Task This value indicates the date and time when the appliance Task
Throughput Throughput was last updated.
Update
K1000 Task At any given point, the appliance has multiple tasks scheduled like
Throughput Inventory Updates, Scripting Updates, patching updated and
execution of scripts. The value in this field decides how the
scheduled multiple tasks are balanced by the appliance.
Note: The value of the task throughput can be increased only if the
value in the field Current K1000 Appliance load Average is
not more than 10.0 and the Last throughput update time is more
than 15 minutes.
Agent "Download This value determines the maximum number of agents that can
Throttle" download packages simultaneously. If that number of agents is
reached, an agent must finish communicating with the server
before an additional agent can start.
6. Specify the following User Portal settings if required to customize the User Portal
page:
User Portal (.jpg) Displayed at the top of the User Portal page.
• 224x50 pixels is the normal size.
• 104x50 pixels is shorter and doesn't clip the blue highlight around
the Log Out link.
• 300x75 pixels is maximum size that does not impact the layout.
Report (.jpg) Displayed at the top of reports generated by the appliance.
The report image dimensions are 120x32 pixels, which are specified in
the auto-generated XML layout. You can adjust the xml report if you
need a different layout size.
K1000Client Displayed in the agent.
(.bmp) The client bmp image is scaled to 20x20 pixels only and cannot be
customized to any other size. It is displayed on snooze pop-ups, install
progress pop-ups, alerts, and message windows created by scripts.
Login User Portal Displays on the User Portal login page.
(.jpg)
Some of the actions listed in the Machine Actions drop-down list require
Internet Explorer, because ActiveX is required to launch these programs on
the local machine. Firefox does not support this feature.
Most actions in the Action Icon drop-down list require you to install
additional software for them to function. For example, using DameWare
requires you to install TightVNC on your machine as well as on the machine
you want to access.
Click Action #1 or Action #2 next to the target machine on the Inventory >
Computers tab to execute the Machine Action.
10. In the Optional Ignore Client IP Settings section, enter IP addresses you would like
ignored as the node IP and then click Save List.
This might be appropriate in cases where multiple machines could report themselves
with the same IP address, like a proxy address.
11. In the License Usage Warning Configurations section, enter the new values.
12. Click Override Configuration to save.
This changes when the alert colors are used in the License Compliance Gauge, on
page 11. For information about setting up license assets, see K1000 Asset Management
Guide.
13. In the Data Retention section, click Edit Mode, and select the amount of time you
want to save machine uptime data.
Machine uptime data refers to information about the number of hours each day your
nodes are running. You can retain this data forever, never save it (None), or select 1
month, 3 month, 6 month (default), 9 month, or 12 month settings.
For more information about power management, see About monitoring power use, on
page 168.
14. Click Save Settings to save.
Saving any changes to the Network settings on this page forces the
Appliance to reboot. Total reboot downtime is 1 to 2 minutes—provided that
the changes result in a valid configuration.
K1000 Server We recommend adding a static IP entry for “K1000” to your DNS, and using the
(DNS) Hostname default Hostname and Web Server Name. The fully-qualified domain name of the
appliance on your network is the value of Hostname concatenated with Domain.
K1000 Web
Server Name For example, K1000.kace.com.
Nodes connect to the appliance using the Web Server Name, which can be the
hostname, fully-qualified domain name, or IP address.
For example, K1100.
Static IP Address The IP address of the appliance server.
Caution: Be careful when changing this setting. If the IP address is entered
incorrectly, refer to the appliance Administrative Console, and use the konfig
login to correct it.
Domain The domain that the appliance is on. The default value is corp.kace.com
Subnet mask The domain that the appliance is on. The default value is 255.255.255.0
Default gateway The default gateway.
Primary DNS The primary DNS server the appliance uses to resolve hostnames.
Secondary DNS (Optional) The secondary DNS server the appliance uses to resolve hostnames.
Network Speed The network speed. The network speed setting should match the setting of your
local LAN switch. When set to auto negotiate the system automatically determines
the best value.
This requires the switch to support auto-negotiate. Otherwise contact your
network administrator for the exact setting to be used.
b. To set the proxy server, click the Use Proxy Server check box, and then specify the
following proxy settings, if necessary:
The appliance includes support for a proxy server, which uses basic, realm-based
authentication, which prompts for a user name and password:
If your proxy server uses some other kind of authentication, you must add the IP
address of the appliance on the exception list of the proxy server.
For information about the Enable Service Desk POP3 Server setting, see the
Service Desk Administrator Guide.
7. Click Set Options to set the Network Server options.
If you change any security settings, you must reboot the appliance to make
the changes take effect.
When you activate SSL, port 80 continues to be active, unless Enable port 80
access check box is cleared. By default, the standard Agent installers attempt to
contact the appliance via port 80, and then switch to SSL over port 443, after getting
the server configuration. If you disable port 80, contact KACE Support to adjust the
agent deployment scripts to handle SSL. For ease of agent deployment, leave port 80
active.
b. Select the SSL Enabled on port 443 check box to have nodes check in to the
appliance server using https.
A properly signed SSL Certificate is required to enable SSL. Certificates should be
supported by a valid Certificate Authority. SSL settings should only be adjusted after
you have properly deployed the appliance on your LAN in non-SSL mode. If you are
enabling SSL, you will need to identify the correct SSL Private Key File and SSL
Certificate File.
The files must be in Privacy Enhance Mail (PEM) format, similar to those used by
Apache-based Web servers and not in the PCKS-12 format used by some Web
servers. It is possible to convert a PCKS-12 certificate into a PEM format using
software like the OpenSSL toolkit. Contact Dell KACE Technical Support if you want
to enable SSL on your appliance.
You can load SSL certificates into the appliance by any of these two methods:
• You can click SSL Certificate Wizard and follow the step by step procedure to
load the SSL certificates. Refer To generate an SSL Certificate, on page 28.
• If you have your own SSL certificate and SSL private key, click Edit Mode to edit
the field values.
In the Set SSL Private Key File field, browse to the SSL Private Key file and
browse to the signed SSL Certificate, in the Set SSL Certificate File field
8. Click Set Security Options, to save the changes and reboot the appliance.
Once you switch over to SSL, this is a one-way automatic shift for the nodes. They must
be reconfigured manually if you later decide not to use SSL.
9. In the Download New Patch Definitions area, click Edit Mode to edit the fields
and specify as follows:
10. In the Stop Download Of Patch Definitions area, click Edit Mode to edit the field
values and specify the following:
11. Click Set Patching Options to save the changes and reboot the appliance.
6. Click Set CSR Options. Your Certificate Signing Request is displayed in the field
below the Set CSR Options button. You need to copy the text between the lines “-----
BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST-----”
along with these lines, and then send it to the person who provides your company with
web server certificates.
Your Private Key is displayed under Private Key field. It will be deployed to the
appliance when you upload a valid certificate and subsequently click Deploy.
Do not send the private key to anyone. It is displayed here in case you want
to deploy this certificate to another web server.
The certificate and private key for SSL are not included in the appliance’s
nightly backups for security reasons. Retain these two files for your own
records.
Click Create Self Signed Certificate and for Deploy to be displayed.
5. Click Save and Restart AMP Server to the save the settings and restart the AMP
server.
6. You can click Restart AMP Server to restart the AMP server without saving the
settings.
When updating the time zone, the appliance web server will be restarted in
order for it to reflect the new zone information. Active connections may be
dropped during the restart of the web server. After saving changes, this page
will automatically refresh after 15 seconds.
Time Zone Select the appropriate time zone from the drop-down list.
Automatically Click the check box to automatically synchronize the appliance time
synchronize with with an internet time server. Enter the time server in the text box.
an Internet time For example: time.kace.com
server
Set the clock on Click the check box to manually set the appliance clock. Select the
the K1000 appropriate time and date from the drop-down lists.
manually
You can run multiple appliances from the same appliance console, but you
cannot transfer resources or information between them using this feature.
To link appliance so you can run them from the same console.
• Start by enabling linking on each appliance with the instructions in To enable linking of
appliances for single sign-on, on page 32. Enabling linking creates appliance names and
linking keys.
• Copy the appliance names and linking keys between the appliances to link using the
instructions in To enable linking of appliances for single sign-on.
Friendly Name Enter a unique, logical name for this appliance. Other appliances
(this server) use this name to select this appliance.
Remote Login Enter the number of minutes to keep the link open. When this
Expiration time period expires, you need to provide login credentials when
switching to a linked appliance. The default is 120 minutes.
Request Timeout Enter the number of minutes this server waits for a remote
appliance to respond to a linking request. The default is 10
seconds.
The Manage Linked Appliances page appears after you enable linking.
If appliance linking is not enabled, you are redirected to the Linking K1000
Appliances Settings page when you click the Manage Linked K1000
Appliances link.
1. Follow the instructions in To enable linking of appliances for single sign-on, on page 32,
on each appliance that you want to link with.
1. From the Organization drop-down list, select System.
2. Click K1000 Settings > Control Panel > Manage Linked Dell KACE
Appliances.
The Linking K1000 Appliances page appears.
3. In the Choose Action menu, click Add New Item.
The K1000 Settings: Add Linked Appliance page appears.
4. Enter the K1000 Friendly Name and the Linking Key of the appliance that you are
establishing the link to.
5. Click Set Options.
If the settings are configured correctly, the Connection Successful message is displayed.
6. Log on to the other appliance you are creating the link for, and repeat these steps to add
the Host Name and Linking Key to it.
After you click Save, the Test Connection option appears.
7. Click Test Connection to verify the connection between the two linked appliances.
When you re-login into the first appliance, the newly updated linked appliances appear on
the Organization drop-down list of the Home tab.
You can now switch among the linked appliance consoles using the Org: drop-down menu
on the upper right side of the appliance user interface.
Troubleshooting Tools
The Troubleshooting Tools page contains tools to help administrators and Dell KACE
Technical Support to troubleshoot problems with this appliance.
This chapter gives an overview of labels and Smart Labels, and how your Dell KACE K1000
Management Appliance uses them. For information on LDAP Labels and the LDAP Browser,
see Chapter 11: LDAP, starting on page 187.
About Labels
Labels can be used to organize and categorize computers, software, people, and locations.
Labels are intended to be used in a flexible manner, and how you use labels is completely
customizable. The label types are:
• Computer inventory
• IP Scan inventory
• Processes /Startup Items / Services
• Software
• Patches
• Dell Update packages
• Users
Once included in a label, items can be managed on a per label basis. All items that support
labeling can have none, one, or multiple labels. You can use labels, for example, with
patching, distribution packages, categorizing computers, setting up the geographic
relationships, and setting permission levels of users. Labels can be manually or automatically
applied, through LDAP or Smart Labels.
You can organize labels in Label Groups. Label Groups pass on their usage restrictions to the
labels they contain.
You can find the Label tab by going to Home > Label. You can also create labels and Smart
Labels in the other components of the appliance that use labels. In many areas of the
appliance user interface, you can see a labels select list, which you use to constrain an action
to a one or more labels. For example, you can restrict the deployment of a script to nodes that
belong to particular labels.
Managing Labels
In Label Management, you can:
Viewing Labels
Select Label Management to view labels created. You can click on the numbers under the
categories to see what the members are. For example, in the following screenshot:
• The FrameMaker 7.2 label belongs to the Licenses Label Group. FrameMaker 7.2 is a
software label, and there are two items in the label. The icon means that the label is
associated with a Smart Label.
• The laptop label is a machine label that contains only one item. The label is associated
with a Smart Label that adds any computer with the chassis type laptop to the Smart
Label. If any more laptops are purchased, they will be added to the label.
• Licenses contains one label so it is a Label Group.
To delete a label
You can delete a label in its edit page, you can also:
1. Click Home > Label and select Label Management.
2. Click the check box for the label.
3. From the Choose Action menu, click Delete Selected Item(s).
4. Click OK in the confirmation window.
The following illustration shows the Label Group type inherited by the label from the Label
Group.
To include existing the labels in the group, click their check boxes before
selecting Add Label Group. The labels are included as part of creating the
Label Group.
3. In the Add Label Group pop-up window, enter the name of the new group, and click
Save.
4. In the Label Management page, select the name of the new Label Group.
5. On the Label : Edit Detail page, enter a descriptive title.
6. Ignore KACE_ALT_LOCATION.
7. (Optional) Under Restrict Label Usage To, select an appropriate category. For
example, if the label is for software, restrict it to that.
8. (Optional) Select a Label Group.
You can put Label Groups within other Label Groups.
9. Click Save.
Deleting a Smart Label does not delete the label associated with it.
• If a specific software Smart Label is edited using Home > Label > Smart Labels, it is
reapplied to all software.
• All Smart Labels are reapplied to a software item when it is updated on Inventory >
Software.
For more examples of using Smart Labels, see, Creating Smart Labels for Computer
Inventory, on page 78, and To dynamically identify the network scan results, on page 108.
3. Click Save.
When you click on Duplicate to create a new Smart Label with the SQL code,
you can only reassign it to a new label.
3. To change a Smart Label’s order value, click the icon beside it.
Smart Labels with smaller values execute before those with larger values. Smart Labels
have a default order value of 100.
4. Click Save.
What’s Next
Many organizations use labeling with their software and hardware inventories. For more
examples of using labeling, see Chapter 5: Managing Software and Hardware Inventories,
starting on page 75.
The Agent Provisioning feature enables you to directly install the Dell KACE K1000
Management Appliance agent onto machines in your environment.
\\appliance\client\agent_provisioning
• Windows:
• Windows 7 (32-bit and 64-bit)
• Windows Vista (32-bit and 64-bit)
• Windows XP (32-bit and 64-bit)
• Windows Server 2008 (32-bit and 64-bit)
• Windows Server 2008 R2 (64-bit)
• Windows Server 2003 (32-bit and 64-bit)
• Windows 2000 Server (32-bit)
All Windows platforms require:
• Macintosh®:
• Mac OS X v10.6 Intel
• Mac OS X 10.5 Intel and PowerPC
• Mac OS X 10.4 Intel and PowerPC
• Upgrades supported:
Supports upgrading from agent version 4.3.20024 or later to 5.1.
• K1000 Agent 5.1: For Windows Platforms (32-bit and 64-bit), you must use Microsoft
.NET version 1.1 SP1. (K1000 Agent 5.2 does not require Microsoft .NET.)
• Windows XP: Turn off Simple File Sharing. Appliance Provisioning requires
standard file sharing with its associated security model. Having Simple File Sharing
enabled can cause a “LOGON FAILURE” because simple file sharing does not support
administrative file shares and associated access security.
• Windows Firewall: If turned ON, enable File and Print Sharing in the Exceptions
list of the Firewall Configuration.
By default, the appliance verifies the availability of ports 139 and 445 on each target machine
before attempting to execute any remote installation procedures.
For Vista and Windows 7:
Advanced Provisioning
Advanced Provisioning has three primary options:
• Auto Provisioning, which allows you to provide target IP Range for Provisioning. See
To add a new item using Auto Provisioning, on page 49.
• Manual Provisioning by IP, which allows you to specify IP addresses manually and
also pick up machines from IP Scan and Inventory. See To add a new item using Manual
Provisioning by IP, on page 52.
• Manual Provisioning by Hostnames, which allows you to enter hostnames
manually. See To add a new item using Manual Provisioning by Hostname, on page 55.
Config Friendly Enter a name for your agent provisioning configuration that is
Name specific enough to differentiate between other configuration
names.
Provisioning IP Enter an IP or IP range. Use hyphens to specify individual IP class
Range ranges.
For example: 192 168 2-5 1-200.
Configuration Click to enable the configuration and run scheduled
Enabled configurations.
K1000 Server Enter the name of the server where you want to install the agent
Name from.
This field displays the default name of the appliance server.
Update this field if you have multiple servers.
K1000 Client The share folder name in the appliance, where the agents are
Share Name located.
DNS Lookup Click to enable DNS lookup.
Enabled
Name Server for By default, the field displays the primary DNS Server mentioned
Lookup under Network Settings. You can change the default DNS
Server to the required one and also specify the hostname or IP
address.
Lookup Time Out Enter the time period in seconds, after which a DNS lookup will
time out.
5. Enter the following details under the Windows Platform Provisioning Settings
section if the target machines operate on the Windows platform:
Required open TCP Enter the list of required open TCP ports separated by commas.
Ports These are the ports appliance uses to access the target machine
for installation of the agent.
Port Scan Time Out Enter time period in seconds, during which the appliance scans
the port for response.
Bypass Port checks Click to avoid port checks while the appliance installs the agent.
Enable Debug Info Click to view debug information in the machine’s provisioning
results.
Remove K1000 Agent Click to reverse the logic of the provisioning configuration, that
is to remove the agent from machines. This overrides any
current provisioning activity.
Domain (or Enter the domain or workgroup name associated with the login
Workgroup) credentials you enter below.
User Name (admin Enter a user name that has the necessary privileges to install the
level) agent on the targeted machines.
Password Enter the password for the account listed above.
7. If the target machines operate on the Linux or Macintosh platform, enter the following
details under Unix (Linux or Mac OS X) Platform Provisioning Settings
section:
Remove /var/kace/ The kace folder has two sub folders, SMMP and kagentd.
files
• The SMMP folder contains: SMMP.conf, agent.log, pid, and
pluginRunProcess.log.
• The kagentd folder contains: K1000_LOG.txt,
kbot_config.yaml, and kuid.txt.
Click to remove the complete kace folder. If the check box is
not selected, the /var/kace/kagentd/kuid.txt file is not
deleted.
8. Enter the following details under Network Root Credentials section if the target
machines operate on the Linux or Macintosh platform:
9. Select the appropriate check box under the Scheduling area, and schedule to run the
configuration:
Don’t Run on a Schedule Default. Select when you do not want to run the
provisioning configuration on a schedule.
Run Every n minutes/ Select to run the provisioning configuration at the
hours specified interval.
Run Every day/specific Select to run the provisioning configuration daily or
day at HH:MM AM/PM specified day of the week at the specified time.
Run on the nth of every Select to run the provisioning configuration monthly or on
month/specific month at the specified day of the month at the specified time.
HH:MM AM/PM
You can also deploy the agent manually. For more information on the manual deployment of
the agent on Linux and Macintosh, see Appendix E: Manually Deploying Agents, starting on
page 269.
Config Friendly Enter a name for your agent provisioning configuration. Use a
Name specific configuration name to differentiate between two
configurations.
Target IPs Enter the IP address of the target machine or click Help me pick
machines.
Note: Multiple IP addresses should be comma-separated.
Provisioning Enter IP or IP range. Use hyphens to specify
IP Range individual IP class ranges.
(Help me For example:
pick 192 168 2-5 1-200.
machines) Click Add All to add all the IP addresses displayed in
the list.
IP Scan Select a machine from the IP Scan Computers
Computer drop-down list, to add to the Target IPs list. This list is
(Help me populated from the Network Scan Results. You can
pick filter the list by entering any filter options.
machines) Click Add All to add all machines displayed in the list.
Inventory Select a machine from Inventory Computers drop-
Computers down list, to add to the Target IPs list. This list
(Help me contains all the computers in the inventory. You can
pick filter the list by entering any filter options.
machines) Click Add All to add all machines displayed in the list.
Configuration Select to enable the configuration.
Enabled Note: Scheduled configurations will run only if this check box is
selected.
K1000 Server This field, by default, displays the name of the appliance server.
Name Update this field if you have multiple appliance servers. Enter the
name of the server that you want to install the agent from.
K1000 Client The share folder name on the appliance, where the agents are located.
Share Name
Domain (or Enter the domain or workgroup name associated with the login
Workgroup) credentials you enter below.
User Name (admin Enter a user name with the necessary privileges to install the
level) agent on the targeted machines.
Password Enter the password for the account listed above.
7. If the target machines operate on the Linux or Macintosh platform, enter the following
details under Unix (Linux or Mac OS X) Platform Provisioning Settings
section:
8. Enter the following details under Network Root Credentials section if the target
machines operate on the Linux or Macintosh platform:
9. Select the appropriate check box under the Scheduling area, and schedule to run the
configuration:
Don’t Run on a Schedule Default. Select when you do not want to run the
provisioning configuration on a schedule.
Run Every n minutes/ Select to run the provisioning configuration at the
hours specified interval.
Run Every day/specific Select to run the provisioning configuration on specified
day at HH:MM AM/PM day at the specified time.
Run on the nth of every Select to run the provisioning configuration on the
month/specific month at specified time on every month or only the selected month.
HH:MM AM/PM
Config Friendly Enter a name for your agent provisioning configuration. Use a
Name specific configuration name, to differentiate between two
configurations.
Target Hostnames Enter the hostnames of the target machine.
Note: Multiple host names should be comma-separated.
Configuration Select to enable the configuration.
Enabled Note: Scheduled configurations will run only if this check box
is selected.
K1000 Server Name This field, by default, displays the name of the appliance server.
Update this field if you have multiple appliance servers. Enter
the name of the server from where you want to install the agent.
K1000 Client Share The share folder name on the appliance, where the agents are
Name located.
DNS Lookup Select to enable DNS lookup.
Enabled
Name Server for By default, the field displays primary DNS Server mentioned
Lookup under Network Settings. You can change the default DNS
Server to the required one and also specify the hostname or IP
address.
Lookup Time Out Enter the time period in seconds, after this period has lapsed
the DNS lookup will automatically time out.
Domain (or Enter the domain or workgroup name associated with the login
Workgroup) credentials you enter below.
User Name (admin Enter a user name with the necessary privileges to install the
level) agent on the targeted machines.
Password Enter the password for the account listed above.
7. Enter the following details under Unix (Linux, Mac OS X) Platform Provisioning
Settings section, if the target machines operate on the Linux or Macintosh platform:
8. Enter the following details under Network Root Credentials section, if the target
machines operate on the Linux or Macintosh platform:
User Name (Linux/ Under Network Root Credentials for the appropriate
Mac OS) platform, enter a user name that has the necessary privileges to
install the agent on the targeted machines.
Password Enter the password for the account listed above.
K1000 Agent (Read-only) This field displays the agent version number.
Version
9. Select the appropriate check box under the Scheduling area, and schedule to run the
configuration:
Don’t Run on a Schedule Default. Select when you do not want to run the
provisioning configuration on a schedule.
Run Every n minutes/ Select to run the provisioning configuration at the
hours specified interval.
Run Every day/specific Select to run the provisioning configuration on daily or
day at HH:MM AM/PM specific day of the week at the specified time.
Run on the nth of every Select to run the provisioning configuration monthly or
month/specific month at the specified day of the month at the specified time.
HH:MM AM/PM
To duplicate a configuration
1. Click Settings > K1000 Agent.
The Agent Provisioning page appears.
2. Click Provisioned Configurations.
The Provisioned Configurations page appears.
3. Click the configuration you want to duplicate.
The Advanced Provisioning page appears.
4. Scroll down and click Duplicate.
To delete a configuration
1. Click Settings > K1000 Agent.
\\k1000_name\client\agent_provisioning\
Ensure that you have enabled the file share to access this folder.
• E-mail:
An e-mail notification can be sent to your users containing either:
• Install file
• Link to the appliance
• Other Web location to retrieve the required installation file
Users can click on the link and install the appropriate file.
• Log-in Script:
Some companies use login scripts that provide a great mechanism to deploy the Agent
while you log onto a machine. If you use login scripts, simply post the appropriate file in
an accessible directory and create a login script for the Agents to retrieve it.
The following sample Windows login script:
• Checks for the presence of the Microsoft .NET framework on the node.
• Installs the appropriate components to deploy the Agent:
@echo off
if not exist "%windir%\microsoft.net" goto neednet
echo .NET already installed.
goto end
:neednet
start /wait \\location\ dotnetfx.exe /q:a /c:"install /l /q"
:end
if not exist "C:\Program Files\KACE\K1000" goto needk1000
echo K1000 Agent already installed.
goto end
:needk1000
MsiExec.exe /qn /l* kbmsi.log /I
\\location\KInstallerSetupSilent.msi
ALLUSERS=2
:end
Provisioned Configurations
The Provisioned Configurations page displays:
Field Description
Config Name Displays the configuration name. Click the config name displays the Advanced
Provisioning page.
Total Target Indicates the total number of target machines. Click the total number of target machines
to display the Provisioning Results page.
Running Indicates the total number of target machines on which provisioning is currently
running. Click the total number of target machines to display the Provisioning Results
page.
Not Started Indicates the total number of target machines on which provisioning has not yet started.
Click the total number of target machines to display the Provisioning Results page.
Succeeded Indicates the total number of target machines on which provisioning has succeeded.
Click the total number of target machines to display the Provisioning Results page.
Failed Indicates the total number of target machines on which provisioning has failed. Click the
total number of target machines to display the Provisioning Results page.
% Succeeded Indicates in percentage the total number of target machines on which provisioning has
succeeded.
IP Range Indicates the IP range of the target machine.
Schedule Indicates the provisioning schedule run as specified. For example: Every n minutes,
Every n hours, or Never.
Enabled Indicates a blank or a green check in the check box for the configuration name
depending on the provisioning success.
To delete a configuration
1. Click Settings > K1000 Agent.
The Agent Provisioning page appears.
2. Click Provisioned Configurations.
The Provisioned Configurations page appears.
3. Select the check box beside the configurations you want to delete.
4. In the Choose Action menu, select Delete Selected Item(s).
5. Click OK.
To enable a configuration
1. Click Settings > K1000 Agent.
The Agent Provisioning page appears.
2. Click Provisioned Configurations.
The Provisioned Configurations page appears.
3. Click the check box beside the configurations you want to enable.
4. In the Choose Action menu, click Enable Selected Item(s).
To disable a configuration
1. Click Settings > K1000 Agent.
The Agent Provisioning page appears.
2. Click Provisioned Configurations.
The Provisioned Configurations page appears.
3. Click the check box beside the configurations you want to enable.
You can also view computer inventory by clicking computer inventory under
Provisioning Target Info section. The provisioning process collects the
MAC address of the target machine and compares to the data associated
with the current “K1000 Computer Inventory”. If a match is found, a link to
“Computer Inventory” for that association is displayed next to the MAC
Address. For more information on computer inventory, see Adding
Computers to Inventory, on page 81.
6. Click the required DNS Lookup Enabled on the Provisioning Results page to view the
DNS lookup details.
When selected, live addresses are checked against the DNS Server to see if they have
Agent Provisioning configured.
The Provisioning Results page contains the following fields about the node:
• MAC Address
• Host Name (from DNS)
• Suspected OS (from Scan)
• Action (for example, Agent Install)
• Provisioning Status
• K1000 Agent Installed (for example, yes)
• Error Category (if applicable)
• Record Last Modified
• Record Created
Field Description
Machine The machine name on which some tasks are scheduled/running/in progress.
Name
Task Type The type of agent task.
Started The start time of the task type.
Completed The time when the task type is completed.
Next Run The next schedule or run time of the agent task type.
Timeout When the task type has to be timed out.
Priority The importance or the priority value of the task type.
To configure an agent
1. Click Settings > K1000 Agent Settings.
Communications 12:00 am to 12:00 am The time interval when the agent can
Window communicate with the appliance. For example, to
allow the agent to connect between 1 am and 6
am only, select 1:00 am from the first drop-down
list, and 6:00 am from the second.
Agent “Run interval” 1 hours The interval that the agent checks into the
appliance. Each time an agent connects, it resets
its connect interval based on this setting. The
default setting is once per hour.
Agent “Inventory 0 The interval (in hours) that the appliance will
Interval” perform an inventory the nodes on your network.
If set to zero, the appliance will inventory nodes
at every Run Interval.
Agent “Download 100 The Download Throttle decides the maximum
Throttle” number of desktop agents that can download
packages at one point in time. Packages will not
be deployed on machines after the Download
Throttle has been reached. For example, if the
throttle is set to 100 and 100 agents are
connected and receiving a deployment, the 101st
agent will be deferred until any of the 100 agents
has finished communicating with the appliance.
Agent “Splash Page The appliance is The message that appears to users when
Text” verifying your PC communicating with the appliance.
Configuration and
managing software
updates. Please Wait...
Scripting Update 15 minutes The agent downloads new script definitions after
Interval scripting update interval is over. The default
interval is 15 minutes.
Scripting Ping Interval 600 seconds The agent tests the connection to the appliance
after scripting ping interval is over. The default
interval is 600 seconds.
Agent Log Retention The Agent Log Retention disallows the server to
store the scripting result information that arises
from the agents. By default, this stores all the
results generated and can affect the performance
of K1000 Management Appliance. Turn off the
Agent Log Retention to allow the agent
checkins to process faster.
The agent normally checks in using the “Run Interval” schedule specified in
K1000 Agent Settings page. For debugging and testing purposes, KACE
provides ways that can be used to force a check-in outside this normal
schedule.
You can run the file KBScriptRunner located in C:\Program
Files\KACE\KBOX to force the agent to check in with the appliance.
The KBScriptRunner.exe only forces a check-in (bypassing the “Run
Interval”) but does not force an inventory if you have set a non-zero Inventory
Interval. You must change the inventory interval to zero while debugging/
testing package deployments.
or
Macintosh:
/Library/K1000Agent/Home/bin/setk1000 myk1000
or
/Library/k1000Agent/Home/bin/setk1000 192.168.2.100
Linux:
/K1000/bin/setk1000 myk1000
or
/KACE/bin/setk1000 192.168.2.100
c:\Program Files\kace\k1000\smmp.conf
c:\Program Files(x86)\kace\k1000\smmp.conf
b. For further debugging and troubleshooting, add the following line to smmp.conf:
debug = true
/var/kace/kagentd/kbot_config.yaml
Linux:
/var/kace/kagentd/kbot_config.yaml
3. Verify that you are able to ping the appliance and reach it through a web browser at
http://k1000.
4. Verify that Internet Options are not set to use proxy, or proxy is excluded for the local
network or the K1000 Management Appliance.
• Windows: update_4.3.XXXX.bin
• Mac OS: update_mac_4.3.XXXX.bin
• Linux: update_linux_4.3.XXXX.bin
Enabled Select to upgrade the Agent the next time machines check into the
appliance.
Update Broken Select to update those machines that are running checking in with
Agents the appliance for new agent versions, but are unable to
successfully report inventory information to the appliance. This
setting overrides the Limit Update to settings.
For such a broken agent check for a new version of the Agent
software by running kupdater.exe manually.
Limit Updates to Enter a label for automatic upgrades. The upgrades will only be
distributed to machines assigned to those labels, except if they are
identified as a “broken client” above.
Limit Update To Click Remove to limit the listed machines. To add more
Listed Machines machines, select the machines from the Select machine to add
drop-down list.
Filter Enter the value to verify machine by filter.
Notes Enter release notes about the agent.
5. Click the button beside the platform name to upload the patch file for that platform.
6. Click Browse and locate the patch file (.bin).
The Update Version ID text box displays the version number of the patch file you are
uploading.
7. Click Save Windows Patch File to upload the patch file.
You can update agents on all platforms using a client bundle. The client bundle is designed to
update the Agent deployment files that are stored on the appliance server via a single file.
The K1000 Agent Update settings will be disabled after applying the file. View
the settings and confirm the label and settings and enable it again if you want
the agents to deploy to your network.
All the provisioning setups will also be disabled and will need to be re-
enabled to deploy the new version of the agent to your network.
• Go to the Agent Updates from KACE page, and verify if the correct labels have been
selected. Select the Enabled check box to enable this upgrade.
• Go to the Advanced Provisioning page, and verify if the correct setups have been
selected. Select the Configuration Enabled check box to enable this upgrade.
4. If K1000 SMMP Management Service is not listed, run the following command to
reconfigure it:
5. You can now uninstall the agent from the Add or Remove Programs again.
If you continue to receive error messages, contact Dell KACE Support at support@kace.com
for assistance.
For Alerts, the pending communications are displayed in the AMP Message
Queue even if there is no continuous connection between the Agent and the
appliance. These messages are displayed till the Keep Alive time interval
has elapsed. These messages are then deleted from the queue and the
alerts expire.
Field Description
Machine Name Indicates the machine name that contains the computer inventory
information. Click the machine name to view the Computers Inventory
page.
To view alerts
1. Click K1000 Settings > Support or click .
The View Alerts option is available in the Choose Action menu only if AMP
Message Queue has pending or displays alerts.
For creating alerts, see To Create a Broadcast Alert Message, on page 207.
3. Click the message queue link in See list of pending communications in the
K1000 Agent message queue, under the K1000 Agent Messaging area.
The AMP Message Queue page appears.
4. Click the check box for the message you want to delete.
5. In the Choose Action menu, click Delete Selected Item(s).
6. Click OK to confirm deleting the message.
This removes the message queue from the Agent.
The Dell KACE K1000 Management Appliance Inventory tab enables you to identify and
manage the hardware and software on your network and organize these assets using labels
and filters.
• Computers
• Software
• Processes
• Startup
• Services
• IP Scan
• MIA
• Label
The inventory data is collected automatically according to the Agent Inventory Interval
schedule specified in the Settings > K1000 Agent Settings. If the Agent inventory
Interval is set to zero, the inventory is performed as per the Agent Run Interval on the
same page.
Although it is listed under the Inventory tab, the IP Scan feature is discussed in Chapter
7: Scanning for IP Addresses, starting on page 105.
This figure illustrates some of the Inventory features using the Computers sub-tab.
Figure 5-1: Inventory - Computers Tab
Filter Examples
To create a notification
1. Click Inventory > Computers, and then click the Create Notification tab.
2. Specify the search criteria and the constraints.
3. Specify a title for the search.
4. Enter the mail address of the recipient of the notification.
5. To see whether the filter produces the desired results, click Test Notification.
6. Click Create Notification to create the notification.
Now, whenever machines that meet the specified notification criteria check into the K1000
Management Appliance, an e-mail is automatically sent to the specified recipient. You can
modify or delete a notification after it has been created on the Reporting > Email Alerts
tab.
The following sections describe each of the detail areas on this page. To expand or collapse
the sections, click the + sign next to the section headers.
Inventory
Description
Heading
• A icon indicates a constant connection between the agent and the appliance.
• A icon indicates that the agent and the appliance are not connected.
For more details on the AMP connection, see AMP Message Queue, on page 71.
Use the Force Inventory Update button to immediately update all computer
inventory information. Click Force Inventory Update to synchronize the computer
with the server. It requests that the node send an inventory to the appliance.
Inventory This section provides more detail on some of the categories in the Summary section.
Information
Software This section provides details on the software programs the computer has installed,
including patching level information, running processes, and startup programs.
Activities • The Labels section displays the labels assigned to this computer. Labels are used to
organize and categorize machines.
• The Failed Managed Installs section displays a list of Managed Installations that
failed to install on this machine. To access details about the Managed Installations,
click the Managed Software Installation detail page link.
• The To Install List section lists the Managed Installations that are sent to the
machine the next time it connects.
• The Help Tickets section provides a list of the Service Desk Tickets (if any)
associated with this machine. These can either be Tickets assigned to the machine
owner or Tickets submitted by the machine owner. To view a Service Desk Ticket’s
details, click the Ticket ID (for example, TICK:0032).
Security The Patching Detect/Deploy Status section displays a list of patches detected and
deployed on the computer. Click the appropriate link, for example, Failed, Not
Patched, Patched, and All to sort the list of patches.You can review your patch
schedules by clicking the Patch Schedules link.
The Threat Level 5 list section displays the items that have been marked with the threat
level as 5. A threat that is harmful to any software, process, startup item, and services
associated with this machine is considered as threat level 5.
The OVAL Vulnerabilities section displays the results of OVAL Vulnerability tests run
on this machine. Only tests that failed on this computer are listed by the OVAL ID and
marked as Vulnerable. Tests which passed are grouped together and marked as Safe.
Logs The Portal Install Logs section provides details about the User Portal packages installed
on this machine.
See Appliance Agent Logs, on page 81, for details on this section.
The Scripting Logs section lists the Configuration Policy scripts that have been run on
this computer, along with the status of any scripts in progress.
Inventory
Description
Heading
Asset This section displays the details of the Asset associated with that machine. Details such
as the date and time when the Asset record was created, the date and time when it was
last modified, type of the asset and name of the asset are displayed.
Click the [Edit] link to edit the asset information. For more information about Assets,
see the Asset Management Guide.
• Client Logs:
The appliance sends a request to the agent to get inventory information periodically. A
script is executed on the node after which it sends the inventory information to the
appliance. On successful execution of K1000Client.exe, inventory is uploaded to the
appliance. The agent logs display these actions.
• Scripting Updater:
A request is initiated periodically from the node to get the latest information related to
the changes in Offline KScripts. Scripting Updater logs displays this information.
and upload all the available inventory data. For more information on agent provisioning,
refer to Chapter 4: Agent Provisioning, starting on page 45.
To delete a computer
1. Click Inventory > Computers.
2. Click the check box beside the computers you want to delete.
3. In the Choose Action menu, click Delete Selected Item(s).
4. Click Yes to confirm deleting the computer.
RegistryValueGreaterThan(HKEY_LOCAL_MACHINE\SOFTWARE\Network
Associates\TVD\Shared Components\VirusScan
Engine\4.0.xx,szDatVersion,4.0.44)
Before deploying a software item to a remote node, your appliance first verifies whether
that file is present on the that node. If it is detected, it is not sent to the machine a
second time. In some instances, installed programs do not register in Add/Remove
Programs or in standard areas of the registry. In such cases, the appliance may not be
able to detect the presence of the application without additional information from the
administrator. Therefore, the appliance may repeat the install each time the node
connects.
8. Select the supported operating systems in the Supported Operating Systems field.
9. In the Custom Inventory ID (rule) field, enter the Custom Inventory ID.
10. Beside Upload & Associate File, click Browse, and then click Open.
11. Under Metadata, specify the following information:
The software detail page displays license information for the software. You
can also view the license asset detail by clicking on the license link.
in the registry and elsewhere on the target machine. For example, DAT file version number
from the registry, file created date, file publisher, or other data.
You can retrieve the following attributes from the FileInfoReport() function:
Comments Language
CompanyName LegalCopyright
FileBuildPart LegalTrademarks
FileDescription OriginalFilename
FileMajorPart PrivateBuild
FileMinorPart ProductBuildPart
FileName ProductMajorPart
FilePrivatePart ProductMinorPart
FileVersion ProductName
InternalName ProductPrivatePart
IsDebug ProductVersion
IsPatclhed SpecialBuild
IsPreRelease CreatedDate
IsPrivateBuild ModifiedDate
IsSpecialBuild AccessedDate
7. Click Save.
You can read comments on the process submitted by other users by clicking
[Read Comments] on the Process Details page. You can also ask for help
from KACE about the processes by clicking [Ask For Help.] You need a KACE
user name and password to log in to the Dell KACE database.
You can also see computers with running the selected process. You can view and print a
printer friendly version of this page.
To delete a process
1. To delete processes, do one of the following:
• From the Processes List view, click the check box beside the process, and then in the
Choose Action menu, click Delete Selected Item(s).
• From the Process detail page, click Delete.
2. Click OK to confirm deleting the selected process.
To disallow processes
1. Click Inventory > Processes.
The Processes page appears.
2. Click the check box beside the processes to disallow.
3. In the Choose Action menu, click Disallow Selected Item(s).
The Script : Edit Detail page appears.
4. Enter the script configuration details, and then click Run Now to run Disallowed
Programs Policy.
To categorize a process
1. Click Inventory > Processes.
2. Click the check box beside the processes you want to categorize.
3. In the Choose Action menu, click the appropriate category.
To meter a process
1. Click Inventory > Processes.
2. Click the check box beside the processes.
3. In the Choose Action menu, click Meter Selected Items(s).
The process are added to the list of processes to be monitored in the Metering tab. For
more information on Software Metering, refer to Asset Management Guide.
You can read comments on the startup program submitted by other users by
clicking [Read Comments]. You can also ask for help from KACE about the
startup programs by clicking [Ask For Help.] You need a KACE user name
and password to log in to the Dell KACE database.
You can also see computers with running the selected startup program. You can view a
printer friendly version of this page and take print outs of the report.
You can read comments on the service submitted by other users by clicking
[Read Comments]. You can also ask for help from Dell KACE about the
service by clicking [Ask For Help.] You need a KACE username and
password to log in to the Dell KACE database.
You can also see computers with running the selected startup program. You can view a
printer friendly version of this page and take print outs of the report.
To delete a service
1. To delete services, do one of the following:
• From the Services List view, click the check box beside the service, and then in the
Choose Action menu, click Delete Selected Item(s).
• From the Process detail page, click Delete.
2. Click OK to confirm deleting the selected service.
To categorize a service
1. Click Inventory > Service.
2. Click the check box beside the services you want to categorize.
3. In the Choose Action menu, click the appropriate category.
From the MIA tab, you can remove the computers from the appliance Inventory and assign
them to labels to group them for management action.
Automatically delete MIA Click the check box to enable automatic deleting of
computers MIA computers.
Days Enter the period in number of days. Computers
that do not communicate with the appliance for
the number of days specified are automatically
deleted.
4. Click Save.
4. Click Save.
If you have not enabled AppDeploy Live, you cannot view AppDeploy Live
information. Refer to Using the AppDeploy Live Application Information
Clearinghouse, on page 95.
This chapter explains how to transfer K1000 Management Appliance resources between
organizations within an appliance and between separate appliances.
• Email alerts
• Managed Installations
• Reports
• Scripts
• Smart labels
• Software components from Inventory
• Ticket rules
All K1000 Management Appliance have built-in SAMBA share directories, allowing you to
import and export appliance resources among them. For details, see the Transferring
resources using a SAMBA share section.
If you use the Organizational Management component of the K1000 Management
Appliance, you also can transfer resources between organizations within an appliance. For
details, see Transferring resources between Organizations, on page 102. If you don’t use
Organizational Management, its options are not displayed.
By default, all available resources on the appliance are listed. You can limit the
resources to view using the drop-down list and search field on the right side of the
screen. Select a resource from the list to display just that resource category. Enter a
term in the search field to limit the resources list even further. In this example, only
Reports with the term Closed in the description are listed:
15. Select the resource files to import, and click Import Resources.
Your imported resources first appear on the Resource Manager Queue page with a
Status of New Request. Click Refresh to update this page. When finished, the
Status changes to Completed.
Most import/export tasks only take a moment, but very large resources take longer.
This screen does not refresh by itself for several minutes.
Once you see a Status of Completed, the resources you imported are available and listed
on their respective tabs (Reports, Inventory > Software, Scripting, Distribution >
Managed Installations) for your organization to use.
2. To export resources from one organization to the others, click Export K1000
Resources.
The Export K1000 Resources page appears, listing all of the resources on the appliance
available to export.
The Import K1000 Resources page appears, listing all of the resources available to
import:
IP scan allows you to scan a range of IP addresses to detect the existence and attributes of
various devices on a network.
IP Scan Overview
The K1000 Management Appliance can scan a range of IP addresses for SNMP enabled
machines, allowing you to retrieve information about machines connected to your network.
Although IP Scans have their own server-side scheduling, you can invoke a scan on-demand
or schedule an IP scan to run at a specific time.
IP scan reports a variety of inventory data that lets you monitor the availability and service
level of a target machine. IP scan scans ports in addition to IP addresses. You can collect data
even without knowing the IP addresses of the target machines.
It can scan any type of device (as long as the device has an IP address on the network)
including computers, including virtual machines, printers, network devices, servers, wireless
access points, routers, and switches.
Creating an IP Scan
You can create a network scan that will look for DNS, Socket, and SNMP across a subnet or
subnets. You also define a network scan to look for devices listening on a particular port (for
example, Port 80). This allows you to view devices that are connected to your network even
when the agent is not installed on those devices.
When defining a network scan, balance the scope of the scan (number of IP addresses you
are scanning) with the depth of the probe (number of attributes you are scanning for) so that
you do not overwhelm your network or the appliance. For example, if you need to scan a
large number of IP addresses frequently, keep the number of ports, TCP/IP connections, and
so on, relatively small. As a general rule, scan a particular subnet no more than once every
few hours.
To create an IP scan
1. Go to Inventory > IP Scan.
The Network Scan Settings page appears.
2. In the Choose Action menu, click Add New Item.
The Network Scan Setting page appears.
3. Enter a name for the scan in the Network Friendly Scan Name field.
4. Enter the IP range to scan in the Network Scan IP Range field.
5. Specify the DNS lookup test details:
DNS Lookup Enabled Check live addresses against the DNS server to see if they have
an associated name. This can help you identify known nodes on
your network.
Name Server for lookup Enter hostname or IP address.
Lookup time out Enter the time out interval (in seconds).
If the Ping and Socket tests are disabled, you cannot run the other tests. The Ping or
Socket tests determine if the address is alive. If it is, you can run an SNMP or a Port
Scan against it.
7. Specify the Connection test details:
Connection Test Click the check box to perform connection testing during
Enabled network scan.
Connection Test Enter the protocol to use.
Protocol
Connection Test Port Enter the port to use for testing the connection.
Connection Time Out Enter the time out interval (in seconds).
Device Port Scan Enabled Click the check box to enable port scanning of device ports.
TCP Port List Enter a comma-separated list of TCP ports to scan.
UDP Port List Enter a comma-separated list of UDP ports to scan.
Port Scan Time Out Enter the time out interval (in seconds).
Don’t Run on a Schedule Select to run the tests in combination with an event
rather than on a specific date or at a specific time.
Run Every n minutes/hours Select to run the tests at a specified interval.
Run Every day/specific day at Select to run the tests daily or on a specified day of the
HH:MM AM/PM week at a specified time.
Run on the nth of every month/ Select to run the tests on the specified date or day of the
specific month at HH:MM month at a specified time.
AM/PM
Clicking the IP address of a network device displays the values for Ping
Status, Connection Status, and SNMP Status as Succeeded or Failed.
However, the underlying database fields actually contain a 0 for Failed and 1
for Succeeded.
Therefore, when using these fields as criteria for advanced search, Smart
Labels, or notifications, you must enter the numeric values.
The K1000 Management Appliances software distribution features offer various methods for
deploying software, updates, and files to the computers on your network.
Inventory &
Assess
Test
Target
Deploy
Report
One of the most important concepts in the deployment procedure is to test each deployment
before rolling it out to a large number of users. The appliance verifies that a package is
designated for a particular system, machine, or operating system. However, the appliance
cannot access the compatibility with other software on the target machine. Therefore,
establish procedures for testing each piece of software before deploying it on your network.
For example, develop a test group of target machines, and deploy the required software using
your appliance. This practice helps you to verify the compatibility of the software with the
operating system and other applications within your test group. You can create a test label
and perform a test distribution before you go live in your environment. You can create a test
label from the Home > Labels tab.
This chapter focuses primarily on the test, target, and deploy portions of this flow diagram.
For more details on creating an inventory of computers and software packages in use on your
network, see Chapter 8: Distributing Software from Your K1000 Management Appliance,
starting on page 111.
• Managed installations
• File synchronizations
• Appliance agents
Distribution packages (whether for managed installation, file synchronization, or user portal
packages) cannot be created until a digital file is associated with an Inventory item. This rule
applies even if you are:
To create a distribution
1. Install the package manually on a machine.
2. Take an inventory of that machine. For more information on how to take an inventory,
see Managing Your Software Inventory, on page 83.
3. Use the item listed in the Software Inventory list for the Managed Installation.
To create packages with different settings, such as parameters, labels, or deployment
definitions, you can create multiple distribution packages for a single Inventory item.
However, the Managed Installation (MI) cannot be verified against more than one inventory
item because the MI checks for the existence of only one inventory item.
Although the K1000 Agent tab is listed under the Distribution tab,
“Deploying K1000 Agent” is discussed as part of the installation and setup
process in Chapter 1: Getting Started, starting on page 1. For information
about updating an existing version of the appliance agent, see K1000 Agent
Update, on page 68.
You can then associate a digital file and create one or more deployment packages.
• Supporting remote sites with restricted bandwidth, which might result in difficulties
accessing the appliance.
• Avoiding storing large packages on the appliance.
An alternate download location can be any path on the network. Ensure that the alternate
location has the required files for installing the application.
To activate this capability, you must enter an alternate checksum (MD5) that matches the
MD5 checksum on the remote file share (for security purposes). You may use any tool to
establish your checksum.
To create the MD5 checksum, enter:
K1000Client -hash=filename
• Replication share is a full replication of all digital assets and is managed automatically
by the appliance.
• Alternate download location can be any path on the network. You make sure that the
alternate location has the files that might be needed for installs of a particular
application.
Whenever a replication share is specified for a label, nodes in that label go to that replication
share to get files until you remove them from the label or stop using the replication item. If a
replication share is specified, that is always be used instead of any other alternate location.
The agent always fails over to appliance in following scenarios:
Managed Installations
Managed installations enable you to deploy software that requires an installation file to run
to the computers on your network. You can create a Managed Installation package from the
Distribution > Managed Installation page.
From the Managed Installations tab, you can:
Installation parameters
Your K1000 Management Appliance allows packaged definitions to contain .msi, .exe,
.zip, and other file types for software deployment. If an administrator installs the file on a
local machine, either by running a single file or BAT file or VBScript, the package can be
installed remotely by the appliance.
To simplify the distribution and installation process, the package definition can also contain
parameters that are passed to the installer at run time on the local machine.
You can use parameters as custom installation settings, for example, a standard install or to
bypass auto-restart.
c:\...\adobe.exe
3. Enter: filename /?
For example: adobe.exe /?
If that package supports parameters, they are displayed. For example: /quiet, /
norestart.
4. Use the parameter definitions identified to update your package definition.
If these steps do not succeed, refer to the software vendor’s documentation.
Also show software Click the check box to display any software without an associated executable
without an Associated uploaded. You can upload a file to the software record directly from this
File Managed Installation page.
Upload & Associate New File:
Click Browse and navigate to the location that contains the new executable of
any software selected or to associate an executable to a software without an
associated file.
Managed Actions Managed Action allows you to select an appropriate time for this package to be
deployed. Available options are:
• Disabled
• Execute anytime (next available)
• Execute before logon (before machine boot)
• Execute after logon (before desktop loads)
• Execute while user logged on
• Execute while user is logged off
Deploy to All Machines Click the check box to deploy the software to all machines.
Limit Deployment To Select a label to limit deployment only to machines belonging to the selected
Selected Labels label. Press CTRL to select multiple labels.
If you have selected a label that has a replication share or an alternate download
location, the appliance copies digital assets from that replication share or
alternate download location instead of downloading them directly from the
appliance.
Note: The appliance always uses a replication share in preference over an
alternate location.
Limit Deployment To You can limit deployment to one or more machines. Select the machines from
Listed Machines the drop-down list to add to the list. You can filter the list by entering filter
options.
Deploy Order Select the order to install the software. The lower value deploys first.
Max Attempts Enter the maximum number of attempts, between 0 and 99, to indicate the
number of times the K1000 Management Appliance tries to install the package.
If you specify 0, the appliance enforces the installation forever.
Deployment Window Specify the time (using a 24-hour clock) to deploy the package. The Deployment
(24H clock) Window times affects any of the Managed Action options. Also, the run intervals
defined in the System Console, under K1000 Settings for this specific
organization, overrides and/or interact with the deployment window of a
specific package.
Allow Snooze Click the check box to allow snooze. When you click the check box, the following
additional fields appear:
• Snooze Message: Enter a snooze message.
• Snooze Timeout: Enter the timeout, in minutes, for which the message is
displayed.
• Snooze Timeout Action: Select a timeout action that take places at the
end of the timeout period. For example, if the installation is being carried
out when there currently no active users accessing their desktop. You can
select Install now to install the software without any hindrance to the
users or select Install later if the installer needs some user interaction.
Custom Pre-Install Click the check box to display a message to users prior to installation. When you
Message click the check box, the following additional fields appear:
• Pre-Install User Message: Enter a pre-install message.
• Pre-Install Message Timeout: Enter a timeout, in minutes, for which
the message is displayed.
• Pre-Install Timeout Action: Select a timeout action from the drop-
down list, this action takes place at the end of the timeout period. Options
include Install later or Install now. For example, if the installation is
being carried out when there currently no active users accessing their
desktop. You can select Install now to install the software without any
hindrance to the users or select Install later if the installer needs some
user interaction.
Custom Post-Install Click the check box to display a message to users after the installation is
Message complete. When you click the check box, the following additional fields appear:
• Post-Install User Message: Enter a post install message.
• Post-Install Message Timeout: Enter a timeout, in minutes, for which
the message is displayed.
7. Click Save.
To use parameters with .msi files, all your target machines must have the
same version of Windows Installer (available from Microsoft). Some switches
may not be active on older versions. The most up-to-date version of Windows
Installer can be distributed to nodes with the appliance.
If you are using Windows Installer 3.0 or later, you can identify the supported
parameters by selecting the Run program available from the Start menu.
Enter msiexec in the popup window. A window displays, which includes the
supported parameters list.
Also show software Click the check box to display any software without an associated
without an Associated executable uploaded. You can upload a file to the software record directly
File from this Managed Installation page.
Upload & Associate New File:
Click Browse and navigate to the location that contains the new
executable of any software selected or to associate an executable to a
software without an associated file.
Managed Actions Select the most appropriate time for this package to be deployed. Options
are:
• Disabled
• Execute anytime (next available)
• Execute before logon (before machine boot)
• Execute after logon (before desktop loads)
• Execute while user logged on
• Execute while user logged off
Deploy to All Machines Click the check box to deploy the software to all the machines.
Limit Deployment To Select a label to limit deployment only to machines belonging to the label.
Selected Labels Press CTRL and click labels to select multiple labels.
If you have selected a label that has a replication share or an alternate
download location, the appliance copies digital assets from that
replication share or alternate download location instead of downloading
them directly from appliance.
Note: The appliance always uses a replication share in preference to an
alternate location.
Limit Deployment To You can limit deployment to one or more machines. Select the machines
Listed Machines from the drop-down list to add to the list. You can filter the list by
entering filter options.
Deploy Order Select the order to install the software. The lower value deploys first.
Max Attempts Enter the maximum number of attempts, between 0 and 99, to indicate
the number of times the K1000 Management Appliance tries to install the
package. If you specify 0, the appliance enforces the installation forever.
Deployment Specify the time (using a 24-hour clock) to deploy the package. The
Window(24H clock) Deployment Window times affects any of the Managed Action options.
Also, the run intervals defined in the System Console, under K1000
Settings for this specific organization, overrides and/or interact with the
deployment window of a specific package.
Allow Snooze When you click this check box, the following additional fields appear:
• Snooze Message: Enter a snooze message.
• Snooze Timeout: Specify a timeout, in minutes, for which the
message is displayed.
• Snooze Timeout Action: Select a timeout action that takes place at
the end of the timeout period. For example, select Install now
because you are installing at a time when you know that the users are
away from their desktops. Select Install later if the installer needs
some user interaction and the users are not at their desktops.
Custom Pre-Install Click this check box to display a message to users prior to installation.
Message When you click this check box, additional fields appear:
• Pre-Install User Message: Enter a pre-install message.
• Pre-Install Message Timeout: Enter a timeout in minutes for
which the message is displayed.
• Pre-Install Timeout Action: Select a timeout action that takes
place at the end of the timeout period. For example, select Install now
to install at a time when you know that the users are away from their
computers. Select Install later if the installer needs some user
interaction, and the users are not at their computers.
Custom Post-Install Click the check box to display a message to users after the installation is
Message complete. When you click the check box, the following additional fields
appear:
• Post-Install User Message: Enter a post install message.
• Post-Install Message Timeout: Enter a timeout, in minutes, for which
the message is displayed.
7. Click Save.
The appliance agent automatically runs deployment packages with .msi and
.exe extensions. However, K1000 Management Appliance also provide a
capability for administrators to zip many files together and direct the
appliance to unpack the ZIP file and run a specific file within. If you intend to
deploy a .zip file, you must place the name of the file within the .zip that
you would like to run in the Command (Executable) field within the
Deployment Package (for example, runthis.exe).
The appliance agent uses a library called SharpZipLib to uncompress zip files.
This library supports Zip files using both stored and deflate compression methods and also
supports old (PKZIP 2.0) style encryption, tar with GNU long filename extensions, gzip, zlib
and raw deflate, as well as BZip2. However, Zip64 and deflate64 are not supported.
Compression mode 9 is deflate64, which in WinZip is called “maximum compression.”
To resolve the issue, recreate the zip file using WinZip “normal compression.”
On Red Hat Linux, you do not need to include any other files in your archive
other than your script if that is all you want to execute.
If the PATH environment variable of your root account does not include the current
working directory, and you want to execute a shell script or other executable that you
have included inside an archive, specify the relative path to the executable in the Full
Command Line field. The command is executed inside a directory alongside the files
that have been extracted.
For example, to run a shell script called installThis.sh, package it alongside an .rpm
file, and then enter the command: ./installThis.sh in the Full Command Line
field. If you archived it inside another directory, the Full Command Line field is:
./dir/filename.sh
Both these examples, as well as some other K1000 Management Appliance functions,
assume that “sh” is in the root's PATH. If you're using another scripting language, you
may need to specify the full path to the command processor you want to run in the Full
Command Line, like
/bin/sh ./filename.sh.
Run Parameters (Optional) You do not need to specify parameters if you have an .rpm
file.
Enter a value to override (Default -U default).
For example, if you set Run Parameters to: -ivh --replacepkgs, then the
command that runs on the computer is:
rpm -ivh –replacepkgs package.rpm
Full Command Line You do not need to specify a full command line if you have an .rpm file.
The appliance executes the installation command by itself. The Linux
node tries to install this via:
rpm [-U | Run Parameters] "packagename.tgz”
If you do not want to use the default command, you can replace it
completely by specifying the complete command line here. If you have
specified an archive file, this command is run against all of the .rpm files
it can find.
Un-Install using Full Click the check box to uninstall software.
Command Line If a Full Command Line above is entered, it is run. Otherwise, by default
the agent attempts the command, which is generally expected to remove
the package.
Run Command Only Click the check box to run the command line only. This does not
download the actual digital asset.
Notes (Optional) Enter additional information in this field.
Managed Action Managed Action allows you to select the most appropriate time for this
package to be deployed. Execute anytime (next available) and
Disabled are the only options available for Linux platform.
Deploy to All Machines Click the check box to deploy to all the machines.
Limit Deployment To Select a label to limit deployment only to machines belonging to the
Selected Labels selected label. Press CTRL to select multiple labels.
If you have selected a label that has a replication share or an alternate
download location, then the appliance copies digital assets from that
replication share or alternate download location instead of downloading
them directly from appliance.
Note: The appliance always uses a replication share in preference over
an alternate location.
Limit Deployment To You can limit deployment to one or more machines. Select the machines
Listed Machines from the drop-down list to add to the list. You can filter the list by
entering filter options.
Deploy Order The order in which software is installed. The lower value deploys first.
Max Attempts Enter the maximum number of attempts, between 0 and 99, to indicate
the number of times the K1000 Management Appliance tries to install
the package. If you specify 0, the appliance enforces the installation
forever.
Deployment Specify the time (using a 24-hour clock) to deploy the package. The
Window(24H clock) Deployment Window times affects any of the Managed Action options.
Also, the run intervals defined in the System Console, under K1000
Settings for this specific organization, override and/or interact with the
deployment window of a specific package.
Use Alternate Download Click the check box to specify details for alternate download. When you
click the check box, the following fields appear:
• Alternate Download Location: Enter the location from where the
K1000 Agent can retrieve digital installation files.
• Alternate Checksum: Enter an Alternate Checksum (MD5) that
matches the MD5 checksum on the remote file share (for security
purposes).
• Alternate Download User: Enter a user name that has the
necessary privileges to access the Alternate Download Location.
• Alternate Download Password: Enter the password for the user
name specified above.
Note: If the target machine is part of a replication label, then the
appliance does not fetch software from the alternate download location.
For more information on using an alternate location, refer to Distributing
Packages from an Alternate Location, on page 114.
Here you specify an alternate download location only for a specific
managed installation. You can also edit an existing label or create a new
label that can be used for specifying the alternate location globally. But
since that label cannot be specific to any managed installation, you cannot
specify an alternate checksum for matching the checksum on the remote
file share. For more information on how to create or edit labels, refer to
About Labels, on page 35.
8. Click Save.
7. Enter other package details as described in the Managed Installations, on page 115
procedures for .rpm file above.
8. Click Save.
The agent automatically runs deployment packages with .rpm extensions. However, the
appliance also provides a capability for administrators to zip many files together and direct
the K1000 Management Appliance to unpack the zip and run a specific file within.
File Synchronizations
File synchronizations enable you to distribute software files to the computers on your
network. These can be any type of file, such as PDF, ZIP files, or EXE files, which are simply
downloaded to the user’s machine, but not installed.
Limit Deployment to Enter a label for the package. The file is distributed to the users
assigned to the label, such as the operating system affected by the
synchronization.
Pre-Install User Message Click the check box to display a message to users prior to installation.
When you click this check box, additional fields appear:
• Pre-Install User Message: Enter a pre-install message.
• Pre-Install Message Timeout: Enter a timeout in minutes for
which the message is displayed.
• Pre-Install Timeout Action: Select the action to occur at the end
of the timeout period. For example, if the installation occurs when
users are active, you can select Install now to install the software
without any interaction to the users. Or, Install later if the
installer requires user interaction.
Post-Install User Message Click the check box to display a message to users after the installation
completes. When you click this check box, message field and timeout
options appear. Enter a message and a timeout value in minutes.
Deployment Window Enter the time (using a 24-hour clock) to deploy the package. The
Deployment Window times affects any of the Managed Action options.
Also, the run intervals defined in the System Console, under K1000
Settings for this specific organization, overrides and/or interact with
the deployment window of a specific package.
Use Alternate Download Click this check box to specify details for alternate download. When you
click this check box, the following fields appear:
• Alternate Download Location: Enter the location from where
the K1000 Agent can retrieve digital installation files.
• Alternate Checksum: Enter an Alternate Checksum (MD5) that
matches the MD5 checksum on the remote file share (for security
purposes).
• Alternate Download User: Enter a user name that has necessary
privileges to access the Alternate Download Location.
• Alternate Download Password: Enter the password for the user
name specified above.
Note: If the target machine is part of a replication label, then the
appliance does not fetch software from the alternate download location.
For more information on using an alternate location, refer to
Distributing Packages from an Alternate Location, on page 114.
Here you specify an alternate download location only for a specific
managed installation. You can also edit an existing label or create a new
label that can be used for specifying the alternate location globally. But
since that label cannot be specific to any managed installation, you
cannot specify an alternate checksum for matching the checksum on the
remote file share. For more information on how to create or edit labels,
refer to Managing Labels, on page 36.
7. Click Save.
Wake-on-LAN
The K1000 Management Appliance Wake-on-LAN feature provides the ability to “wake up”
computers equipped with network cards that are Wake-on-LAN compliant.
This feature only supports machines that are equipped with a Wake-On-LAN-
enabled network interface card (NIC) and BIOS.
Using the Wake-on-LAN feature on the K1000 Management Appliance will cause broadcast
UDP traffic on your network on port 7. This traffic should be ignored by most computers on
the network. The K1000 Management Appliance sends 16 packets per Wake-on-LAN request
because it must guess the broadcast address that is required to get the “Magic Packet” to the
target computer. This amount of traffic should not have a noticeable impact on the network.
Don’t Run on a (Default) Select to run the tests in combination with an event
Schedule rather than on a specific date or at a specific time.
Run Every day/specific Select to run the tests every day or only the selected day of the
day at HH:MM AM/PM week at the specified time.
Run on the nth of every Select to run the tests on a specific date or the same day every
month/specific month month at the specified time.
at HH:MM AM/PM
7. Click Save.
The Wake-on-LAN tab appears with the scheduled request listed. From this view you
can edit or delete any scheduled requests.
Troubleshooting Wake-on-LAN
When a Wake-on-LAN request fails to wake devices, it might be due inappropriate
configuration of network devices. For example:
• The device does not have a WOL-capable network card or is not configured properly.
• The K1000 Management Appliance has incorrect information about the subnet to which
the device is attached.
• UDP traffic is not routed between subnets or is being filtered by a network device.
• Broadcast traffic is not routed between subnets or is being filtered by a network device.
• Traffic on Port 7 is being filtered by a network device.
Replication
Using a replication share is a method to handle managed installations, patching, or Dell
Updates where network bandwidth and speed are issues. In those situations, using a
replication share is a good alternative to downloading directly from an appliance.
A replication share allows an appliance to replicate software installers, patches, node
upgrades, and script dependencies to a shared folder on a node. If any replication item is
deleted from the appliance server, it is marked for deletion in the replication share and
deleted in the replication task cycle.
In creating a replication share, identify one node at each remote location to act as a
replication machine. The server copies all the replication items to the replication machine at
the specified destination path. The replication process automatically restarts if stopped due
to a network failure or replication schedule. If stopped, the replication process restarts at the
point it was stopped.
Sneaker net share – You can create a new folder and copy the contents of an existing
replication folder to it. You can then specify this folder as the new replication folder in the
appliance. The appliance checks if the new folder has all the replication items present and
replicates only the new ones. This results in conserving the bandwidth by not copying the
files twice. You can manually copy the contents of replication folder to a new folder. The
replication folder created in a machine follows following hierarchy:
\\machinename\foldername\repl2\replicationitems folder
The machine name and folder name is user defined while repl2 is automatically created by
appliance server. The replication items folder includes the folder for patches, kbots, upgrade
files, and software.
All the replication items are first listed in the replication queue and then copied one at a time
to the destination path. Any new replication item is first listed in the replication queue and
then copied after a default interval of 10 minutes.
Replication items are copied in this order:
1. Script dependencies
2. Software
3. Agent upgrades
4. Patches
• The replication share needs to have write permissions of the destination path to write
the software files.
• The K1000 agent needs to be installed on the replication share.
• Create a computer label for your target nodes before starting the process.
• Locally
• Shared network drive
6. Specify the replication share destination details:
Writer’s comment -
7. Select the label for the nodes you want to get files from the replication share.
Verify that the selected computer label does not have KACE_ALT_LOCATION
specified. The replication share gets preference over the KACE_ALT_LOCATION while
downloading files to the node.
Download Path Enter the path for nodes in the replication label to copy items from the
replication drive.
For example, a UNC path:
\\fileservername\directory\k1000\
Other nodes need read permission to copy replication items from this
shared folder.
Download Path User Enter the login name for accessing the download path. We recommend you
use only letters and numbers. Some other characters, for example, @, don’t
work.
Download Path Enter the password for accessing the download path. We recommend you
Password use only letters and numbers.
Limit Patch O/S Files Click the OS patches to replicate from the patch subscription settings page.
Default: Replicate all displayed. (Only active patches are available.) For
information about patching, see Patching and Security Guide.
Limit Patch Language Click the language patches to replicate from the patch subscription settings
Files page. Default: Replicate all displayed. For information about patching, see
Patching and Security Guide.
Replicate App Patches Click to replicate the application patches to the replication share.
In the replication schedule, as well as clicking the individual cells, you can:
Copy Schedule From Select an existing replication schedule from the drop-down list to replicate
items according to that schedule.
Notes (Optional) Enter comments in the text box.
When you have completed testing, you might want to return to step 4 and check
Failover to K1000.
• The Dell Update subscription process is different from the K1000 Management
Appliance patch subscription process. For instructions on subscribing to Dell Updates,
see the Configuring Dell OpenManage Catalog Updates section below.
• The names used for these actions are different:
Dell Updates
Action Patching Term Term Used in:
Term
• You manage and execute Dell Updates and Patching from different appliance interface
pages:
Execute Dell Update Administrator Portal > Distribution > Dell Updates
schedules
Manage Dell Updates Administrator Portal > Organization: System > K1000 Settings >
Dell Client and Server Update Settings
Execute Patching Schedules Administrator Portal > Security > Detect and Deploy patches
Manage Patching Administrator Portal > Security > Patching > Subscription
Settings
Updates section below. You configure Dell updates from the Administrator Portal >
Organization: System > K1000 Settings > Control Panel > Dell Client and
Server Update Settings page.
All other Dell Updates settings and feature are available on the Administrator Portal >
Organization: Default > Distribution > Dell Updates tab.
3. Filter out the updates that you do not want to apply to your servers and clients.
You may not want to install all of the patches from the catalog. Mark these patches as
inactive to prevent them from being automatically installed.
4. Group the updates by applications or software families in patch labels that your
schedules use to run the inventory and update actions.
For example, a label can specify patches for all Microsoft Windows systems.
5. Group your Dell systems together in machine labels that your schedules use to run the
inventory and update actions.
For example, you can collect all Dell servers running Microsoft XP into a single label
and then run a patch schedule to inventory and update them.
6. Perform an update inventory to discover which of your nodes have updates available.
You can perform this step independently, or as part of an inventory and update patch
schedule that also installs the updates. Normally, you perform the inventory
automatically as part of a patch schedule.
Patching and Security Guide uses the term detect or detection instead of inventory.
7. Install the updates on the nodes that need them.
This is known as patch update, and you can also perform it automatically part of an
update schedule.
Patching and Security Guide uses the term deploy or deployment instead of update.
8. Bring all these pieces together into patch schedules that automatically run inventory/
update actions for the updates in your update labels, on the corresponding computers in
your machine labels.
Patching and Security Guide walks you through the process of creating a schedule that
automatically inventories your hardware and updates it with the critical software
updates it needs. You can run schedules at any interval that you choose. Normally, you
create different schedules for the laptops, workstations, and servers in your appliance
implementation, because these three types of computers have very different usage
characteristics.
9. Test your schedules on a small subset of the computers you administer to make sure
everything is working the way you expect.
2. Scroll to the bottom the page and click Edit Mode link.
The Dell Client and Server Update Settings page buttons and check boxes are enabled
for changes. The Download Status table shows you the current status of the Dell
catalogs that your appliance uses.
3. Click Disable import of Dell Client and Server Update Catalogs to stop the Dell
updates.
4. Click one of the Check for Changes options to set up a schedule for updating the Dell
catalogs.
The first option of these two is intended for weekly updates and the second for monthly.
5. Use the Stop Download section options to limit the amount of time you allow the Dell
updates to run.
You may want to enforce a hard stop at a specific time, for example, when your users
start working.
6. The Package Download Options buttons to specific whether to limit the Dell
updates to just the ones that apply to your appliance implementation now, or keep all of
the Dell updates available.
If you change operating systems or bring on new Dell equipment frequently, it’s
probably best to keep all Dell updates handy.
The Dell KACE K1000 Management Appliance Policy and Scripting component provides a
point-and-click interface to perform tasks that typically require you to use a manual process
or advanced programming.
Scripting Overview
With Policy and Scripting, you can more easily and automatically perform a variety of tasks.
You can perform these tasks across your network through customized scripts that run
according to your preferences.
• Power management
• Installing software
• Checking antivirus status
• Changing registry settings
• Scheduling deployment to the endpoints on your network
Each script consists of:
• Metadata
• Dependencies (any supporting executable files that are necessary to run a script, for
example, .zip and .bat files)
• Rules to obey (Offline Kscripts and Online Kscripts)
• Tasks to complete (Offline Kscripts and Online Kscripts). Each script can have any
number of tasks, and you can configure whether each task must complete successfully
before the next is executed
• Deployment settings
• Schedule settings
You can create these types of scripts:
• Offline KScripts: These scripts can execute even when nodes are not connected to the
appliance server, such as at the time of Machine Boot Up and User Login. Or, they
execute at a scheduled time based on the node clock. You can create these scripts using
the K1000 Management Appliance scripting wizard.
• Online KScripts: These scripts can execute only when the node is able to ping the
appliance server. They execute at scheduled times based on the appliance clock. You can
create these scripts using the K1000 Management Appliance scripting wizard.
• Online Shell Scripts: These scripts can execute only when the node is connected to
the appliance server. They execute at scheduled time based on the server clock. The
online shell scripts are built using simple text-based scripts (bash, perl, batch, etc.)
supported by the target operating system. Batch files are supported on Windows, along
with the different shell script formats supported by the specific operating system of the
targeted machines.
K1000 Remote Control Enables the appliance Remote Control functionality on Windows XP
Enabler Professional by configuring Terminal Services properly.
K1000Client debug logs Disables the debug switch used with the appliance Client debug logs Enable.
Disable
K1000Client debug logs Enables client debug and send the debug log back to the appliance. This
Enable script turns on debug only for the inventory and deployment part of the node.
It does not enable debugging of the scheduling service.
Make Removable Drives Allows removable drives to be mounted only as read-only (a method of
Read-Only controlling unauthorized access to data).
Make Removable Drives Removable drives can be mounted read-write.
Read-Write
Message Window Script Illustrates use of message window. Your script must have properly paired
Example create/destroy message window commands to work properly. Message
Windows remain displayed until one of the following occurs:
• User dismisses the message.
• Script finishes executing.
• Timeout is reached.
Put a Mac to sleep Puts a Mac OS system in sleep mode.
Reset KUID Deletes the registry keys that identify a node so that a new key can be
generated. Will only execute one time per node due to the
ResetKUIDRunOnce registry flag.
Shutdown a Mac Powers-off a Mac OS system.
Shutdown a Mac with An example Online KScript that uses the Alert User Before Run feature to
snooze allow the console user to snooze the shutdown.
Shutdown a Windows Specifies delay (in seconds) while the message in quotes is displayed to the
system user. Omit the -t parameter to silently and immediately shutdown nodes.
Shutdown a Windows An example Online KScript that uses the Alert User Before Run feature to
system with Snooze allow the console user to snooze the shutdown.
USB Drives Disable Disables usage of USB Drives.
USB Drives Enable Enables usage of USB Drives.
The process of creating scripts is an iterative one. After creating a script, deploy the script
to a limited number of machines to verify that the script runs correctly before deploying it
to all the machines on your network. (You can create a test label to do this.) Leave a script
disabled until you have tested and edited the script and are ready to run it.
Adding Scripts
Offline and Online KScripts include one or more Tasks. Within each Task section, there are
Verify and Remediation sections where you can further define the script behavior. If a
section is left blank, it defaults to success.
For example, if you leave the Verify section blank, it ends in On Success.
Script Type Use this field to select the Offline Kscript or Online Kscript types.
Name (Optional) Enter a meaningful name for the script to make it easier to distinguish
from others listed on the Scripts tab.
Description (Optional) Enter a brief description of the actions the script performs. This
information helps you to distinguish one script from another on the Scripts tab.
Status Select a value to indicate whether the script is in development (Draft) or has
been rolled out to your network (Production). Use the Template status if you
are building a script that is used as the basis for future scripts.
Enabled Select to run the script on the target machines. Do not enable a script until you
are finished editing and testing it and are ready to run it. Enable the script on a
test label before you enable it on all machines.
Notes (Optional) Enter notes for yourself and other appliance administrators.
Supported Select the operating systems to run the script on, or leave blank to run on all
Operating operating systems. The operating systems you select determine choices available
Systems to you in the Task options menus. The options are different for different
operating systems. If you pick more than one operating system, only the options
available for all of the operating systems are offered.
If you select a label as well, the script only runs on machines with that label if they
are also running the selected operating system.
Alerts: Alert User Before Run Provide the user the option of delaying or
Online KScripts canceling the script before it runs. (For example,
Only choose to enable this for scripts that reboot or
Agents 5.1 (and shut down computers.) If no user is logged in to
higher) Windows the console, the script runs immediately.
and Mac OS agents Dialog Options:
• OK - The script runs immediately.
• Cancel - The script is cancelled until its
next scheduled run.
• Snooze - The user is prompted again after
the Snooze Duration.
If the time specified by Dialog Timeout elapses
without the user pressing a button, the script
runs at that time.
When the user presses the snooze button, the
dialog reappears after the Snooze Duration.
Interaction With Run As:
• Only the console user can see the alert dialog
(and therefore choose to snooze or cancel)
regardless of the Run As setting.
• Enabling an alert prompts the console user
even if the script is set to run as all users or
another user.
Dialog Timeout (Minutes): Enter the number of minutes.
Snooze Duration Enter the number of minutes:
(Minutes):
Alert Message: Enter the message you want displayed to users.
Run As: Run As Local System Run with administrative privileges on local
Online KScripts machine.
Only Use this setting for all scripts created with a
wizard.
Run As User logged in to Affect that user’s profile.
console
Run As All Logged in Users Affect all users’ profiles.
Run As User: Handle network-wide tasks. Usually admin, but
you can run as any user.
Scheduling In the Scheduling area, specify when and how often the script is run.
Don’t Run on a Schedule Runs in combination with an event rather than
on a specific date or at a specific time. Use this
option in combination with one or more of the
“Also” choices below. For example, use this
option in conjunction with “Also Run at User
Login” to run whenever the user logs in.
Run Every nth minutes/hours Runs on every hour and minutes as specified.
Run Every day/specific day at Runs on the specified time on the specified day.
HH:MM AM/PM
Custom Schedule Allows you to set an arbitrary schedule using
standard cron format. For example, 1,2,3,5,20-
25,30-35,59 23 31 12 * * means:
On the last day of year, at 23:01, 23:02, 23:03,
23:05, 23:20, 23:21, 23:22, 23:23, 23:24, 23:25,
23:30, 23:31, 23:32, 23:33, 23:34, 23:35, 23:59.
The appliance doesn’t support the extended cron
format.
Also Run Once at next Client Runs the Offline KScript once when new scripts
Checkin (Only for Offline are downloaded from the appliance. To set the
KScript) time interval for downloading scripts, click
Scripting Update Interval in the help area on
this page.
Also Run at Machine Boot Up Runs the Offline KScript at machine boot time.
(Only for Offline KScript) Beware that this causes the machine to boot up
slower than it might normally.
Also Run at User Login (Only Runs the Offline KScript after the user has
for Offline KScript) entered their Windows login credentials.
Allow Run While Disconnected Allows the Offline KScript to run even if the
(Only for Offline KScript) target machine cannot contact the appliance to
report results. In such a case, results are stored
on the machine and uploaded to the appliance
until the next contact.
Allow Run While Logged Off Allows the Offline KScript to run even if a user is
(Only for Offline KScript) not logged in. To run the script only when the
user is logged into the machine, clear this
option.
5. Click Run Now to immediately push the script to all machines. Use this option with
caution. For more information about Run Now, refer to Using the Run Now function,
on page 156.
6. To browse for and upload files required by the script, click Add new dependency,
click Browse, and then click Open to add the new dependency file.
If a Replication Share is specified and enabled at Distribution > Replication, the
dependencies are downloaded from the specified replication share.
IF Verify THEN
Success
ELSE IF Remediation THEN
Remediation Success
ELSE
Remediation Failure
8. Under Policy or Job Rules, set the following options for Task 1:
9. In the Verify section, click Add to add a step, and then select one or more steps to
perform.
Refer to Appendix B: Adding Steps to Task Sections, starting on page 235.
10. In the On Success and Remediation sections, select one or more steps to perform.
Refer to Appendix A: Administering Mac OS Nodes, starting on page 229.
11. In the On Remediation Success and On Remediation Failure sections, select one
or more steps to perform.
Refer to Appendix A: Administering Mac OS Nodes, starting on page 229.
To remove a dependency, task, or step, click the trash can icon beside the
item. This icon appears when your mouse hovers over an item.
Click beside Policy or Job Rules to view the token replacement variables
that can be used anywhere in the K1000 Management Appliance script. The
variables are replaced at runtime with appropriate values on the node. For
more information, refer to Token Replacement Variables, on page 147.
Scheduling In the Scheduling area, specify when and how often the script runs.
Don’t Run on a Schedule The test runs in combination with an
event rather than on a specific date or at a
specific time. Use this option in
combination with one or more of the
“Also” choices below. For example, use
this option in conjunction with “Also Run
at User Login” to run whenever the user
logs in.
Run Every nth minutes/ The test runs on the interval of hour and
hours minutes specified.
Run Every day/specific The test runs on the specified time on the
day at HH:MM AM/PM specified day.
Custom Schedule This option allows you to set an arbitrary
schedule using standard cron format. For
example, 1,2,3,5,20-25,30-35,59 23 31 12
* * means:
On the last day of year, at 23:01, 23:02,
23:03, 23:05, 23:20, 23:21, 23:22, 23:23,
23:24, 23:25, 23:30, 23:31, 23:32, 23:33,
23:34, 23:35, 23:59. The appliance
doesn’t support the extended cron
format.
5. Click Run Now to immediately push the script to all machines. Use this option with
caution. For more information about the Run Now button, refer to Using the Run Now
function, on page 156.
6. To browse for and upload files required by the script, click Add new dependency,
click Browse, and then click Open to add the new dependency file.
If a Replication Share is specified and enabled at Distribution > Replication, the
dependencies are still downloaded from the appliance server, because Replication is not
supported by online shell scripts.
Repeat this step to add additional new dependencies as necessary.
7. Specify the following:
To remove a dependency, click the trash can icon beside the item. This
icon appears when your mouse hovers over an item.
Click beside Policy or Job Rules to view the token replacement variables
that can be used anywhere in the K1000 Management Appliance script, and
are replaced at runtime on the node with appropriate values. For more
information, refer to Token Replacement Variables, on page 147.
Editing Scripts
On the Script: Edit Detail page, you can edit the three types of scripts: Offline KScripts,
Online KScripts, and Online Shell Scripts. You can also edit Offline KScripts and Online
KScripts by using the wizard or with the XML editor. To use the XML editor, click the View
raw XML editor link below the Scheduling option.
To edit a script
1. Click Scripting > Scripts.
2. Click the name of the script you want to edit.
The Script: Edit Detail page appears.
3. Modify the script as desired.
4. Click Save.
Importing Scripts
If you prefer to create your script in an external XML editor, you can upload your finished
script to the K1000 Management Appliance. Be sure that the imported script conforms to the
following structure:
• The root element <kbots></kbots> includes the URL of the KACE DTD
“kbots xmlns=”http://kace.com/Kbots.xsd”>...<kbots>
• One or more <kbot> elements.
In the above example of a simple XML script, the </config> element corresponds to the
Configuration section on the Script: Edit Detail page. This is where you specify the name of
the policy or job (optional), and the script type (policy or job). Within this element you can
also indicate whether the script can run when the target machine is disconnected or logged
off from the appliance.
You can specify whether the script is enabled and describe the specific tasks the script is to
perform within the <compliance> element.
If you are creating a script that will perform some of the same tasks as an
existing script, copy the existing script, and open it in an XML editor. The
script’s <compliance> element gives you an idea of how the script works,
and how you can change it.
For more information, refer to To Duplicate an existing Script, on page 155.
• Suspect machines on your network are infected with a virus or other vulnerability, and
they can compromise the entire network if not resolved right away.
• Want to test and debug scripts on a specific machine or set of machines during
development.
The Run Now function is available in three locations:
• Run Now tab—Running Scripts from the Scripting > Run Now tab allows you to run
one script at a time on the target machines.
• Script: Edit Detail Page—Running Scripts from the Script : Edit Detail page allows
you to run one script at a time on the target machines.
• Scripts List Page—Running scripts from the Scripts List Page using the Run Now
option from the Choose Action menu allows you to run more than one script at the
same time on the target machines.
You can use the Filters options to filter the Scripts list.
3. Select the machines on which Script needs to run from the Inventory Machines list.
Selected machine names appear in the Machine Names field.
• You can use the Filters to filter the machine names list.
• You can add all the machines by clicking Add All.
At least one machine name is required.
4. Click Run Now to run the selected script.
To use the Run Now function from the Scripts Lists Page
To minimize the risk of deploying to unintended target machines, create a label that
represents the machines you want to run the Run Now function on. Refer to Using the Run
Now function, on page 156, for more information.
1. Click Scripting > Scripts.
2. Select the scripts you want to run.
3. From the Choose Action menu, click Run Now.
• The Pushed column indicates the number of machines on which the script is attempting
to run.
• The Completed column indicates the number of machines that have finished running
the script.
The numbers in these columns increment accordingly as the script runs on all of the selected
machines. The icons above the right-hand column provide further details of the script status.
Icon Description
The script is still being run, therefore its success or failure is unknown.
If errors occurred in pushing the scripts to the selected machines, you can search the
scripting logs to determine the cause. For more information about searching logs, refer to
Searching the Scripting Log Files, on page 158.
The Run Now function communicates over port 52230. One reason a script
might fail to deploy is if firewall settings are blocking the appliance Agent from
listening on that port.
You can use the following operators to change how the logs are searched:
Operator Function
3. To search only in logs uploaded by a particular script, choose the script name.
4. Select the log type to search in from the drop-down list.
You can choose from the following options:
• Output
• Activity
• Status
• Debug
5. In the Historical field, select whether to search in only the most recent logs or in all
logs from the drop-down list.
6. In the Labels field, select a label from the drop-down list to search logs uploaded by
machines in a particular label group.
7. Click Search.
The search results display the logs and the machines that have uploaded the logs.
You can apply a label to the machines that are displayed by selecting a label from the drop-
down list, under search results.
If you edit a Wizard-based policy, keep the “Run As” setting as local system.
Name Enter the text label that appears below or beside the shortcut.
Target Enter the application or file that is launched when the shortcut is clicked,
for example, Program.exe.
Parameters Enter the any command line parameters. For example:
/S /IP=123.4
WorkingDir Enter the changes to the current working directory. For example:
C:\Windows\Temp
Location Select the location where the shortcut appears from the drop-down list.
Options include: Desktop, Quick Launch, and Start Menu.
Output filename Enter the name of the log file created by the script.
Log file Enter the type of log you want to query: Application, System,
and Security.
Event Type Enter the type of event you want to query: Information,
Warning, and Error.
Source Name (Optional) Use this field to restrict the query to events from a
specific source.
4. Click Save.
The Script : Edit Detail page appears.
5. Enable and set a schedule for this policy to take effect.
Refer to Adding Scripts, on page 148 for more information.
6. You can view the Event log in the Computers : Detail page of the particular machine, by
selecting Inventory > Computers.
7. In Scripting Logs, under Currently Deployed Jobs & Policies, click the View
logs link beside Event Log.
Action Select a task from the drop-down list. Options include Install, Uninstall,
Repair missing files, and Reinstall all files.
Software Select the application you want to install, uninstall, or modify from the
drop-down list. You can filter the list by entering any filter options.
MSI filename Specify the MSI filename if it is a zip.
User Interaction Select an option to specify how the installation should appear to end users.
Options include: Default, Silent, Basic UI, Reduced UI, and Full UI.
Installation Directory Enter the installation directory.
Additional Switches Enter details of any additional installer switches. Additional Switches are
inserted between the msiexe.exe and the /i foo.msi arguments.
Additional Properties Enter details of any additional properties. Additional Properties are inserted
at the end of the command line.
For example:
msiexec.exe /s1 /switch2 /i patch123.msi TARGETDIR=C:\patcher
PROP=A PROP2=B
Feature List Enter the features to install. Separate features with commas.
Store Config per Select this box to do per-machine installations only.
machine
After install Select the behavior after installation. Options include:
• Delete installer file and unzipped files
• Delete installer file, and leave unzipped files
• Leave installer file, and delete unzipped files
• Leave installer file and unzipped files
Restart Options Select the restart behavior. Options include:
• No restart after installation
• Prompts user for restart
• Always restart after installation
• Default
Logging Select the types of installer messages to log. Press CTRL and click to select
multiple message types. Options include:
• None
• All Messages
• Status Messages
• Non-fatal warnings
• All error messages
• Start up actions
• Action-specific records
• User requests
• Initial UI parameters
• Out-of-memory or fatal exit information
• Out-of-disk-space messages
• Terminal properties
• Append to existing file
• Flush each line to the log
Log File Name Enter the name of the log file.
4. Enable and set a schedule for this policy to take effect. Refer to Adding Scripts, on
page 148 for more information.
UltraVNC Wizard
The UltraVNC Wizard creates a script to distribute UltraVNC to Windows computers on your
network. UltraVNC is a free software application that allows you to remotely log into another
computer (through the Internet or network). Refer to the UltraVNC website
(www.uvnc.com) for documentation and downloads.
Install Options Install Mirror Driver Check the Mirror Driver box to install the optional
UltraVNC Mirror Video Driver.
The Mirror Video Driver is a driver that allows faster and
more accurate updates. The video driver also makes a
direct link between the video driver framebuffer memory
and UltraWinVNC server.
Using the framebuffer directly eliminates the use of the
CPU for intensive screen blitting, resulting in a big speed
boost and very low CPU load.
Install Viewer Check the Viewer box to install the optional UltraVNC
Mirror Video Driver.
Authentication VNC Password Provide a VNC password for authentication.
Require MS Logon To use MS Logon authentication, and to export the ACL
from your VNC installation, use:
MSLogonACL.exe /e acl.txt
Copy and paste the contents of the text file into the ACL
field.
Review the script that is generated by this wizard to make
sure its output is expected. You can view the raw script by
clicking View raw XML Editor on the Script Detail
page.
Disable Tray Icon Select this box if you do not want to display the UltraVNC tray icon on
the target computers.
Disable client options in Select if you do not want to display node options in the tray icon menu
tray icon menu on the target computers. Available if you did not select Disable Tray
Icon.
Disable properties panel Select to disable the UltraVNC properties panel on the target
computers.
Forbid the user to close Select if you do not want to allow computer users to shut down
down WinVNC WinVNC.
5. Click Save.
The Script: Edit Detail page appears.
6. Enable and set a schedule for this policy to take effect. Refer to Adding Scripts, on
page 148, for more information.
Un-Installer Wizard
This wizard allows you to quickly build a script to uninstall a software package. The resulting
script can perform three actions: Execute an uninstall command, Kill a process, and Delete a
directory.
4. Click Save.
The Script: Edit Detail page appears.
5. Enable and set a schedule for this policy to take effect. Refer to Adding Scripts, on
page 148 for more information.
4. Enter the details for the SUS Server and SUS Server Statistics.
5. Click Save.
The Script: Edit Detail page appears.
6. Enable and set a schedule for this policy to take effect.
Refer to Adding Scripts, on page 148, for more information.
• Enabling automatic windows updates settings policy of the appliance on the node.
• Enabling local policy for automatic deployment of windows update on the node.
• Modifying the registry key for automatic deployment of windows update on the node.
• Setting up the group policy on the domain for automatic deployment of windows update
on the node.
• Configuring the patching functionality for automatic deployment of windows update on
the node.
• To enable power management on a Windows XP System, you need EZ GPO. The Power
Management Wizard automatically downloads EZ GPO when run on a Windows XP
system. EZ GPO is a free tool that works in conjunction with Group Policy Objects on
Windows XP. For more information on EZ GPO, see: http://www.energystar.gov
• On Windows 7 and Vista machines, power management is configured using the built-in
powercfg command. (EZ GPO does not work on these platforms.)
• All
• Battery
• Charger (Wall Power)
• UPS
Power usage settings are a trade-off between CPU usage and power usage. Most of the
settings are on/off check boxes to apply or remove options. You can add time periods, in
numbers, to the Sleep settings. The policy options are shown below:
Figure 9-2: The Mac Power Management page
The resulting script assumes that you have root access and shows your
password unencrypted (clear text), so make sure that anyone using this script
is trusted.
This chapter describes the most commonly used features and functions for maintaining and
administering K1000 Management Appliance.
ftp k1000
>close
>quit
If your backup files are too large to upload using the default HTTP mechanism
(the browser times out), you can upload them using FTP. To upload using FTP,
enable the Enable backup via FTP and Make FTP writable security settings.
For details see Configuring Security Settings for the Server, on page 25.
• Verifying that you are using the minimum required version of the K1000 Management
Appliance
• Updating the license key in the Dell KACE K1000 Management Appliance to obtain the
current product functionality.
your version of the Dell KACE K1000 Management Appliance to determine the minimum
updates.
You can use the Reboot and Shutdown buttons after you click the "Edit
Mode" link at the bottom of the page.
Hardware Disk Status Displays the status of the appliance disk array.
Appliance K1000 Log Displays the errors generated on the server.
Access Displays the HTTP Server's access information.
Server Errors Displays errors or server warnings regarding any of the onboard server
processes.
Stats Displays the number of connections the appliance is processing over
time.
Updates Displays details of any appliance patches or upgrades applied using the
Update K1000 function.
Node Client Errors Displays Agent exception logs.
AMP Server Displays AMP server errors.
AMP Queue Displays AMP Queue errors.
• K1000 Agent – Enable debug logging on the node to troubleshoot machine inventory,
managed installs and file synchronizations.
• K1000 AMP Service – Enable debug logging on the Windows node to troubleshoot
the on-demand running of Desktop Alerts, Run-Now scripts, and Patching. You can
enable debug logging by configuring AMP Settings. For information on how to configure
the AMP Settings page, refer to Configuring Agent Messaging Protocol Settings, on
page 29.
Windows debugging
For more information on debug logging on Linux and Mac OS platforms, refer
to Appendix E: Manually Deploying Agents, starting on page 269.
without debug=true debug.log with basic agent.log with basic agent.log with basic
logging logging logging
with debug=true debug.log with detailed agent.log with detailed agent.log with detailed
logging logging logging
K1000 Management Appliance server and agent exceptions are reported nightly to kace.com
if you enabled crash reporting on the Settings > General tab.
In the cases where the logs display errors, this section will be helpful to solve any problems.
This section does not describe every possible error message, but other possible errors can be
resolved by following the same steps:
Step Description
Step 1: Rebuild The disk status log error “Degraded” indicates that you need to rebuild
the array. To do this:
• Click Rebuild Disk Array. Rebuilding can take up to 2 hours.
• If an error state still exists after this, proceed to step 2.
Step 2: Power Down and In some cases, the degraded array may be caused by a hard-drive that is
Reseat the Drives no longer seated firmly in the drive-bay. In these cases, the disk status
will usually show “disk missing” for that drive in the log.
• Power down the Dell KACE K1000 Management Appliance.
• Once the appliance is powered off, eject each of the hard-drives and
then re-insert them, making sure that the drive is firmly in the bay.
• Power the machine back on and then look again at the disk status log
to see if that has resolved the issue.
• If an error state still exists, try rebuilding again or proceed to Step 3.
Step Description
Step 3: Call Dell KACE If you have performed the previous steps and are still experiencing errors,
Technical Support contact Dell KACE Technical Support by e-mail (support@kace.com)
or phone (888) 522-3638 option 2.
The Dell KACE K1000 Management Appliance LDAP feature lets you to browse and search
the data located on an LDAP Server.
If the LDAP server requires credentials for administrative login (aka non-
anonymous login), supply these credentials.
If no LDAP user name is given, an anonymous bind is attempted. Each LDAP
Label may connect to a different LDAP/AD server.
You may bind to an LDAP query based on the following Dell KACE K1000 Management
Appliance variables:
• Computer Name
• Computer Description
• Computer MAC
• IP Address
• User name
• User Domain
• Domain User
Enabled Check this box to enable the appliance to run the label each time a system
checks in. Check this box after you have tested the label.
Filter Type Select the LDAP filter type, either Machine or User.
Associated Label Select an existing label to associate with this LDAP label.
Name
Associated Label Notes Any Notes from the label definition are automatically added to this field.
Server Hostname Specify the IP or the Host Name of the LDAP Server.
Note: For connecting through SSL, use the IP or the Host Name, as
ldaps://HOSTNAME
If you have a nonstandard SSL certificate installed on your LDAP server you
need to contact KACE Support for assistance before proceeding. A
nonstandard certificate can be an internally-signed or a chain certificate
that is not from a major certificate provider such as Verisign.
LDAP Port Number Enter the LDAP Port number, which is either 389 or 636 (LDAPS).
Search Base DN Enter the Search Base DN (Distinguished Names). For example:
CN=Users,DC=kace,DC=com
Search Filter Enter the Search Filter. For example:
(&(sAMAccountName=admin)(memberOf=CN=financial,DC=ka
ce,DC=com))
LDAP Login Enter the LDAP login. For example:
LDAP Login: CN=Administrator, CN=Users,DC=kace=com
LDAP Password Enter the password for the LDAP login.
If you are unable to fill in the information for Search Base DN and Search Filter, you can
use the LDAP Browser Wizard. For more information on the LDAP Browser Wizard,
refer to Service Desk Administrator Guide.
4. Click the Test LDAP Label button to test your new label. Change the label parameters
and test again as necessary.
5. If the LDAP Label is ready to use, click Enabled.
Otherwise, you can save without enabling.
6. Click Save.
Each time a machine checks into the K1000 Management Appliance, this query runs against
the LDAP server. The admin value in the Search Filter is replaced with the name of the user
that is logged onto this machine. If a result is returned, the machine gets the label specified
in the Associated Label field.
To test your LDAP label, click the Test button and review the results.
You can also create an LDAP Label using the LDAP Browser.
LDAP Server Enter the IP or the Host Name of the LDAP Server.
Note: For connecting through SSL, use the IP or the Host Name, as
ldaps://HOSTNAME
If you have a nonstandard SSL certificate installed on your LDAP server,
such as an internally-signed or a chain certificate not from a major
certificate provider such as Verisign, contact KACE Support for
assistance before proceeding.
LDAP Port Enter the LDAP Port number, either 389 or 636 (LDAPS).
LDAP Login Enter the Bind DN. For example:
CN=Administrator,CN=Users,DC=kace,DC=com
LDAP Password Enter the password for the LDAP login.
3. Click Test.
On a successful connection to the LDAP server, a list of possible base DNs
(Distinguished Names) available on that directory is displayed. You can use these base
DNs as a starting point to browse and search the directory.
If the connection was not established, the Operation Failed message appears, which
can be due to one of the following reasons:
5. You can also use the Filter Builder to create complex filters. Click Filter Builder.
The Query Builder is displayed. Specify the following information.
Conjunction Operator Select the conjunction operator from the drop-down list. For
example, AND.
Note: This field is available for the previous attribute only when
you add a new attribute.
Add Click Add. You can add multiple attributes.
Search Scope Click One level to search at the same level or click Sub-tree
level to search at the sub-tree level.
7. Click OK.
The query appears in the Search Filter text area. For example,
(samaccountname=admin).
8. Click Browse to display all the immediate child nodes for the given base DN and search
filter. Click Search to display all the direct and indirect child nodes for the given base
DN and search filter.
The search results are displayed in the left panel.
9. Click a child node to view its attributes.
The attributes are displayed in the right panel.
LDAP Server Enter the IP or the Host Name of the LDAP Server.
Note: For connecting through SSL, use the IP or the Host Name, as
ldaps://HOSTNAME
If you have a nonstandard SSL certificate installed on your LDAP server
you need to contact KACE Support for assistance before proceeding. A
nonstandard certificate can be an internally-signed or a chain certificate
that is not from a major certificate provider such as Verisign.
LDAP Port Enter the LDAP Port number, either 389 or 636 (LDAPS).
LDAP Login Enter the Bind DN. For example:
CN=Administrator,CN=Users,DC=kace,DC=com
LDAP Password Enter the password for the LDAP login.
3. Click Test.
4. On a successful connection to the LDAP server, a list of possible base DNs available on
that directory is displayed. You can use these base DNs as a starting point to browse and
search the directory.
If the connection was not established, the Operation Failed message appears. Check
the following causes:
3. Click Test.
4. On a successful connection to the LDAP server, a list of possible base DNs
(Distinguished Names) available on that directory is displayed. You can use these base
DNs as a starting point to browse and search the directory.
If the connection was not established, the Operation Failed message appears. Check
the following causes:
Conjunction Operator Select the Conjunction Operator from the drop-down list. For
example, AND.
Note: This field is available for the previous attribute only when
you add a new attribute.
9. Click OK. The query appears in the Search Filter text area. For example,
(samaccountname=admin).
10. Click Browse to display all the immediate child nodes for the given base DN and search
filter or click Search to display all the direct and indirect child nodes for the given base
DN and Search Filter.
The search results are displayed in the left panel.
11. Click a child node to view its attributes.
The attributes are displayed in the right panel.
12. Click Next to confirm the LDAP configuration.
13. Click Next to use the displayed settings.
Icon Description
All servers must have a valid IP address or Host Names entered in the Server
Host Name field. Otherwise, the appliance will wait to timeout on an invalid IP
address, resulting into login delays when using LDAP Authentication.
2. Click the icon next to the server name in the list of servers to schedule a user import.
The User Import : Schedule – Choose attributes to import: Step 1 of 3 page appears.
The LDAP Server Details are displayed, which are read-only:
If you are unable to complete the information for Search Base DN and Search Filter, you
can use the LDAP Browser Wizard. For more information on how to use the LDAP
Browser Wizard, refer to Using the LDAP Browser Wizard, on page 191.
4. In Email Notification section, click to enter the recipient’s e-mail address, or choose
Select user to add from the drop-down list.
5. In Scheduling section, specify the scan schedule:
Don’t Run on a Select this to not have the user import run on a schedule. (Default)
Schedule
Run Every day/ Run daily or a specific day of the week at the specified time.
specific day at
HH:MM AM/PM
Run on the nth Run on a specific date or day of the month at the specified time.
of every month/
specific month
at HH:MM AM/
PM
6. Click Next.
The User Import : Schedule - Define mapping between User attributes and LDAP
attributes: Step 2 of 3 page opens.
7. Select the value from the drop-down list next to each LDAP attribute to map the values
from your LDAP server into the User record on the appliance.
The fields in red are mandatory. The LDAP Uid must be a unique identifier for the user
record.
8. Select a label to add to the appliance.
Press CTRL and click to select more than one label. This list displays a list of all the
Label Attribute values that were discovered in the search results.
9. Click Next.
10. Review the information displayed in the tables below:
• The Users to be Imported table displays list of users reported.
• The Labels to be Imported table displays the list of labels reported.
• The Existing Users table and the Existing Labels table display the list of Users and
Labels that are currently on the appliance.
• Only users with a LDAP UID, User Name, and E-mail value will be imported. Any
records that do not have these values are listed in the Users with invalid data table.
11. Click Next to start the import.
The User Import : Schedule - Import data into the K1000: Step 3 of 3 page opens.
12. Click Import Now to save the schedule information and load the user information into
the appliance.
After importing, the User list page appears, where you can edit the imported user
records.
13. Click Save to save schedule information.
The Settings: Authentication page opens.
The imported user can log on to and access all features of the administrator
UI and Service Desk depending on the role assigned.
The Dell KACE K1000 Management Appliance provides a variety of alerts and reporting
features that enable you get a detailed view of the activity on your company’s
implementation.
Reporting Overview
The K1000 Management Appliance is shipped with many stock reports; select Reporting >
Reports to view the list. The reporting engine utilizes XML-based report layouts to generate
reports in HTML, PDF, CSV, TXT, and XSL formats. By default, the appliance provides
reports in the following general categories:
• Compliance
• Dell updates
• Hardware
• Service Desk
• iPhone
• K1000
• Network
• Patching
• Power Management
• Security
• Software
• Template
You can duplicate and modify these reports as necessary. However, a strong knowledge of
SQL is required to successfully change a report.
Running Reports
To run any of the K1000 Management Appliance reports, click the desired format type
(HTML, PDF, CSV, XLS, or TXT). For the HTML format, the report is displayed in a new
window. If you select PDF, CSV, XLS, or TXT formats, you can open the file or save it to your
computer.
• The Table presentation type is a tabular report with optional row groupings and
summaries.
• The Chart presentation type is a bar, line, or pie chart.
Report Title Enter a display name for the report. Make this as descriptive as
possible, so you can distinguish this report from others.
Report Category Enter the category for the report. If the category does not already
exist, it will be added to the drop-down list on the Reports list page.
Description Describe the information that the report will provide.
4. Click the appropriate topic name from the Available Topics list. For example,
software.
b. Click to add that column to the Display Columns list. You can change the column
order by clicking or .
c. To remove a column from the Display list, click the appropriate column and click .
8. Click Next.
9. To define the criteria for displaying records in the report:
a. Click the appropriate field name from the Available Fields list. Columns that you
chose in the previous step appear under display fields. You can also choose a field
from among all fields available for that topic. For example, Threat Level.
b. Click Add.
c. Select the appropriate operator from the comparison drop-down list. For example,
Greater Than.
d. Enter the appropriate value in the text field, for example, 3.
This rule will filter the data and display only software that has Threat Level greater
than 3.
e. Click OK. The rule is added in the list of Current Rules. You can add more than one
rule.
b. Click to add that column to the Display Columns list. You can change the column
order by clicking or .
c. To remove a column from the Display list, click the appropriate column and click .
12. Click Next.
13. (Optional) Customize the report layout. You can drag to set column order, width and
add spacers. You can drag and drop between columns as well as between columns and
spacer. Click on the column and report headings for further menu of labels, grouping,
summary, and other options.
The available options are:
Title Click the title displayed before spacer to display the field name of spacer, Add
as a group and Add as a column options.
Spacer Click spacer to display the field name of spacer and Add as a column options.
Column Click column to display the column name, change label, switch to group,
remove column, summaries and move to right or left depending upon the
column alignment options.
You can jump to steps 1-5 of the Reporting Wizard. Step 1 and Step 2 are
mandatory and cannot be left blank.
Report Title Enter a display name for the report. Make this as descriptive as
possible, so you can distinguish this report from others.
Report Category Enter the category for the report. If the category does not already exist,
it will be added to the drop-down list on the Reports list page.
Description Describe the information that the report will provide.
4. Click the appropriate topic name from the Available Topics list. For example,
software.
5. Click the Chart presentation type icon.
6. Click Next.
7. To choose table columns:
a. Click the Appropriate column name from the Available columns list.
b. Click to add that column to the Display Columns list. You can change the column
order by clicking or .
c. To remove a column from the Display list, click the appropriate column and click .
8. Click Next.
9. To define the criteria for displaying records in the report:
a. Click the Appropriate field name from the Available Fields list. Columns that you
chose in the previous step appear under display fields. You can also choose a field
from among all fields available for that topic. For example, Threat Level.
b. Click Add.
c. Select the appropriate operator from the comparison drop-down list. For example,
Greater Than.
d. Enter the appropriate value in the text field. For example, 3.
This rule will filter the data and display only software that has Threat Level greater
than 3.
e. Click OK. The rule is added in the list of Current Rules. You can add more than one
rule.
You can jump to steps 1-5 of the Reporting Wizard. Step 1 and Step 2 are
mandatory and cannot be left blank.
Title A display name for the report. Make this as descriptive as possible to
distinguish this report from others.
Report Category The category for the report. If the category does not already exist, it will be
added to the drop-down list on the Reports list page.
Output File Name The name for the file generate when this report is run.
Description Describe the information that the report provides.
Output Types Select the appropriate formats that should be available for this report.
SQL Select The query statement that will generate the report data. For reference, consult
Statement the MYSQL documentation.
Break on Columns A comma-separated list of SQL column names. The report will generate break
headers and sub totals for these columns. This setting refers to the auto-
generated layout.
XML Report Layout Click this check box to regenerate the XML Report Layout using new columns.
If you changed only a sort order or a where clause, you don't need to recreate
the layout.
If you changed the columns that the query returns, the XML Report Layout is
regenerated based on your SQL.
4. Click Save.
Title Edit the display name for the report, if required. Make the title as descriptive as
possible to distinguish this report from others.
Report Category Edit or enter the category for the report. If the category does not already exist, it
will be added to the drop-down list on the Reports list page.
Output File Name Edit or enter the name for the file generate when this report is run.
Description Describe the information that the report will provide.
Output Types Select the appropriate formats that should be available for this report.
SQL Select Edit or enter the query statement that will generate the report data. For
Statement reference, consult the MYSQL documentation.
Break on Columns A comma-separated list of SQL column names. The report will generate break
headers and sub totals for these columns. This setting refers to the auto-
generated layout.
XML Report Click this check box to regenerate the XML Report Layout using new columns.
Layout If you changed only a sort order or a where clause, you don't need to recreate the
layout.
If you changed the columns that the query returns, the XML Report Layout is
regenerated based on your SQL.
6. Click Save.
If you manually change a report’s SQL statement, you cannot use the Report
Wizard to change it later.
Scheduling Reports
Reports can be scheduled from the Schedule Reports tab. From the Report Schedules List
page you can open existing schedules, create new schedules, or delete them. You can also
search schedules using keywords.
Schedule Title Enter a display name for the schedule. Make this as descriptive as possible, so
you can distinguish this schedule from others.
Description Enter the information that the schedule would provide.
Report to Schedule Select the appropriate report you would like to schedule. You can filter the list
by entering any filter options.
Report Output Click the desired output report format (PDF, Excel, CSV, or TXT) that should be
Formats available for this scheduled report.
Email Notification Recipients Click the icon to enter the recipient’s e-mail address, or
choose Select user to add from the drop-down list. This is a
mandatory filed.
Subject Enter the subject of the schedule. The subject can help to
quickly identify what the schedule is about.
Message Text Enter the message text in the notification.
Don’t Run on a Schedule Select to run in combination with an event rather than on a specific
date or at a specific time.
Run Every n hours Select to run the scan at a specified interval.
Run Every day/specific day Select to run the schedules daily or on a specified day of the week at
at HH:MM AM/PM the specified time.
Run on the nth of every Select to run the tests on the specified date or day of the month at a
month/specific month at specified time.
HH:MM AM/PM
To run a schedule
1. Click Reporting > Schedule Reports.
The Report Schedules page appears.
2. Click the check boxes for the schedules you want to run.
3. In the Choose Action menu, click Run Selected Schedules Now.
To delete a schedule
1. Click Reporting > Schedule Reports.
The Report Schedules page appears.
2. Click the check box for the schedules you want to delete.
3. In the Choose Action menu, click Delete Selected Item(s).
4. Click Yes to confirm deleting the schedules.
The Alerts feature works only if there is a constant connection between the
appliance agent and the appliance. For information on how to set up the
constant connection, refer to Configuring Agent Messaging Protocol Settings,
on page 29.
5. In the Limit Broadcast To area, select the recipient labels to send this message to.
Press CTRL and click to select multiple labels.
6. Select the Enable Scheduled Run check box to specify the alert schedule. Select the
appropriate day and time from the drop-down lists.
7. Click Save.
The pending alert messages are displayed in the AMP Message Queue until
they are pushed to the target machine. The alert messages remain in the
queue until the target machine checks in. This is true even if the Keep Alive
time interval elapses or if the connection between the appliance Agent and
the appliance has been lost or interrupted.
E-mail Alerts
E-mail Alerts differ from Alerts (broadcast messages) in an e-mail alert you can send out
messages to administrators based on more detailed criteria. The E-mail Alert feature relies
on the Inventory > Computers engine to create a notification that will be sent to
administrators when computers meet the criteria you specify.
The K1000 Management Appliance checks the computers listed in the inventory against the
criteria in the E-mail Alert once in every hour until one or more computers meet the criteria;
then a message is sent to the administrators specified in the alert details.
Default Organization
The default organization will have everything coming into the appliance. The default
organization will allow the administrator to view or perform activities on machines in all
organizations. If a machine is not set in a filter, then the machine will go to the default
organization.
To create an organization
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. In the Choose Action menu, click Add New Item.
The K1000 Organization: Edit Detail page appears.
Name Enter the name for the new organization. This field is mandatory.
Description Enter the description for the new organization.
Role Select the appropriate role from the drop-down list.
Note: First, create the role by going to Organizations > Roles tab, before
you can select that specific role from this list.
4. Click Save.
The K1000 Organization: Edit Detail page appears with more content.
5. Scroll down and click the Edit Mode link.
6. Enter the following information:
Name (Mandatory) Enter a name for the organization. This field retains the
information you specified in the previous page. You can modify the name if
required.
Description Enter the description for the organization. This field retains the
information you specified in the previous page. You can modify the
description if required.
Role Select the appropriate role from the drop-down list. This field retains the
role you selected in the previous page. You can modify this selection if
required.
Note: You must first create the role by going to Organizations > Roles
tab, before you can select that specific role from this list.
Organization Filters Select the filter that will be used to direct a new machine checking into the
appliance, to the this organization. Press CTRL and click to select more
than one filter.
Note: Create the filter by going to Organizations > Filters tab. Then,
you can select that specific filter from this list.
Computer Count (Read-only) Displays the number of computers checking in to the
organization.
Database Name (Read-only) Displays the name of the database the organization is using.
Report User Displays the report user name used to generate all reports in the specific
organization.
By having a report user name, you can provide access to the organizational
database (for additional reporting tools), but not give write access to
anyone.
Suggested
Field Notes
Setting
8. Click Save.
For example:
Windows:
c:\>KInstallerSetup.exe -server=myk1000 -display_mode=silent
or
c:\>KInstallerSetup.exe -server=192.168.2.100 -
display_mode=silent
Mac OS:
/Library/KBOXAgent/Home/bin/setkbox myk1000
or
/Library/KBOXAgent/Home/bin/setkbox 192.168.2.100
Linux:
/KACE/bin/setKBOX myk1000
or
/KACE/bin/setKBOX 192.168.2.100
2. To correct the server name for an already-installed node, edit the host= value in:
Windows:
c:\program files\KACE\KBOX\smmp.conf
Mac OS:
/var/kace/kagentd/kbot_config.yaml
Linux:
/var/KACE/kagentd/kbot_config.yaml
3. Verify that you are able to ping the appliance, and reach it through a web browser at
http://k1000_hostname.
4. Verify that Internet Options are not set to use proxy, or proxy is excluded for the local
network or k1000_hostname.
5. Verify that no firewall or anti-spyware software is blocking communication between the
appliance and any of the agent components, including:
• KBOXManagementService.exe
• KBOXClient.exe
• KUpdater.exe
• kagentd (OS X/ Unix)
6. Verify that the KBOXManagementService.exe (Windows) or the kagentd (OS X/
Unix) processes are running. The agent shows as perl in the OS X Activity Monitor.
If after verifying these items, you are still unable to get the agent to connect to the appliance,
contact KACE Support.
To edit an organization
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click the linked name of the organization.
The K1000 Organization : Edit Detail page appears.
3. Scroll down and click the Edit Mode link.
4. Edit the organization details:
Name You can modify the name if required. This field is mandatory.
Description You can modify the description if required.
Role Select the appropriate role from the drop-down list. This field retains
the role you selected in the previous page. You can modify this
selection if required.
If the role doesn’t exist, see To create a role, on page 217.
Organization Select the filter that will be used to direct a new machine checking
Filters into the appliance, to this organization. Press CTRL and click to
select more than one filter.
If the filter doesn’t exist, see To add a data filter, on page 220, or To
add a LDAP filter, on page 221.
Communicatio 12:00 am to 12:00 am The interval during which the agent is allowed to
ns Window communicate with the appliance.
For example, to allow the agent to connect between 1 AM
and 6 AM only, select 1:00 am from the first dropdown
list, and 6:00 am from the second drop-down list.
Agent “Run 1 hours The interval that the agent checks into the appliance. Each
Interval” time an agent connects, it resets its connect interval based
on this setting. The default setting is once every hour.
Agent 0 The interval (in hours) that the appliance performs an
“Inventory inventory on the nodes on your network. If set to zero, the
Interval” appliance performs the inventory at every Run Interval.
Agent “Splash The appliance is The message that appears to users when communicating
Page Text” verifying your PC with the appliance.
Configuration and
managing software
updates. Please
Wait...
Scripting 15 minutes Set the frequency with which the agent downloads new
Update script definitions. The default interval is 15 minutes.
Interval
Scripting Ping 600 seconds Set the frequency with which the agent tests the
Interval connection to the appliance. The default interval is 600
seconds.
To view historical connection information, go to Settings
> Logs. Select Current log: Stats.
Agent Log Agent Log Retention disallows the server to store the
Retention scripting result information that comes up from the
agents. The default is to store all the results. This can have
a performance impact on the appliance. Turning this off,
gives you less information about what each node is doing,
but will allow the agent check-ins to process faster.
6. Click Save.
To delete an organization
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click the linked name of the organization.
The K1000 Organization: Edit Detail page appears.
3. Scroll down and click Edit Mode.
4. Click Delete to delete the organization.
A confirmation message appears.
5. Click OK to confirm deleting the organization.
To add a user
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Select K1000 Settings > Control Panel.
3. Click Users.
The K1000 System Admin Users page appears.
4. In the Choose Action menu, select Add New Item.
The K1000 System Admin: Edit Detail page appears.
5. Enter the necessary user details.
Do not specify legal characters in any field.
User Name Enter the name the user types to enter the system administrator
console.
Full Name Enter user’s full name.
Email Enter user’s email address.
Domain (Optional) Enter an active directory domain.
Budget Code (Optional) Enter the financial department code.
Location (Optional) Enter the name of a site or building.
Work Phone (Optional) Enter the user’s work phone number.
Home Phone (Optional) Enter the user’s home phone number.
Mobile Phone (Optional) Enter the user’s mobile phone number.
Pager Phone (Optional) Enter the user’s pager phone number.
Custom 1
Custom 2 (Optional) Enter information in the custom fields if necessary.
Custom 3
Custom 4
Password Enter the password for the new user. Blank or empty passwords are
not valid for new users. The user will be created, but cannot be
activated without a valid password.
6. Click Save.
To delete a user
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click K1000 Settings > Control Panel.
The K1000 Settings : Control Panel page appears.
3. Click Users.
The K1000 System Admin Users page appears.
4. Click the check boxes for the users you want to delete.
5. In the Choose Action menu, click Delete Selected Item(s).
6. Click OK to confirm deleting the selected user.
You can also delete users from the K1000 System Admin: Edit Detail page.
Password Enter the password for the user. Blank or empty passwords are not valid.
This field is mandatory.
Confirm Re-enter the user’s password. This field is mandatory.
Password
Organizational Roles
Roles are assigned to each organization to limit access to different tabs in the Administrator
Console and the User Portal. You can restrict what tabs an organization is allowed to see
when the administrator logs in to the Administrator Console and the user logs in to the User
Portal.
Following are the permissions that can be applied for each tab.
• Write:
The organization will have write access for the tab. The administrator or user will be
able to edit the fields present on the screen.
• Read:
The organization will have only read access for the tab. The administrator or user will be
not be able to edit the fields present on the screen. He/she will be not be able to add /
edit / delete any item present in the list.
• Hide:
The tab will be hidden and the administrator or user will not be able to view that tab.
Default role
Default role has access to all tabs in the Administrator Console and the User Portal. The
default role will have write access for all tabs. The administrator or user will be able to edit
the fields present on the screen.
To create a role
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click Roles.
The Organizational Roles page appears.
3. In the Choose Action menu, click Add New Item.
The Organizational Role : Edit Detail page appears.
4. Enter the role information as follows:
Name Enter the name for the new role. This field is mandatory.
Description (Optional) Enter the description for the new role.
To edit a role
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click Roles.
The Organizational Roles page appears.
3. Click the linked name of the role.
The Organizational Role: Edit Detail page appears.
4. Edit the role details:
Name Enter the name for the new organization. This field is mandatory.
Description (Optional) Enter the description for the new organization.
5. Under Permissions ADMIN Console, click the individual tab link to expand it. Or, click
the Expand All link to expand all the tabs.
6. Under each tab, click the All Write option, All Read option, or the All Hide option to
assign the respective permission to all the sub tabs. Or, click the Custom option to
assigned appropriate permission to individual sub tabs.
7. If you click Custom option, select the appropriate permission from the drop-down list
next to each tab.
8. Under Permissions USER Console, click the UserUI link to expand it.
9. Under each tab, click the All Write option, All Read option or the All Hide option to
assign the respective permission to all the sub tabs. Or click the Custom option to
assigned appropriate permission to individual sub tabs.
10. If you click Custom option, select the appropriate permission from the drop-down list
next to each tab.
11. Click Save.
To delete a role
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click Roles.
The Organizational Roles page appears.
3. To delete a role, do one of the following:
• Select the check box beside the role, and then select Delete Selected Item(s) from
the Choose Action menu.
• From the Organizational Role: Edit detail page, click Delete.
4. Click OK.
To duplicate a role
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click Roles.
3. Click the role you want to duplicate.
The Organizational Role : Edit Detail page appears.
4. Click Duplicate to duplicate the organization details.
The page refreshes.
5. Enter the Role information as follows:
6. Click Save.
The Associated Organizations table displays the list of organizations associated with
this role.
Organizational Filters
Filters are used to direct a new machine checking into the appliance to the appropriate
organization. An organization can be assigned more than one filter. The filters are executed
according to the ordinal specified when the filters are created. If a machine is not set in a
filter, it will go to the default organization.
A machine can be directed to the appropriate organizations, in the following ways:
• One or more filters will be executed against the machine that is checking in. If one of the
filters is successful, the machine will be redirected to the correct organization.
• If no filter matches the machine, it will be put into the default organization. The system
administrator can then manually move that machine from the default organization to
the appropriate organization.
Filters are of two types:
• Data Filter:
Allows the automatic organization of machines based on a search criteria. Whenever
machines that check in meet the criteria, they will be directed to the specific
organization.
• LDAP Filter:
LDAP Label allows the automatic organization of machines based on LDAP or Active
Directory interaction. The filter will be applied to the LDAP server, and if any entries are
returned they are automatic organized.
If the LDAP server requires credentials for administrative login (that is, non-
anonymous login), supply those credentials. If no LDAP user name is given,
an anonymous bind is attempted. Each LDAP filter may connect to a different
LDAP/AD server
Enabled Select to enable this filter. (You have to enable the filter to use it.)
Name Enter a name for the filter.
Description Enter the description for the filter.
Evaluation Order Enter a number. The filter will be executed according to the
evaluation order specified.
Enabled Select to enable this filter. (You have to enable the filter to use it.)
Name Enter a name for the filter.
Description Enter the description for the filter.
Evaluation Enter a number. The filter will be executed according to the evaluation
Order order specified.
To edit a filter
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click Filters.
The K1000 Organization Filters page appears.
3. Click the linked name of the filter.
The K1000 Organization Filter : Edit Detail page appears.
Enabled Select to enable this filter. (You have to enable the filter to use it.)
Name Enter a name for the filter.
Description Enter the description for the filter.
Evaluation Order Enter a number. The filter will be executed according to the
evaluation order specified.
To delete a filter
1. From the Organization drop-down list, select System.
The K1000 Organizations page appears.
2. Click Filters.
The K1000 Organization Filters page appears.
3. To delete a filter, do one of the following:
• Select the check box beside the filter, and then select Delete Selected Item(s)
from the Choose Action menu.
• Click Delete.
4. Click OK.
Computers
The K1000 Computers page lists all the nodes that are checking into the appliance. It
displays details for each computer such as Name, Organization - the computer is currently
checking into, Last Sync - when the computer last checked in to the appliance, Description,
and the IP Address.
Advanced Search
If you need more granularity than searching on keywords provides, try using Advanced
Search. Advanced Search allows you to specify values for each field present in the inventory
record and search the entire inventory listing for that value. For example, if you needed to
know which computers had a particular version of BIOS installed to upgrade only those
affected machines.
Refiltering Computers
You can refilter the computers, which will recheck the computers against all filters. For
example, you can check if the filter created by you is applied correctly to the intended
computers. You first create the new filter by going to the Organizations > Filters tab. Now
in the Computers page, you refilter the computers. The organizations column will display the
new organization name in red besides the old organization name, against those computers
on which the filter has got applied.
To refilter computers
1. In the Organization menu, click System.
2. Click Organizations > Computers.
The K1000 Computers page appears.
3. Click the check boxes for the computers that you want to refilter.
4. In the Choose Action menu, click Refilter Selected Computers to recheck the
computers against all filters.
Redirecting Computers
You can redirect a computer to a different organization. For example, a computer checks into
organization A. You can redirect that computer to organization B. The next time the
computer checks in, it will check into organization B.
To redirect computers
1. In the Organization menu, click System.
2. Click Organizations > Computers.
The K1000 Computers page appears.
3. Click the check boxes for the computers that you want to redirect.
4. Select the appropriate organization name under Change Sync to Organization, from the
Choose Action menu, to redirect the computers to the appropriate organization.
The following sections describe each of the detail areas on this page. To expand or collapse
the sections, click the + sign next to the section headers.
Computer Identity This section provides information to help identify the computer on
Information your network, including its name description, IP address, KACE ID,
and other attributes. You also can see the last time the computer
checked into the appliance, and the last time the computer record was
changed.
Service Desk Service Desk Tickets associated with this machine, which can be:
• Tickets assigned to the machine owner.
• Tickets submitted by the machine owner.
To view a Service Desk Ticket’s details, click the Ticket ID (for
example, TICK:0032).
Operating System Details about the computer’s operating system, including installed OS
Information and service packs, OS version number and build, and the date and
time of OS installation.
The Current Uptime and Last System Reboot fields tell you whether
the machine has been rebooted recently, which could indicate
whether or not OS updates have been applied.
User Information Details about the most recent user of this computer, including his or
her user name and domain. (Some computers might have multiple
users).
Manufacturer and BIOS The computer’s make and model as well as its BIOS details, such as
Info name, version, and serial number.
• For a Dell computer, there is a link to the Dell website where you
can view the support record for the computer, including the days
left on the support agreement and compare the original with the
current system configurations.
• For an Apple computer, the link goes to the Apple Support
website where you can view technical specifications for iMac.
• For a Gateway computer, the link goes to the MPC Computers
Support Site.
You can locate your exact system model and original components, as
well as drivers, specifications, manuals and installation guides if
available. This information is displayed for your BIOS serial number.
Processor and Computer The processor type and speed, total and used RAM, and current and
Memory maximum registry size.
Network Interfaces The type and version of NIC card installed in the computer, as well as
the computer’s MAC and IP addresses, and indicates whether or not
DHCP is enabled.
Driver Information Configuration of drives installed on the computer (for example, CD/
DVD-ROM drive) and the total and used disk space amounts for each
hard disk installed.
Motherboard and Related Information about the computer’s motherboard as well as other
Hardware hardware details like sound card and video controllers.
Process List All the processes that are currently running on this computer. This
list is the same as would be displayed on the computer’s Task
Manager > Processes tab.
Installed Programs The titles and versions of software programs installed on this
computer. The programs listed here are the same as listed on the
computer’s Add/Remove Programs list.
Installed Patches The Microsoft patches that have been installed on this computer.
Startup Programs The programs that are configured to launch when this computer
starts up. These are the same programs listed in the computer’s Start
> All Programs > Startup menu.
Services The services that are running on this machine. Click a service to
display the Service : Edit Service Detail page. The fields on this page
represents the service detail information that is automatically
discovered and communicated from the agent.
Harmful Items (Threat The items marked with the threat level as 5. A threat that is harmful
Level 5) to any software, process, startup item, and services associated with
this machine is considered as threat level 5.
Printer List The printers that this computer is configured to use. This is the same
information that is located in the computer’s Start > Printers and
Faxes window.
Uploaded Files A list of the files that have been uploaded to the Dell KACE K1000
Management Appliance from this machine using the “upload a file”
script action.
Custom Inventory Fields Lists any Custom Inventory fields that were created for this machine,
along with the field name and value.
Asset Information The details of the Asset associated with that machine. Details such as
the date and time when the Asset record was created, the date and
time when it was last modified, type of the asset and name of the asset
are displayed.
Asset History The changes done to the Asset of that machine. It lists all the changes
along with the date and time when each change was done.
K1000 Client Logs The logs for the agent application, updates to scripts run on this
machine, and the current status, if available, of any activity currently
in progress on the machine. A question mark (?) in the status column
indicates that the agent has not checked in yet. Therefore, its status is
unknown.
Portal Install Logs Details about User Portal packages installed on this machine.
Scripting Logs Configuration Policy scripts that have been run on this computer,
along with the status, if available, of any scripts in progress.
OVAL Vulnerability Results Results of OVAL Vulnerability tests run on this machine.
• Only tests that failed on this computer are listed by the OVAL ID
and marked as Vulnerable.
• Tests that passed are grouped together and marked as Safe.
Failed Managed Installs Managed Installations that failed to install on this machine. To access
details about the Managed Installation, click the Managed Software
Installation detail page link.
Labels The labels assigned to this computer. Labels are used to organize and
categorize machines
To Install List Managed Installations that will be sent to the computer the next time
it connects with the appliance.
This appendix lists Dell KACE K1000 Management Appliance information and behaviors that
are specific to Apple® Mac OS nodes.
For the supported versions of the Mac OS operating system, see Chapter 4: System
requirements for agents, starting on page 46.
Mac OS Inventory
Your K1000 Management Appliance manages Mac OS X nodes the same manner it manages
Windows nodes. See the Chapter 5: Managing Software and Hardware Inventories, starting
on page 75, for details.
You search for Macintosh nodes using Inventory > Computer > Advanced search. In
the Advanced Search sub tab, identify the nodes using attributes like OS Name, and so
on. For more information on how to use Advanced Search, see Using Advanced Search for
Software Inventory, on page 83.
The Create Notification feature also searches for Mac OS nodes with specific criteria, and
sends the administrator email when it finds them. For example, if you wanted to know when
computers had a critically low amount of disk space left, you could specify the search criteria
to look for a value of 5 MB or smaller in the Disk Free field, and then notify an administrator
who can take appropriate action. For more information on how to create notifications, see
Searching for Computers by Creating Computer Notifications, on page 78.
Inventory Filtering provides a way to dynamically apply a label based on search criteria. It
is often helpful to define filters by inventory attribute. For example, you could create a label
called “San Francisco Office” and create a filter based on the IP range or subnet for machines
in San Francisco. Whenever machines check in that meet that attribute, they would receive
the San Francisco label. This is particularly useful if your network includes laptops that often
travel to remote locations.
You can also create a label to group all your Mac OS nodes. Once grouped by label, software,
reports, or software deployments on your Mac OS nodes can all be more easily managed. For
more information on labeling, refer to Managing Labels, on page 36.
4. By default the agent attempts to install the .pkg file using the following command,
which is sufficient to install a new package or update an existing one to a new version:
5. If you have selected a zip/tgz/tar.gz file, the contents are unpacked and the root
directory is searched for all .pkg files. The installation command runs against each of
these .pkg files. The K1000 Management Appliance searches for all .pkg files on the
top level of an archive and executes that same installer command on all the files in
alphabetical order. After that, the appliance searches for all plain applications (.app) on
the top level of the archive and copies them to /Applications with the following
command:
To execute a script or change any of the these command lines, you can specify the
appropriate script invocation as the Full Command Line. You can specify wildcard in
the filenames you use. Enclose the filename in single or double quotation marks if it
contains spaces. The files are extracted into a directory in /tmp, and that becomes the
current working directory of the command.
On Mac OS, you do not need to include any other files in your archive other
than your script if that's all you want to execute.
Specify the relative path to the executable in the Full Command Line field, to execute a
shell script or other executable that you have included inside an archive. Remember,
you'll be executing your command inside a directory alongside the files that have been
extracted.
For example, to run a file called installThis.sh, package it up alongside a .pkg file,
and then put the command ./installThis.sh in the Full Command Line field. If
you archived it inside another directory, dir, the Full Command Line field is ./dir/
installThis.sh.
Both these examples, as well as some other K1000 Management Appliance functions,
assume that “sh” is in root's PATH. If you're using another scripting language, you may
need to specify the full path to the command processor you want to run in the Full
Command Line, like /bin/sh ./installThis.sh. Be sure to include appropriate
arguments for an unattended, batch script.
If you select the uninstall check box in the MI detail, the appliance removes each .app it
finds in the top level of your archive from the Applications folder. Thus, if you include
two files in your archive named MyApp.app and MyOtherApp.app, those two
applications will disappear from your Applications folder if they exist there.
Uninstallation in this way will be performed only if the archive or package is
downloaded to the node. If you select the check box for Run Command Only, specify
a full command line to ensure the correct removal command is run on the correct
package. Because no package is downloaded in this case, you should specify the path in
the installation database where the package receipt is stored or run the correct file
removal command to delete the files from the Applications folder. In that case, you can
download a script inside an archive and run the script on the Full Command Line.
6. If your package requires additional options, you can enter the following installation
details:
Run Parameters You cannot apply “Run Parameters” to the above mentioned
commands.
Full Command Line You do not need to specify a full command line. The server executes
the installation command by itself. The Mac OS node tries to install
this using:
installer -pkg packagename.pkg -target / [Run
Parameters]
or
ditto -rsrc packagename.app /Applications/theapp
If you do not want to use the default command at all, you can replace it
completely by specifying the complete command line here.
If you have specified an archive file, this command runs against all of
the .pkg files or .app files it can find.
Un-Install using Full Click this check box to uninstall software. If the Full Command Line
Command Line above is filled in, it is run. Otherwise, by default the agent attempts to
run the command, which is generally expected to remove the package.
Run Command Only Click this check box to run the command line only. This will not
download the actual digital asset.
Notes Enter additional information in this field, if any.
Managed Action Managed Action allows you to select the most appropriate time for this
package to be deployed. Execute anytime (next available) and
Disabled are the only options available for Macintosh platform.
Deploy to All Machines Click this check box to deploy to all the machines.
Limit Deployment To Select a label to limit deployment only to machines grouped by that
Selected Labels label. Click Command and click labels to select more than one label.
If you have selected a with a replication share or an alternate
download location, the K1000 Management Appliance copies digital
assets from that replication share or alternate download location
instead of downloading them directly from the K1000 Management
Appliance.
Note: The K1000 Management Appliance always uses a replication
share in preference to an alternate location.
Limit Deployment To Listed You can limit deployment to one or more machines. From the drop-
Machines down list, select a machine to add to the list. You can add more than
one machine, and filter the list by entering filter options.
Deploy Order The lowest deploy number is installed first.
Max Attempts Enter the maximum number of attempts, between 0 and 99, to
indicate the number of times the appliance tries to install the package.
If you specify 0, the appliance enforces the installation forever.
Deployment Window(24H Enter the time (using a 24-hour clock) to deploy the package.
clock) Deployment Window times affect the Managed Action options. Also,
the run intervals defined in the System Console, under
Organizations > Organizations for this specific organization,
override and/or interact with the deployment window of a specific
package.
9. Click Save.
For more information about Distribution, refer to Chapter 8: Distributing Software from
Your K1000 Management Appliance, starting on page 111.
For more information about Managed installations, refer to Managed Installations, on
page 115.
The steps documented here are available on the Scripting component. For details on
scripting, see Chapter 9: Using the Scripting Features, starting on page 143.
Always Fail X X
Call a Custom DLL Call function "%{procName}" from X X X
Function "%{path}\%{file}".
Create a Custom Create object "%{className}" from X X X
DLL Object "%{path}\%{file}".
Create a message Create a message window named X X X X X
window "%{name}" with title "%{title}", message
"%{message}" and timeout "%{timeout}"
seconds.
Delete a registry key Delete "%{key}" from the registry. X X
Delete a registry Delete "%{key}!%{name}" from the X X
value registry.
Destroy a message Destroy the message window named X X X X X
window "%{name}".
This chapter describes how to inventory items that are not appearing in Software list by
default. Custom Inventory rules allow you to automatically detect software and other items on
a node. Capturing this information allows you to manage your custom Software items with
Smart Labels, Distribution and Managed Installations, Scripting, and include additional
details in Reports.
• The software or item you want to inventory is not listed in Add/Remove Programs.
• Different versions of the same software have the same entry in Add/Remove Programs,
either with incorrect or incomplete “Display Version” information.
• To write deployment rules, scripts, reports based on the pressense of a Software Item or
value that is not reported by the agent.
• Conditional rules that test whether or not a condition exists on the node. When a rule
returns true, the agent reports the item as an Installed Program; when the rule
returns false, the item does not appear as an Installed Program.
• Value Return rules that get data from the node and if the value exists the agent
reports the item as an Installed Program and sets a corresponding Custom
Inventory Field.
See Chapter 5: To add software to Inventory manually, starting on page 84 for details.
Download
Download Send Rules
Send Rules
Empty
False
Add Custom
Inventory Field
The agent runs all rules as well as any other processes scheduled for that session. Therefore,
once the agent checks in, it takes several minutes to run all the rules and other processes
before the agent reports the results.
After the agent reports the results, the node’s Inventory > Computer Details page shows
the results under Software in Installed Programs and/or Custom Inventory Fields.
The Installed Program and Custom Inventory Field name. For example BIOSDATE, is the
custom Software Item’s Display name (Title): BIOSDATE.
The Software Items with Value Return rules that set a Custom Inventory Field
also appear as Installed Programs.
If the results you expect don’t appear, verify that the node recently checked in. The check in
time is shown in the Last Inventory field of the Inventory > Computers Detail page.
functionName(argument,argument,...)
Function syntax
Enter the functionName followed by an opening parentheses, enclose the arguments with a
closing parentheses. No spaces are allowed between the name of the function and the
opening parentheses.
Argument syntax
Enter argument syntax for all rules except command and regex (regular expression) as
follows:
RegistryValueEquals(HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
Explorer\Version Vector, IE, 6.000)
RegistryValueEquals(HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
Explorer\Version Vector,IE,6.000)
The following sections describe the rules that test for conditions:
You can also display a list of nodes that have the item installed from the
Inventory > Software > Custom_item: Details page.
Syntax OS Description
Mac OS X
Windows
Linux
Syntax OS Description
Mac OS X
Windows
Linux
ProductVersionGreaterThan(path, X Verifies that the Version > Product
version) Version property of the executable or
installation file you specified is higher than
the NUMBER value you entered.
FileInfoGreaterThan(fullpath, X X X Verifies that the File Info property of the
attribute, type, value) executable or installation file you specified
is higher than the value you entered.
FileInfoLessThan(fullpath, X X X Verifies that the File Info property of the
attribute, type, value) executable or installation file you specified
is lower than the value you entered.
FileInfoEquals(fullpath, X X X Verifies that the attribute of the executable
attribute, type, value) or installation file you specified matches
the value you entered.
RegistryKeyExists(registryPath) X Verifies that a registry key exists.
RegistryValueEquals(registryPath, X Verifies that a registry entry exactly
valueName, value) matches the value you specify. Value is
compared as TEXT.
RegistryValueLessThan(registryPath X Verifies that the registry entry is lower
, valueName, value) than the value you specify. Value is a
NUMBER.
RegistryValueGreaterThan(registryP X Verifies that the registry entry is higher
ath, valueName, value) than the value you specify. Value is a
NUMBER.
EnvironmentVariableExists(var) X X X Verifies that an environment variable with
the name you specify exists.
EnvironmentVariableGreaterThan(var X Verifies that the environment variable
, type, value) definition is higher than the value you
specify.
Only DATE (in the full format mm/dd/
yyyy hh:mm:ss) and NUMBER are valid
types.
EnvironmentVariableLessThan(var, X X Verifies that the environment variable
type, value) definition is lower than the value you
specify.
Only DATE (in the full format mm/dd/
yyyy hh:mm:ss) and NUMBER are valid
types.
Syntax OS Description
Mac OS X
Windows
Linux
EnvironmentVariableEquals(var, X X Verifies that the environment variable
type, value) definition exactly matches the value you
specify.
All three types are valid, TEXT, DATE (in
the full format mm/dd/yyyy hh:mm:ss),
and NUMBER.
PlistValueExists(fullpath, entry) X Verifies that a named value exists in a
PLIST file.
PlistValueGreaterThan(fullpath, X Verifies that the named value is a DATE
entry, type, value) (in the full format mm/dd/yyyy
hh:mm:ss) or NUMBER higher than the
value you specified.
PlistValueLessThan(fullpath, X Verifies that the named value is a DATE
entry, type, value) (in the full format mm/dd/yyyy
hh:mm:ss) or NUMBER lower than the
value you specified.
PlistValueEquals(fullpath, entry, X Verifies that the named value is a TEXT,
type, value) DATE (in the full format mm/dd/yyyy
hh:mm:ss), or NUMBER that exactly
matches the value you specified.
You can specify a colon separated list of
entries to match the value. Arrays and
other valid PLIST datatypes are not
supported.
• DirectoryExists(path)
• FileExists(path)
• RegistryKeyExists(registryPath)
• EnvironmentVariableExists(var)
• PlistValueExists(fullpath, entry)
• FilenamesMatchingRegexExist(fullpath,regex)
DirectoryExists(C:\WINDOWS\)
FileExists(C:\WINDOWS\notepad.exe)
• FileVersionEquals(path, version)
• ProductVersionEquals(path, version)
• FileInfoEquals(fullpath, attribute, type, value)
• RegistryValueEquals(registryPath, valueName, value)
• EnvironmentVariableEquals(var, type, value)
• PlistValueEquals(fullpath, entry, type, value)
• FilenamesMatchingRegexEqual(fullpath,regex,value)
RegistryValueEquals(HKEY_LOCAL_MACHINE\Software\McAfee\AVEngine,
AVDatDate, 2010/03/01)
RegistryValueEquals(HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT
\CurrentVersion,CSDVersion,Service Pack 2)
You can then exclude nodes with this item installed to prevent the appliance from trying to
deploy the SP2 to nodes that are already at that level (that is, SP1 machines that have been
upgraded, as well as machines originally imaged with SP2).
• FilenamesMatchingRegexGreaterThan(fullpath,regex,value) and
FilenamesMatchingRegexLessThan(fullpath,regex,value)
ProductVersionGreaterThan(C:\Program Files\Internet
Explorer\iexplorer.exe, 6.0)
To verify that the production version is 6 (that is equal to 6.0) or higher, enter the following:
ProductVersionEquals(C:\Program Files\Internet
Explorer\iexplorer.exe, 6.0) OR ProductVersionGreaterThan(C:\Program
Files\Internet Explorer\iexplorer.exe, 6.0)
ProductVersionGreaterThan(C:\Program Files\Internet
Explorer\iexplorer.exe, 6.0) AND ProductVersionLessThan(C:\Program
Files\Internet Explorer\iexplorer.exe, 8.0)
Using both AND and OR operators in the same Custom Inventory rule is not
supported. Set up separate Software Items.
• AND operator: All the rules must return true in order for the results to return true and
report the Software Item as an Installed Program.
• OR operator: Only one rule must return true for the Software Item to be reported as an
Installed Program.
RegistryKeyExists(registryPath) AND
RegistryValueEquals(registryPath, valueName, value)
Use the Custom Inventory Field values to manage installs and distribute software as well as
in reports, View by filtering, and Smart Label search criteria, or any other process that can be
performed with a automatically detected setting.
This section covers the following topics:
Syntax OS Description
Mac OS X
Windows
Linux
FileInfoReturn(C:\Program Files\Internet
Explorer\iexplore.exe,ProductVersion,NUMBER)
However, if the value contained a special or alpha character, specify the TEXT as the type.
TEXT limits the operators you can use in queries in other features, such as Smart Label
Search Criteria.
RegistryValueReturn(HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet
Explorer\Registration, ProductId, TEXT)
• ShellCommandTextReturn(command)
• ShellCommandDateReturn(command)
• ShellCommandNumberReturn(command)
The Uptime Return custom Software Item displays in the Custom Inventory Field.
PlistValueReturn(~/Library/Preferences/GlobalPreferences.plist,
AppleLocale, TEXT)
• AND operator: All the values are reported in the Custom Inventory Field.
Separate the conditional statements from the operator with spaces. Do not join AND and OR
operators in the same rule.
The K1000 agent only provides functions that compare file names using regular
expressions.
The following table provides an overview of basic regular expression syntax you can use to
match file names:
Example
Character Description
Expression Matches From
(any string) Entering non-special abc Myabc.txt File.doc
characters only matches any abcFile.xls Myabc.txt
file name that contains the MyFile.abc abcFile.xls
string.
MyFile.abc
Example.jpg
. Dot matches any single . File.doc File.doc
character. When entered Myabc.txt Myabc.txt
alone it matches all files. abcFile.xls abcFile.xls
MyFile.abc MyFile.abc
Example.jpg Example.jpg
Example
Character Description
Expression Matches From
\ Backslash escapes a special \. File.doc File.doc
character, suppressing the Myabc.txt Myabc.txt
special regular expression abcFile.xls abcFile.xls
quantifier meaning.
MyFile.abc MyFile.abc
For example, to match all text
Example.jpg Example.jpg
files, enter: .*\.txt$
^ Caret (and \A) matches the ^k kinstaller.exe install.exe
characters you specify to the runkbot.bat
start of the file name. kinstaller.exe
| Pipe separates a list of run|installer kinstaller.exe install.exe
options to match. runkbot.bat kinstaller.exe
runkbot.bat
$ Dollar (and \Z or \z) bat$ MyStartup.bat MyStartupBat.doc
matches the characters your MyStartup.bat
specify to the end of the file
name.
? Question mark makes the \.log10?$ a.log11 app.log
preceding character optional mylog.log10 appconf.log2
in matches. mylog.log10
a.log11
afile.txt
* Asterisk matches the \.log1*$ app.log app.log
preceding character zero or appconf.log12 appconf.log12
more times. a.log11 mylog.log10
a.log11
afile.txt
+ Plus matches the preceding ap+.*\.log app.log app.log
character one or more times. appconf.log12 appconf.log12
mylog.log10
a.log11
afile.txt3
[] Brackets enclose a character [123] appconf.log12 app.log
class and matches any mylog.log10 appconf.log12
character within the brackets. a.log11 mylog.log10
Note that character class afile.txt3 a.log11
special character rules differ
afile.txt3
from normal regular
expressions.
Example
Character Description
Expression Matches From
() Parentheses enclosing ap?+\.(log) appconf.log12 app.log
characters creates a [123]$ a.log11 appconf.log12
backreference and matches afile.txt3 mylog.log10
the preceding characters and/
a.log11
or the enclosed characters.
afile.txt3
{n} Curly brackets repeats the a.{3}?+\. appconf.log12 app.log
preceding character the (log)[123]$ afile.txt3 appconf.log12
number of specified times, mylog.log10
where n is greater than or
a.log11
equal to 1.
afile.txt3
Syntax OS Description
Mac OS X
Windows
Linux
For rule syntax see the tables in Checking for conditions (Conditional rules), on page 244,
Getting values from a node (Custom Inventory Field), and Matching file names with Regular
Expressions for more details on the specific rules they can be used in.
The agent locates the directory or file and performs the specific test.
HKEY_LOCAL_MACHINE/software/kace
Specifying a version
version is an integer (datatype is NUMBER) that the agent compares to the version of the
item being tested on the node.
For example, the FileVersionGreaterThan test returns ‘true’ if the value you specify is
higher than the version number of the file or folder and otherwise returns ‘false’.
To test a range, join a Less Than and Greater Than rule as follows:
FileVersionGreaterThan(C:\Program
Files\Adobe\Acrobat\7.0\Acrobat\Acrobat.exe, 6.99) AND
FileVersionLessThan(C:\Program
Files\Adobe\Acrobat\7.0\Acrobat\Acrobat.exe, 8.00)
EnvironmentVariableEquals(ProgramFiles, TEXT,
C:\Program Files)
You can specify any type but the datatype indicated in the table below shows the Windows
supported type:
AccessedDate DATE Last date and time the file was accessed.
Comments TEXT Additional information provided for diagnostic
purposes.
CompanyName TEXT Name of the company that produced the file.
CreatedDate DATE When the file was created.
FileBuildPart NUMBER/ Third position of the File Version, for example
TEXT in version 1.2.3, 3=Build.
FileDescription TEXT File Description of the Windows file properties
Details tab.
FileMajorPart NUMBER/ First position of the File Version, for example
TEXT in version 1.2.3, 1=Major.
FileMinorPart NUMBER/ Second position of the File Version, for
TEXT example in version 1.2.3, 2=Minor.
FileName TEXT Current name of the file. Also see FileExists.
FilePrivatePart TEXT Fourth position of the File Version, for example
in version 1.2.3.4, 4=Private.
FileVersion NUMBER/ Complete File Version shown on the file
TEXT properties Details tab.
Also see FileVersionEquals,
FileVersionGreatThan, and
FileVersionLessThan
InternalName TEXT Internal name of the file, if one exists, such as
the module name.
If the file has no internal name, it is equal to the
original filename, without an extension.
IsDebug TEXT/ Returns True (1) if the file contains debugging
NUMBER information or was compiled with debugging
enabled; otherwise returns False (0).
IsPatched TEXT/ Returns True (1) if the provider marked the file
NUMBER as modified and it is not identical to the
original shipped version; otherwise returns
False (0).
IsPreRelease TEXT/ Returns True (1) if the provider marked the file
NUMBER as a development version, not a commercially
released product; otherwise returns False (0).
IsPrivateBuild TEXT/ Returns True (1) if the provider marked the file
NUMBER as not built using standard release procedures;
otherwise returns False (0). When True, file
also has a PrivateBuild string.
IsSpecialBuild TEXT/ Returns True (1) if the provider marked the file
NUMBER as built by the original company using standard
release procedures but is a variation of the
standard file of the same version number;
otherwise returns False (0).
When True, file also has a SpecialBuild string.
Language TEXT Language code, displays corresponding name
on the File Properties Details tab.
LegalCopyright TEXT Copyright notices that apply to the file.
LegalTrademarks TEXT Trademarks and registered trademarks that
apply to the file.
ModifiedDate DATE Last day and time the file was modified.
OriginalFilename TEXT Provides the full name of the file when it was
put or installed on the node.
PrivateBuild TEXT Information about the version of the file.
ProductBuildPart NUMBER/ Third position of the Product Version, for
TEXT example in version 1.2.3, 3=Build.
ProductMajorPart NUMBER/ First position of the Product Version, for
TEXT example in version 1.2.3, 1=Major.
ProductMinorPart NUMBER/ Second position of the Product Version, for
TEXT example in version 1.2.3, 2=Minor.
ProductName TEXT String that matches the Product Name of the
Windows property.
ProductPrivatePart NUMBER Fourth position of the File Version, for example
in version 1.2.3.4, 4=Private.
ProductVersion NUMBER/ The full production version.
TEXT Also see ProductVersionEquals,
ProductVersionGreaterThan, and
ProductVersionLessThan.
SpecialBuild TEXT Additional information about the build.
• TEXT a string. Only valid for exactly matching in conditional rules such as Equals. In
ValueReturn rules, sets the Custom Inventory Field type to string and therefore limits
search criteria and filtering to matching operators.
• NUMBER an integer. Valid in all conditional rules, allows you to specify a whole number
for comparison.
• DATE must be in the format of MM/dd/yyyy HH:mm:ss for example 09/28/2006
05:03:51. Time is required, for example in a comparison such as greater than you
must at least specify the time as 00:00:00.
Defining commands
The shell command functions allow you to specify the command you want to run on the
computer. The guidelines for writing rule arguments do not apply to command. However
white space after the opening parentheses and immediately before the closing one is stripped
from the command.
This appendix contains a list of the table names used in the Dell KACE K1000 Management
Appliance database.
Table Component
Table Component
Table Component
Table Component
KBOT_VERIFY_STEPS Scripting
LABEL Labeling
LABEL_LABEL_JT Labeling
LDAP_FILTER Labeling
LDAP_IMPORT_USER User
MACHINE Inventory
MACHINE_CUSTOM_INVENTORY Inventory
MACHINE_DAILY_UPTIME Inventory
MACHINE_DISKS Inventory
MACHINE_LABEL_JT Inventory
MACHINE_NICS Inventory
MACHINE_NTSERVICE_JT Inventory
MACHINE_PROCESS_JT Inventory
MACHINE_REPLITEM Inventory
MACHINE_SOFTWARE_JT Inventory
MACHINE_STARTUPPROGRAM_JT Inventory
MESSAGE Alerts
MESSAGE_LABEL_JT Alerts
METER Software Metering
METER_COUNTER Software Metering
MI Managed Installs
MI_ATTEMPT Managed Installs
MI_LABEL_JT Managed Installs
MSP_MI_TEMPLATE Patching
NODE Network Scan
NODE_LABEL_JT Network Scan
NODE_PORTS Network Scan
NODE_SNMP_IF Network Scan
NODE_SNMP_SYSTEM Network Scan
NOTIFICATION Alerts
NTSERVICE Inventory
NTSERVICE_LABEL_JT Inventory
OBJECT_HISTORY Appliance Administration
Table Component
OPERATING_SYSTEMS Inventory
OVAL_STATUS OVAL
PATCHLINK_MACHINE_STATUS Patching (Security)
PATCHLINK_PATCH_LABEL_JT Patching (Security)
PATCHLINK_PATCH_STATUS Patching (Security)
PATCHLINK_SCHEDULE Patching (Security)
PATCHLINK_SCHEDULE_DEPLOY Patching (Security)
_LABEL_JT
PATCHLINK_SCHEDULE_DETECT Patching (Security)
_LABEL_JT
PATCHLINK_SCHEDULE_LABEL_ Patching (Security)
JT
PATCHLINK_SCHEDULE_OS_JT Patching (Security)
PATCHLINK_SCHEDULE_ROLLBA Patching (Security)
CK_LABEL_JT
PATCH_FILTER Labeling
PORTAL Service Desk
PORTAL_LABEL_JT Service Desk
PROCESS Inventory
PROCESS_LABEL_JT Inventory
PROVISION_CONFIG Appliance Administration
PROVISION_NODE Appliance Administration
REPLICATION_LANGUAGE Replication
REPLICATION_PLATFORM Replication
REPLICATION_SCHEDULE Replication
REPLICATION_SHARE Replication
REPORT Reporting
REPORT_FIELD Reporting
REPORT_FIELD_GROUP Reporting
REPORT_JOIN Reporting
REPORT_OBJECT Reporting
REPORT_SCHEDULE Reporting
SAVED_SEARCH Appliance Administration
SCAN_FILTER Labeling
SCAN_SETTINGS Network Scan
Table Component
This appendix explains how to manually deploy the Dell KACE K1000 Management
Appliance agent on nodes using a command-line.
File share must be enabled to access the installers. See Enabling file sharing
on page 47.
1. Ensure that you have the .NET 1.1 Framework dotnetfx.exe installed on this
computer.
If this file is not installed, you can get a replacement from the shared directory of the
appliance server: \\k1000_name\client\agent_provisioning\windows_platform
2. Go to the shared directory of the appliance server:
\\k1000_hostname\client\agent_provisioning\windows_platform
Although the agent automatically checks in, you can force a check in using:
C:\Program Files\KACE\KBOX\KBOXClient.exe
You can also use the IP address instead of the server hostname.
The node information appears in the appliance Inventory within a few minutes.
Although the agent automatically checks in, you can force a check in using
the following command line:
runkbot 4 0
• In a batch file as part of logon scripts, which would run the installer (msiexec) and set
various parameters, such as the value of the host.
• Set an environment variable for the server name and then run the installer.
• Rename the installer name which automatically sets the server name during the install.
This method provides the following parameters:
Table E-1: Command line parameters for the 5.2 Agent
Description Parameter
• /kace – The base directory where the entire agent is installed on the node.
• /kace/bin – This directory contains all the executable files.
• /kace/lib – This directory contains data, such as version number, default
configuration files, and others for the agent.
• /kace/data – This directory contains the application code organized as libraries.
• /var/kace/kagentd – This directory contains the kbot_config.yaml file.
3. Enter:
cd KACE/bin
4. Set the name of the K1000 Management Appliance server, by entering:
./setkbox k1000server_hostname
5. Restart all K1000 Management Appliance agent services and connect to the appliance
server by entering:
./runkbot 1 0
Linux Debugging
The agent normally checks in using the Run Interval schedule specified in
Agent Settings page. For debugging and testing purposes, you can run the
file runkbot located in /KACE/bin to force the agent to force a check in with
the appliance.
For bootstrap: to run the first time after agent installation:
/KACE/bin/runkbot 1 0
For Inventory: to run at any other time:
/KACE/bin/runkbot 2 0
• /Library/K1000Agent/Home/bin
• /Library/K1000Agent/Home/data
• /Library/K1000Agent/Home/lib
• /var/kace/kagentd - This directory contains the kbot_config.yaml file.
8. Enter:
cd Library/K1000Agent/Home/bin
9. Set the name of the appliance server by entering:
./setk1000 k1000server_hostname
10. Restart all agent services and connect to the appliance server by entering:
./runkbot 2 0
Macintosh Debugging
To log on to the AMP Service
1. Open Terminal from Applications > Utilities.
2. Enter the following commands:
$ sudo touch /var/kace/kagentd/debug_agent.tag
$ sudo /Library/K1000Agent/Home/bin/SMMPctl stop
$ sudo /Library/K1000Agent/Home/bin/SMMPctl start
The output of this file is part of the KBOT_LOG.txt file.
1. Go to Inventory > Computer, and click the machine you want to view.
2. On the detail page, go to the Logs section.
3. Click K1000 Agent Logs.
The agent normally checks in using the Run Interval schedule specified in
Agent Settings page. For debugging and testing purposes, you can run the
file runkbot located in /KACE/bin to force the agent to force a check in with
the appliance.
For bootstrap: to run the first time after agent installation:
./runkbot 1 0
For Inventory: to run at any other time:
./runkbot 2 0
The export call must proceed the install call (for example, sudo export
KACE_SERVER=k1000name installer -pkg '/Volumes/Dell KACE/
AMPAgent.pkg' -target /
The daily run output is automatically sent to the System Administrator by email every night
at 2:00 AM.
This appendix contains a sample of the daily run output. Your output may differ from the
sample shown.
The following syntaxes are the standard freebsd maintenance messages:
-
-
The above table reports information about the network status of the
appliance.
Make sure the Ierrs/Oerrs are zero. Other values indicate some sort of
network failure. If you notice consistent errors, contact KACE support for
assistance.
The above indicates the amount of time appliance has been up since the last
time it was powered off.
There will not be any users logged onto the machine.
The load averages vary depending on the load on appliance was when this
report was run.
The message above are the standard freebsd messages regarding the health
of the mail systems.
There should not be mail in the queues. However, if an item still exists, check
your SMTP settings from the Settings > Network Settings page.
The above table indicates the status of your raid drives. If you ever see the
disks degraded or not rebuilding properly, contact KACE support to address
the problem.
ORG.FS OK
ORG.FS_LABEL_JT OK
ORG.GLOBAL_OPTIONS OK
ORG.LABEL OK
ORG.LDAP_FILTER OK
ORG.LICENSE OK
ORG.LICENSE_MODE OK
ORG.MACHINE OK
ORG.MACHINE_CUSTOM_INVENTORY OK
ORG.MACHINE_DISKS OK
ORG.MACHINE_LABEL_JT OK
ORG.MACHINE_NICS OK
ORG.MACHINE_PROCESS OK
ORG.MACHINE_SOFTWARE_JT OK
ORG.MACHINE_STARTUP_PROGRAMS OK
ORG.MESSAGE OK
ORG.MESSAGE_LABEL_JT OK
ORG.MI OK
ORG.MI_LABEL_JT OK
ORG.NETWORK_SETTINGS OK
ORG.NOTIFICATION OK
ORG.OPERATING_SYSTEMS OK
ORG.PORTAL OK
ORG.PORTAL_LABEL_JT OK
ORG.PRODUCT_LICENSE OK
ORG.REPORT OK
ORG.SCHEDULE OK
ORG.SERVER_LOG OK
ORG.SOFTWARE OK
ORG.SOFTWARE_LABEL_JT OK
ORG.SOFTWARE_OS_JT OK
ORG.THROTTLE OK
ORG.TIME_SETTINGS OK
ORG.TIME_ZONE OK
ORG.USER OK
ORG.USER_HISTORY OK
ORG.USER_KEYS OK
ORG.USER_LABEL_JT OK
-- End of daily output --
The database is checked every night for any inconsistencies, and these are
automatically repaired.
If you see any failures from this output, contact Dell KACE Support for
assistance.
• Apache
• EZ GPO
• FreeBSD
• Knoppix
• Microsoft Windows
• OpenSSL
• PHP
• Samba
• Sendmail
Apache
This product (Dell KACE K1000 Management Appliance) includes software developed by
The Apache Software Foundation (http://www.apache.org/). Apache License Version 2.0,
January 2004 http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions. “License” shall mean the terms and conditions for use, reproduction, and
distribution as defined by Sections 1 through 9 of this document. “Licensor” shall mean
the copyright owner or entity authorized by the copyright owner that is granting the
License. “Legal Entity” shall mean the union of the acting entity and all other entities
that control, are controlled by, or are under common control with that entity. For the
purposes of this definition, “control” means (i) the power, direct or indirect, to cause
the direction or management of such entity, whether by contract or otherwise, or (ii)
ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial
ownership of such entity. “You” (or “Your”) shall mean an individual or Legal Entity
exercising permissions granted by this License. “Source” form shall mean the preferred
form for making modifications, including but not limited to software source code,
documentation source, and configuration files. “Object” form shall mean any form
resulting from mechanical transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation, and conversions to other
media types.
“Work” shall mean the work of authorship, whether in Source or Object form, made
available under the License, as indicated by a copyright notice that is included in or
attached to the work (an example is provided in the Appendix below).
“Derivative Works” shall mean any work, whether in Source or Object form, that is
based on (or derived from) the Work and for which the editorial revisions, annotations,
elaborations, or other modifications represent, as a whole, an original work of
authorship. For the purposes of this License, Derivative Works shall not include works
that remain separable from, or merely link (or bind by name) to the interfaces of, the
Work and Derivative Works thereof. “Contribution” shall mean any work of authorship,
including the original version of the Work and any modifications or additions to that
Work or Derivative Works thereof, that is intentionally submitted to Licensor for
inclusion in the Work by the copyright owner or by an individual or Legal Entity
authorized to submit on behalf of the copyright owner. For the purposes of this
definition, “submitted” means any form of electronic, verbal, or written communication
sent to the Licensor or its representatives, including but not limited to communication
on electronic mailing lists, source code control systems, and issue tracking systems that
are managed by, or on behalf of, the Licensor for the purpose of discussing and
improving the Work, but excluding communication that is conspicuously marked or
otherwise designated in writing by the copyright owner as “Not a Contribution.”
“Contributor” shall mean Licensor and any individual or Legal Entity on behalf of whom
a Contribution has been received by Licensor and subsequently incorporated within the
Work.
2. Grant of Copyright License. Subject to the terms and conditions of this License,
each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-
charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative
Works of, publicly display, publicly perform, sublicense, and distribute the Work and
such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of this License, each
Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge,
royalty-free, irrevocable (except as stated in this section) patent license to make, have
made, use, offer to sell, sell, import, and otherwise transfer the Work, where such
license applies only to those patent claims licensable by such Contributor that are
necessarily infringed by their Contribution(s) alone or by combination of their
Contribution(s) with the Work to which such Contribution(s) was submitted. If You
EZ GPO
Copyright (c) 2003-2007, The Environmental Protection Agency.
All of the documentation and software included in the EZ GPO PC Monitor Power
Management Tool software is copyrighted by the Environmental Protection Agency.
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are
permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of
conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of
conditions and the following disclaimer in the documentation and/or other materials
provided with the distribution.
* Neither the name of the Environmental Protection Agency nor the names of its
contributors may be used to endorse or promote products derived from this software
without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE ENVIRONMENTAL PROTECTION AGENCY
AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE FEDERAL GOVERMENT OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
FreeBSD
This product (Dell KACE K1000 Management Appliance) includes software developed by
Free Software Foundation, Inc. GNU GENERAL PUBLIC LICENSE, Version 2, June 1991.
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,675 Mass Ave, Cambridge, MA
02139, USA.Everyone is permitted to copy and distribute verbatim copies of this license
document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your freedom to share and change
it. By contrast, the GNU General Public License is intended to guarantee your freedom to
share and change free software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software Foundation's software and to
any other program whose authors commit to using it. (Some other Free Software Foundation
software is covered by the GNU Library General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public
Licenses are designed to make sure that you have the freedom to distribute copies of free
software (and charge for this service if you wish), that you receive source code or can get it if
you want it, that you can change the software or use pieces of it in new free programs; and
that you know you can do these things.
To protect your rights, we need to make restrictions that forbid anyone to deny you these
rights or to ask you to surrender the rights. These restrictions translate to certain
responsibilities for you if you distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must
give the recipients all the rights that you have. You must make sure that they, too, receive or
can get the source code. And you must show them these terms so they know their rights.
We protect your rights with two steps: (1) copyright the software, and (2) offer you this
license which gives you legal permission to copy, distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain that everyone
understands that there is no warranty for this free software. If the software is modified by
someone else and passed on, we want its recipients to know that what they have is not the
original, so that any problems introduced by others will not reflect on the original authors'
reputations.
Finally, any free program is threatened constantly by software patents. We wish to avoid the
danger that redistributors of a free program will individually obtain patent licenses, in effect
making the program proprietary. To prevent this, we have made it clear that any patent must
1. This License applies to any program or other work which contains a notice placed by the
copyright holder saying it may be distributed under the terms of this General Public
License. The “Program”, below, refers to any such program or work, and a “work based
on the Program” means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it, either verbatim or with
modifications and/or translated into another language. (Hereinafter, translation is
included without limitation in the term “modification”.) Each licensee is addressed as
“you”.
Activities other than copying, distribution and modification are not covered by this
License; they are outside its scope. The act of running the Program is not restricted, and
the output from the Program is covered only if its contents constitute a work based on
the Program (independent of having been made by running the Program). Whether that
is true depends on what the Program does.
2. You may copy and distribute verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and appropriately publish
on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all
the notices that refer to this License and to the absence of any warranty; and give any
other recipients of the Program a copy of this License along with the Program.
You may charge a fee for the physical act of transferring a copy, and you may at your
option offer warranty protection in exchange for a fee.
3. You may modify your copy or copies of the Program or any portion of it, thus forming a
work based on the Program, and copy and distribute such modifications or work under
the terms of Section 1 above, provided that you also meet all of these conditions:
a. You must cause the modified files to carry prominent notices stating that you
changed the files and the date of any change.
b. You must cause any work that you distribute or publish, that in whole or in part
contains or is derived from the Program or any part thereof, to be licensed as a whole
at no charge to all third parties under the terms of this License.
c. If the modified program normally reads commands interactively when run, you must
cause it, when started running for such interactive use in the most ordinary way, to
print or display an announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide a warranty) and that
users may redistribute the program under these conditions, and telling the user how
to view a copy of this License. (Exception: if the Program itself is interactive but does
not normally print such an announcement, your work based on the Program is not
required to print an announcement.)
These requirements apply to the modified work as a whole. If identifiable sections of
that work are not derived from the Program, and can be reasonably considered
independent and separate works in themselves, then this License, and its terms, do
not apply to those sections when you distribute them as separate works. But when
you distribute the same sections as part of a whole which is a work based on the
Program, the distribution of the whole must be on the terms of this License, whose
permissions for other licensees extend to the entire whole, and thus to each and
every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest your rights to work
written entirely by you; rather, the intent is to exercise the right to control the
distribution of derivative or collective works based on the Program.
In addition, mere aggregation of another work not based on the Program with the
Program (or with a work based on the Program) on a volume of a storage or
distribution medium does not bring the other work under the scope of this License.
4. You may copy and distribute the Program (or a work based on it, under Section 2) in
object code or executable form under the terms of Sections 1 and 2 above provided that
you also do one of the following:
a. Accompany it with the complete corresponding machine-readable source code,
which must be distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
b. Accompany it with a written offer, valid for at least three years, to give any third
party, for a charge no more than your cost of physically performing source
distribution, a complete machine-readable copy of the corresponding source code, to
be distributed under the terms of Sections 1 and 2 above on a medium customarily
used for software interchange; or,
c. Accompany it with the information you received as to the offer to distribute
corresponding source code. (This alternative is allowed only for noncommercial
distribution and only if you received the program in object code or executable form
with such an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for making
modifications to it. For an executable work, complete source code means all the
source code for all modules it contains, plus any associated interface definition files,
plus the scripts used to control compilation and installation of the executable.
However, as a special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary form) with the
major components (compiler, kernel, and so on) of the operating system on which
the executable runs, unless that component itself accompanies the executable.
If distribution of executable or object code is made by offering access to copy from a
designated place, then offering equivalent access to copy the source code from the
same place counts as distribution of the source code, even though third parties are
not compelled to copy the source along with the object code.
5. You may not copy, modify, sublicense, or distribute the Program except as expressly
provided under this License. Any attempt otherwise to copy, modify, sublicense or
distribute the Program is void, and will automatically terminate your rights under this
License. However, parties who have received copies, or rights, from you under this
License will not have their licenses terminated so long as such parties remain in full
compliance.
6. You are not required to accept this License, since you have not signed it. However,
nothing else grants you permission to modify or distribute the Program or its derivative
works. These actions are prohibited by law if you do not accept this License. Therefore,
by modifying or distributing the Program (or any work based on the Program), you
indicate your acceptance of this License to do so, and all its terms and conditions for
copying, distributing or modifying the Program or works based on it.
7. Each time you redistribute the Program (or any work based on the Program), the
recipient automatically receives a license from the original licensor to copy, distribute
or modify the Program subject to these terms and conditions. You may not impose any
further restrictions on the recipients' exercise of the rights granted herein. You are not
responsible for enforcing compliance by third parties to this License.
8. If, as a consequence of a court judgment or allegation of patent infringement or for any
other reason (not limited to patent issues), conditions are imposed on you (whether by
court order, agreement or otherwise) that contradict the conditions of this License, they
do not excuse you from the conditions of this License. If you cannot distribute so as to
satisfy simultaneously your obligations under this License and any other pertinent
obligations, then as a consequence you may not distribute the Program at all. For
example, if a patent license would not permit royalty-free redistribution of the Program
by all those who receive copies directly or indirectly through you, then the only way you
could satisfy both it and this License would be to refrain entirely from distribution of
the Program.
If any portion of this section is held invalid or unenforceable under any particular
circumstance, the balance of the section is intended to apply and the section as a whole
is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any patents or other
property right claims or to contest validity of any such claims; this section has the sole
purpose of protecting the integrity of the free software distribution system, which is
implemented by public license practices. Many people have made generous
contributions to the wide range of software distributed through that system in reliance
on consistent application of that system; it is up to the author/donor to decide if he or
she is willing to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to be a consequence
of the rest of this License.
9. If the distribution and/or use of the Program is restricted in certain countries either by
patents or by copyrighted interfaces, the original copyright holder who places the
Program under this License may add an explicit geographical distribution limitation
excluding those countries, so that distribution is permitted only in or among countries
not thus excluded. In such case, this License incorporates the limitation as if written in
the body of this License.
10. The Free Software Foundation may publish revised and/or new versions of the General
Public License from time to time. Such new versions will be similar in spirit to the
present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies a
version number of this License which applies to it and “any later version”, you have the
option of following the terms and conditions either of that version or of any later version
published by the Free Software Foundation. If the Program does not specify a version
number of this License, you may choose any version ever published by the Free
Software Foundation.
11. If you wish to incorporate parts of the Program into other free programs whose
distribution conditions are different, write to the author to ask for permission. For
software which is copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our decision will be
guided by the two goals of preserving the free status of all derivatives of our free
software and of promoting the sharing and reuse of software generally.
NO WARRANTY
12. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE
LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY
AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM
PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY
MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE
LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL,
INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR
INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH
ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
Knoppix
This product (Dell KACE K1000 Management Appliance) includes the Knoppix software
developed by Klaus Knopper. Knoppix is a registered trademark of Klaus Knopper. The
KNOPPIX software collection and all included programs that are authored by Klaus
Knopper, are subject to the terms and conditions of the GNU GENERAL PUBLIC LICENSE
Version 2, as quoted herein.
Please note that this license does NOT automatically apply to third-party programs included
on this CD. Check /usr/share/doc/*/copyright* and other supplied license files of each
software package carefully for more information.
GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free
Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies of this license document, but
changing it is not allowed. Preamble The licenses for most software are designed to take
away your freedom to share and change it. By contrast, the GNU General Public License is
intended to guarantee your freedom to share and change free software--to make sure the
software is free for all its users. This General Public License applies to most of the Free
Software Foundation's software and to any other program whose authors commit to using it.
(Some other Free Software Foundation software is covered by the GNU Library General
Public License instead.) You can apply it to your programs, too. When we speak of free
software, we are referring to freedom, not price. Our General Public Licenses are designed to
make sure that you have the freedom to distribute copies of free software (and charge for this
service if you wish), that you receive source code or can get it if you want it, that you can
change the software or use pieces of it in new free programs; and that you know you can do
these things. To protect your rights, we need to make restrictions that forbid anyone to deny
you these rights or to ask you to surrender the rights. These restrictions translate to certain
responsibilities for you if you distribute copies of the software, or if you modify it. For
example, if you distribute copies of such a program, whether gratis or for a fee, you must give
the recipients all the rights that you have. You must make sure that they, too, receive or can
get the source code. And you must show them these terms so they know their rights. We
protect your rights with two steps: (1) copyright the software, and (2) offer you this license
which gives you legal permission to copy, distribute and/or modify the software. Also, for
each author's protection and ours, we want to make certain that everyone understands that
there is no warranty for this free software. If the software is modified by someone else and
passed on, we want its recipients to know that what they have is not the original, so that any
problems introduced by others will not reflect on the original authors' reputations. Finally,
any free program is threatened constantly by software patents. We wish to avoid the danger
that redistributors of a free program will individually obtain patent licenses, in effect making
the program proprietary. To prevent this, we have made it clear that any patent must be
licensed for everyone's free use or not licensed at all. The precise terms and conditions for
copying, distribution and modification follow.
charge a fee for the physical act of transferring a copy, and you may at your option offer
warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion of it, thus forming a
work based on the Program, and copy and distribute such modifications or work under
the terms of Section 1 above, provided that you also meet all of these conditions: a) You
must cause the modified files to carry prominent notices stating that you changed the
files and the date of any change. b) You must cause any work that you distribute or
publish, that in whole or in part contains or is derived from the Program or any part
thereof, to be licensed as a whole at no charge to all third parties under the terms of this
License. c) If the modified program normally reads commands interactively when run,
you must cause it, when started running for such interactive use in the most ordinary
way, to print or display an announcement including an appropriate copyright notice
and a notice that there is no warranty (or else, saying that you provide a warranty) and
that users may redistribute the program under these conditions, and telling the user
how to view a copy of this License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on the Program is not
required to print an announcement.) These requirements apply to the modified work as
a whole. If identifiable sections of that work are not derived from the Program, and can
be reasonably considered independent and separate works in themselves, then this
License, and its terms, do not apply to those sections when you distribute them as
separate works. But when you distribute the same sections as part of a whole which is a
work based on the Program, the distribution of the whole must be on the terms of this
License, whose permissions for other licensees extend to the entire whole, and thus to
each and every part regardless of who wrote it. Thus, it is not the intent of this section to
claim rights or contest your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or collective works based on
the Program. In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of a storage or
distribution medium does not bring the other work under the scope of this License.
3. You may copy and distribute the Program (or a work based on it, under Section 2) in
object code or executable form under the terms of Sections 1 and 2 above provided that
you also do one of the following: a) Accompany it with the complete corresponding
machine-readable source code, which must be distributed under the terms of Sections 1
and 2 above on a medium customarily used for software interchange; or, b) Accompany
it with a written offer, valid for at least three years, to give any third party, for a charge
no more than your cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be distributed under the
terms of Sections 1 and 2 above on a medium customarily used for software
interchange; or,
c) Accompany it with the information you received as to the offer to distribute
corresponding source code. (This alternative is allowed only for noncommercial
distribution and only if you received the program in object code or executable form with
such an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for making modifications
to it. For an executable work, complete source code means all the source code for all modules
it contains, plus any associated interface definition files, plus the scripts used to control
compilation and installation of the executable. However, as a special exception, the source
code distributed need not include anything that is normally distributed (in either source or
binary form) with the major components (compiler, kernel, and so on) of the operating
system on which the executable runs, unless that component itself accompanies the
present version, but may differ in detail to address new problems or concerns. Each
version is given a distinguishing version number.
If the Program specifies a version number of this License which applies to it and "any later
version", you have the option of following the terms and conditions either of that version or
of any later version published by the Free Software Foundation. If the Program does not
specify a version number of this License, you may choose any version ever published by the
Free Software Foundation.
10. If you wish to incorporate parts of the Program into other free programs whose
distribution conditions are different, write to the author to ask for permission. For
software which is copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our decision will be
guided by the two goals of preserving the free status of all derivatives of our free
software and of promoting the sharing and reuse of software generally.
NO WARRANTY
1. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE
LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY
AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM
PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE
LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY
OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS
PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT
OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT
LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE
PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH
HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your
New Programs If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it free software which
everyone can redistribute and change under these terms. To do so, attach the following
notices to the program. It is safest to attach them to the start of each source file to most
effectively convey the exclusion of warranty; and each file should have at least the
"copyright" line and a pointer to where the full notice is found. <one line to give the
program's name and a brief idea of what it does.> Copyright (C) <year> <name of
author> This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later version. This
program is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this
program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite
330, Boston, MA 02111-1307 USA Also add information on how to contact you by
electronic and paper mail. If the program is interactive, make it output a short notice
like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C)
year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for
details type `show w'. This is free software, and you are welcome to redistribute it under
certain conditions; type `show c' for details. The hypothetical commands `show w' and
`show c' should show the appropriate parts of the General Public License. Of course, the
commands you use may be called something other than `show w' and `show c'; they
could even be mouse-clicks or menu items--whatever suits your program. You should
also get your employer (if you work as a programmer) or your school, if any, to sign a
"copyright disclaimer" for the program, if necessary.
Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright
interest in the program `Gnomovision' (which makes passes at compilers) written by
James Hacker. <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This
General Public License does not permit incorporating your program into proprietary
programs.
If your program is a subroutine library, you may consider it more useful to permit linking
proprietary applications with the library. If this is what you want to do, use the GNU Library
General Public License instead of this License.
Microsoft Windows
This Product is designed for use in supporting the deployment of the following operating
systems: Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 98 Second
Edition, Microsoft Windows Millennium Edition, Microsoft Windows NT Workstation 4
Service Pack 5 or later, Microsoft Windows NT Server 4 Service Pack 5 or later, Microsoft
Windows 2000 Professional, Microsoft Windows 2000 Server (Standard, Advanced and
Datacenter Editions), Microsoft Windows XP Professional, Microsoft Windows XP Tablet PC
Edition, Microsoft Windows XP Media Center Edition, or Microsoft Windows Server 2003
(Web, Standard, Enterprise and Datacenter Editions). This Product is designed for use on
processor architectures supported by the operating system that the Product was built from:
e.g., the x86 32-bit version may only deploy X86 32-bit Microsoft operating systems, the
Intel Itanium version may only deploy versions of Microsoft Windows designed for this
architecture, and the 64-bit extended version may only deploy versions of Microsoft
Windows designed for this architecture. The Product may not function properly with other
operating system products or other processor architectures.
OpenSSL
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL
License and the original SSLeay license apply to the toolkit. See below for the actual license
texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues
related to OpenSSL please contact openssl-core@openssl.org.
OpenSSL License
Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are
permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of
conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of
conditions and the following disclaimer in the documentation and/or other materials
provided with the distribution.
3. All advertising materials mentioning features or use of this software must display the
following acknowledgment:
"This product includes software developed by the OpenSSL Project for use in the
OpenSSL Toolkit. (http://www.openssl.org/)"
4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or
promote products derived from this software without prior written permission. For
written permission, please contact openssl-core@openssl.org.
5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL"
appear in their names without prior written permission of the OpenSSL Project.
6. Redistributions of any form whatsoever must retain the following acknowledgment:
"This product includes software developed by the OpenSSL Project for use in the
OpenSSL Toolkit (http://www.openssl.org/)".
THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
This product includes software written by Tim Hudson (tjh@cryptsoft.com).
documentation included with this distribution is covered by the same copyright terms except
that the holder is Tim Hudson (tjh@cryptsoft.com).
Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be
removed.
If this package is used in a product, Eric Young should be given attribution as the author of
the parts of the library used. This can be in the form of a textual message at program startup
or in documentation (online or textual) provided with the package.
Redistribution and use in source and binary forms, with or without modification, are
permitted provided that the following conditions are met:
1. Redistributions of source code must retain the copyright notice, this list of conditions
and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of
conditions and the following disclaimer in the documentation and/or other materials
provided with the distribution.
3. All advertising materials mentioning features or use of this software must display the
following acknowledgement:
"This product includes cryptographic software written by Eric Young
(eay@cryptsoft.com)". The word 'cryptographic' can be left out if the rouines from the
library being used are not cryptographic related :-).
4. If you include any Windows specific code (or a derivative thereof) from the apps
directory (application code) you must include an acknowledgement:
"This product includes software written by Tim Hudson (tjh@cryptsoft.com)".
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The licence and distribution terms for any publically available version or derivative of this
code cannot be changed, i.e. this code cannot simply be copied and put under another
distribution licence [including the GNU Public Licence.]
PHP
This product (Dell KACE K1000 Management Appliance) includes software developed by
The PHP Group. The PHP License, version 3.0. Copyright (c) 1999 - 2004 The PHP Group.
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, is
permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of
conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of
conditions and the following disclaimer in the documentation and/or other materials
provided with the distribution.
3. The name “PHP” must not be used to endorse or promote products derived from this
software without prior written permission. For written permission, please contact
group@php.net.
4. Products derived from this software may not be called “PHP”, nor may “PHP” appear in
their name, without prior written permission from group@php.net. You may indicate
that your software works in conjunction with PHP by saying “Foo for PHP” instead of
calling it “PHP Foo” or “phpfoo”.
5. The PHP Group may publish revised and/or new versions of the license from time to
time. Each version will be given a distinguishing version number. Once covered code
has been published under a particular version of the license, you may always continue to
use it under the terms of that version. You may also choose to use such covered code
under the terms of any subsequent version of the license published by the PHP Group.
No one other than the PHP Group has the right to modify the terms applicable to
covered code created under this License.
6. Redistributions of any form whatsoever must retain the following acknowledgment:
“This product includes PHP, freely available from <http://www.php.net/>”.
THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND
ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP
DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This software consists of voluntary contributions made by many individuals on behalf of the
PHP Group. The PHP Group can be contacted via Email at group@php.net.
For more information on the PHP Group and the PHP project, please see <http://
www.php.net>. This product includes the Zend Engine, freely available at <http://
www.zend.com>.
Samba
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA
02139, USA
Everyone is permitted to copy and distribute verbatim copies of this license document, but
changing it is not allowed.
Preamble
The licenses for most software are designed to take away your freedom to share and change
it. By contrast, the GNU General Public License is intended to guarantee your freedom to
share and change free software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software Foundation's software and to
any other program whose authors commit to using it. (Some other Free Software Foundation
software is covered by the GNU Library General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public
Licenses are designed to make sure that you have the freedom to distribute copies of free
software (and charge for this service if you wish), that you receive source code or can get it if
you want it, that you can change the software or use pieces of it in new free programs; and
that you know you can do these things.
To protect your rights, we need to make restrictions that forbid anyone to deny you these
rights or to ask you to surrender the rights. These restrictions translate to certain
responsibilities for you if you distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must
give the recipients all the rights that you have. You must make sure that they, too, receive or
can get the source code. And you must show them these terms so they know their rights.
We protect your rights with two steps: (1) copyright the software, and (2) offer you this
license which gives you legal permission to copy, distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain that everyone
understands that there is no warranty for this free software. If the software is modified by
someone else and passed on, we
want its recipients to know that what they have is not the original, so that any problems
introduced by others will not reflect on the original authors' reputations.
Finally, any free program is threatened constantly by software patents. We wish to avoid the
danger that redistributors of a free program will individually obtain patent licenses, in effect
making the program proprietary. To prevent this, we have made it clear that any patent must
be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains a notice placed by the
copyright holder saying it may be distributed under the terms of this General Public
License. The "Program", below, refers to any such program or work, and a "work based
on the Program" means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it, either verbatim or with
modifications and/or translated into another language. (Hereinafter, translation is
included without limitation in the term "modification".) Each licensee is addressed as
"you".
Activities other than copying, distribution and modification are not covered by this
License; they are outside its scope. The act of running the Program is not restricted, and
the output from the Program is covered only if its contents constitute a work based on
the Program (independent of having been made by running the Program). Whether that
is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and appropriately publish
on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all
the notices that refer to this License and to the absence of any warranty; and give any
other recipients of the Program a copy of this License along with the Program.
You may charge a fee for the physical act of transferring a copy, and you may at your
option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion of it, thus forming a
work based on the Program, and copy and distribute such modifications or work under
the terms of Section 1 above, provided that you also meet all of these conditions:
a. You must cause the modified files to carry prominent notices stating that you
changed the files and the date of any change.
b. You must cause any work that you distribute or publish, that in whole or in part
contains or is derived from the Program or any part thereof, to be licensed as a whole
at no charge to all third parties under the terms of this License.
c. If the modified program normally reads commands interactively when run, you
must cause it, when started running for such interactive use in the most ordinary
way, to print or display an announcement including an appropriate copyright notice
and a notice that there is no warranty (or else, saying that you provide a warranty)
and that users may redistribute the program under these conditions, and telling the
user how to view a copy of this License. (Exception: if the Program itself is
interactive but does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If identifiable sections of
that work are not derived from the Program, and can be reasonably considered
independent and separate works in
themselves, then this License, and its terms, do not apply to those sections when you
distribute them as separate works. But when you distribute the same sections as part
of a whole which is a work based on the Program, the distribution of the whole must
be on the terms of this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest your rights to work
written entirely by you; rather, the intent is to exercise the right to control the
distribution of derivative or collective works based on the Program.
In addition, mere aggregation of another work not based on the Program with the
Program (or with a work based on the Program) on a volume of a storage or
distribution medium does not bring the other work under the scope of this License.
3. You may copy and distribute the Program (or a work based on it, under Section 2) in
object code or executable form under the terms of Sections 1 and 2 above provided that
you also do one of the following:
a. Accompany it with the complete corresponding machine-readable source code,
which must be distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
b. Accompany it with a written offer, valid for at least three years, to give any third
party, for a charge no more than your cost of physically performing source
distribution, a complete machine-readable copy of the corresponding source code, to
be distributed under the terms of Sections 1 and 2 above on a medium customarily
used for software interchange; or,
c. Accompany it with the information you received as to the offer to distribute
corresponding source code. (This alternative is allowed only for noncommercial
distribution and only if you received the program in object code or executable form
with such an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for making
modifications to it. For an executable work, complete source code means all the
source code for all modules it contains, plus any associated interface definition files,
plus the scripts used to control compilation and installation of the executable.
However, as a special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary form) with the
major components (compiler, kernel, and so on) of the operating system on which
the executable runs, unless that component itself accompanies the executable.
If distribution of executable or object code is made by offering access to copy from a
designated place, then offering equivalent access to copy the source code from the
same place counts as distribution of the source code, even though third parties are
not compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program except as expressly
provided under this License. Any attempt otherwise to copy, modify, sublicense or
distribute the Program is void, and will automatically terminate your rights under this
License. However, parties who have received copies, or rights, from you under this
License will not have their licenses terminated so long as such parties remain in full
compliance.
5. You are not required to accept this License, since you have not signed it. However,
nothing else grants you permission to modify or distribute the Program or its derivative
works. These actions are prohibited by law if you do not accept this License. Therefore,
by modifying or distributing the Program (or any work based on the Program), you
indicate your acceptance of this License to do so, and all its terms and conditions for
copying, distributing or modifying the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the Program), the
recipient automatically receives a license from the original licensor to copy, distribute
or modify the Program subject to these terms and conditions. You may not impose any
further restrictions on the recipients' exercise of the rights granted herein. You are not
responsible for enforcing compliance by third parties to this License.
7. If, as a consequence of a court judgment or allegation of patent infringement or for any
other reason (not limited to patent issues), conditions are imposed on you (whether by
court order, agreement or otherwise) that contradict the conditions of this License, they
do not excuse you from the conditions of this License. If you cannot distribute so as to
satisfy simultaneously your obligations under this License and any other pertinent
obligations, then as a consequence you may not distribute the Program at all. For
example, if a patent license would not permit royalty-free redistribution of the Program
by all those who receive copies directly or indirectly through you, then the only way you
could satisfy both it and this License would be to refrain entirely from distribution of
the Program.
If any portion of this section is held invalid or unenforceable under any particular
circumstance, the balance of the section is intended to apply and the section as a whole
is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any patents or other
property right claims or to contest validity of any such claims; this section has the sole
purpose of protecting the integrity of the free software distribution system, which is
implemented by public license practices. Many people have made generous
contributions to the wide range of software distributed through that system in reliance
on consistent application of that system; it is up to the author/donor to decide if he or
she is willing to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to be a consequence
of the rest of this License.
8. If the distribution and/or use of the Program is restricted in certain countries either by
patents or by copyrighted interfaces, the original copyright holder who places the
Program under this License may add an explicit geographical distribution limitation
excluding those countries, so that distribution is permitted only in or among countries
not thus excluded. In such case, this License incorporates the limitation as if written in
the body of this License.
9. The Free Software Foundation may publish revised and/or new versions of the General
Public License from time to time. Such new versions will be similar in spirit to the
present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies a
version number of this License which applies to it and "any later version", you have the
option of following the terms and conditions either of that version or of any later version
published by the Free Software Foundation. If the Program does not specify a version
number of this License, you may choose any version ever published by the Free
Software Foundation.
10. If you wish to incorporate parts of the Program into other free programs whose
distribution conditions are different, write to the author to ask for permission. For
software which is copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our decision will be
guided by the two goals of preserving the free status of all derivatives of our free
software and of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE
LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY
AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM
PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY
MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE
LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL,
INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR
INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH
ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
Sendmail
This product (Dell KACE K1000 Management Appliance) includes software developed by
Sendmail, Inc.
SENDMAIL LICENSE
The following license terms and conditions apply, unless a different license is obtained from
Sendmail, Inc., 6425 Christie Ave, Fourth Floor, Emeryville, CA 94608, USA, or by electronic
mail at license@sendmail.com.
License Terms:
Use, Modification and Redistribution (including distribution of any modified or derived
work) in source and binary forms is permitted only if each of the following conditions is met:
1. Redistributions qualify as “freeware” or “Open Source Software” under one of the
following terms:
a. Redistributions are made at no charge beyond the reasonable cost of materials and
delivery.
b. Redistributions are accompanied by a copy of the Source Code or by an irrevocable
offer to provide a copy of the Source Code for up to three years at the cost of
materials and delivery. Such redistributions must allow further use, modification,
and redistribution of the Source Code under substantially the same terms as this
license. For the purposes of redistribution “Source Code” means the complete
compilable and linkable source code of sendmail including all modifications.
2. Redistributions of source code must retain the copyright notices as they appear in each
source code file, these license terms, and the disclaimer/limitation of liability set forth
as paragraph 6 below.
3. Redistributions in binary form must reproduce the Copyright Notice, these license
terms, and the disclaimer/limitation of liability set forth as paragraph 6 below, in the
documentation and/or other materials provided with the distribution. For the purposes
of binary distribution the “Copyright Notice” refers to the following language:
“Copyright (c) 1998-2003 Sendmail, Inc. All rights reserved.”
4. Neither the name of Sendmail, Inc. nor the University of California nor the names of
their contributors may be used to endorse or promote products derived from this
software without specific prior written permission. The name “sendmail” is a trademark
of Sendmail, Inc.
5. All redistributions must comply with the conditions imposed by the University of
California on certain embedded code, whose copyright notice and conditions for
redistribution are as follows:
a. Copyright (c) 1988, 1993 The Regents of the University of California. All rights
reserved.
b. Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met: (i)
Redistributions of source code must retain the above copyright notice, this list of
conditions and the following disclaimer. (ii) Redistributions in binary form must
reproduce the above copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided with the
distribution. (iii) Neither the name of the University nor the names of its
contributors may be used to endorse or promote products derived from this software
without specific prior written permission.
6. Disclaimer/Limitation of Liability: THIS SOFTWARE IS PROVIDED BY SENDMAIL,
INC. AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL SENDMAIL, INC., THE REGENTS OF THE
UNIVERSITY OF CALIFORNIA OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
statistics 14 users
un-installer 166 time limit on sessions 20
Software Asset 85 utility rebates
Software Deployment Components 3 Mac OS 169
software deployment components 3 Windows 168
software distribution summary 14
software inventory 83 V
software revision level 15 verifying minimum server version 177
Software Threat Level 11 viewing computer details by label 37
software threat level graph 11 VNC
SQL controlling on Mac OS X 170
editing 205 VNC settings
SSL Certificate File 27 Mac OS policies 170
SSL Certificate Wizard 28
start and stop the agent 276
W
Startup 90
startup Wake-on-LAN
inventory, managing 90 overview 132
statistics, computer 14 request, issuing 132
statistics, software 14 scheduling requests 133
Steps for Task sections 235 troubleshooting 133
support information wallpaper
AppDeploy 95 controlling 161
synchronizations, file 129 warranty Information 285
System Admin Console Users 215 Windows
system console 2 Automatic Update Settings 167
System requirements 46 configuring Power Management 168
manual deployment of KACE K1000 appliance agent
on 269, 270, 271
T Power Management 168
Tasks In Progress 13 Windows Debugging 182
time limit on open inactive user sessions 20 Windows operating system requirements 46
token replacement Windows policies 160
variables 147 enforce registry settings 160
transferring appliance resources between WinZip
organizations 102 compression levels 124
transferring resources
about 97
transferring resources between KACE K1000
appliances 97
troubleshooting
remote desktops 161
Wake-on-LAN 133
Troubleshooting Tools 33
troubleshooting your appliance 180
types of reports 199
U
UltraVNC Wizard 165
Unpacking the Appliance 4
updates
compared with deployments 139
Dell Updates and patching 139
updating OVAL definitions 180
updating the license key 178
upgrades, KACE K1000 16
upgrading your appliance 174
uploading files to restore settings 176
uploading large FTP files
troubleshooting 26
user alert messages
about 207
User Authentication 193