Just like the title, am migrated to 9.6 sp1 latest update. All my tasks have a couple of active computers in the task. They will stay there indefinitely till I cancel the task and delete them. Any start sync won't make the computers respond. Looking at the log it doesn't even reckognise those computers anymore.
↧
9.6 all tasks have outdate actives computers in it
↧
Has anyone tried deploying a package with dependencies, with the option to allow the user to defer deployment in the delivery method?
If you run the package right away, it installs great (including dependencies), but if you defer once or more, then only the main package runs (dependencies remain deferred it seems). Just trying to figure out how to make this work...
↧
↧
Login problem on fresh installed LDMS 9.6
Hello.
We want to use management Suite V9.6 so we downloaded trial version. We installed and configured sql 2012 and LDMS9.6 exactly the way it's described on the following Youtube video.
Step by step installation guide for LANDesk Management Suite 9 6 - YouTube
Now we are having trouble to login the management console. When we try to login through management console the following error message appears:
Console Initialization Error: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Exception: Error in Utility.GetIntFromRow: column = RIGHTS
Message: Column 'RIGHTS' does not belong to table .
StackTrace: at System.Data.DataRow.GetDataColumn(String columnName)
at LANDesk.ManagementSuite.UserManagement.Common.Utils.GetIntFromRow(DataRow row, String column)
at LANDesk.ManagementSuite.MBSDK.MBSDK.GetRights(Boolean clearCache)
When we try to use web console it says invalid user/password but it's not.
Any help?
↧
Can software distribution be setup on an http share, without granting anonymous access?
I'm setting up a preferred package server and am wondering if it's possible to deploy software to our Macs using an HTTP share that does not have anonymous access turned on. It seems like a bad practice to allow anonymous access to our entire software library. Thanks!
↧
Console Initialization Error: Value cannot be null. Parameter name: userId when launching a remote console
Description: The following error is displayed when launching a remote console and attempting to connect to a core server.
Console Initialization Error: Value cannot be null. Parameter name: userId
Resolution: Check the following registry key on the core server. The value for isNTLM needs to be set to "False". This setting is not currently used and will cause problems if it's enabled.
HKLM\Software\LANDESK\ManagementSuite\Core\Connections\Local
↧
↧
task shows as successful but registry changes were not made
9.6 sp1
I have a couple of tasks to set some registry keys for auto login on some kiosk pc's we have in our environment.
We are using a test account on some & want to switch back over to the production account.
I have tried 2 types of tasks:
1) batch file & reg file
batch file -
@echo off
regedit.exe /s train_autologin.reg
Reg file contains the valid reg commands for the keys I want changed.
2) custom patch scan
set the reg keys in the Detection, Patch Info & Patch Install Commands sections as needed & ran as a scheduled repair task.
Both methods have reported Successful completion of the task, but the registry keys have not changed.
Detection for both tasks are on the
HHLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName
value, which is the targeted item being changed.
I can't figure why these tasks are showing as successful if the key has not updated.
EDIT:
Additionally, In the vulscan log file, I see these lines:
Wed, 29 Apr 2015 12:16:25 No patches found for vulnerability=INTL_CNATouch Auto Login. Returning PATCH_NO_PATCHES_AVAILABLE
Wed, 29 Apr 2015 12:16:25 Last status: Done. No patches found
It seems it is not even detecting that the registry key is not matching what I want, but I am looking at the registry keys & it does indeed have the old account still.
Thanks!
↧
LDAP import, need to update records NOT in AD
I have an LDAP import from AD updating a couple fields for reporting purposes. I need to find a way to update a field in inventory if the device is not in AD at all, does anyone have any ideas?
↧
Question about updating license on old AV agent v9.0 with core v9.6 SP1
Hi, We have a bunch of machines out there still running Landesk agent v9.0 with AV v9.0 and the license will expire next month. Our core server is v9.6 SP1 with Kaspersky AV v10.2. My question is when we renew the license next month will all these old clients with AV v9.0 also receive a new license and continue to function? Thanks!
↧
Scan files backing up in LDSCAN folder after SP1 install, deadlock errors in logs
Since installing SP1 our LDSCAN folder does not process as quickly, it gets backlogged and tasks are not running when they should, especially provisioning jobs. Has anyone else experienced this? We have a ticket open but its been open for a week now and no improvement. I see deadlock errors in the windows application log on the core server but we are not seeing errors on the DB server.
↧
↧
Alerting of unmanaged devices
I have a number of wireless access points. These can be discovered using the IP address and SNMP UDD. Since they are not managed, they simply show up in the UDD console.
I'm trying to figure out a way to get alerted if the array goes offline. I've looked at Tools\Device Monitoring (which would allow a ping) however unmanaged items can't be added. Secondarily, I was thinking about some kind of Device Alert but unsure if this is even possible.
Any solutions that anyone has used successfully?
Thanks,
Sheldon
↧
LDAP Name missing from many client machines
A large percentage of Client Machines, specifically Mac, are missing the the LDAP Name field info so the Primary Owner Column defaults to the Short Name field instead. We would prefer to keep things as consistent and see the CN, OU, DC parameters for all machines if possible. What would be preventing this info from being collected during a scan?
↧
Hardening a Windows Server 2012 R2 to place on DMZ
I have a Win 2012 R2 server that I have to harden and place on the DMZ. I have looked at the Windows Firewall Inbound rules and see the following:
I need to be able to change the ports from ANY ANY to the specific ports that are being used. I'm using DOC-1591 doc as a reference, however, it is not matching up which TCP/UDP ports are used for each of these entries. I appreciate the help in matching these up to the proper ports.
↧
UEFI PXE Boot issues - PXE-E99: Unexpected network Error
Good Day,
I'm not sure what caused my issue, but I'm unable to PXE Boot from UEFI (this worked in the past)
Running 9.6 SP1
I have tried re-deploying my PXE rep with no luck
The issue may have started when we patched to SP1 or possibly after adding a driver to the WinPE image... Did this via the "Preboot" menu in the console (Although the error does not seem related to boot_x64.wim)
Unfortunately our techs just switched to legacy as a workaround so I don't know when the issues surfaced.
This pops up very briefly on the client:
Server IP address is 172.21.0.42
NBP filename is EFI\UNDI\BStrap\bootx64.0
NBP filesize is 1615872 Bytes
Downloading NBP file...
PXE-E99: Unexpected network Error.
I have confirmed the existence of the file on the server in the following path.
C:\Program Files (x86)\LANDesk\PXE\System\images\EFI\UNDI\bstrap\bootx64.0 2014-06-19 5:17AM 1,578 KB
The hash date matches the file time stamp.
<Hash>esBsxTTUHiL99QJaAaG7ig==</Hash>
<LastChanged>2014-06-19T05:17:08-06:00</LastChanged>
Tried dropping the firewall on the Server, Rebooting and yelling "Work darn you!"
Has anybody encountered this before or know what logs might help me come to a solution?
Thank you,
-Sylvain
↧
↧
How to Change the page Logo from LANDesk to Your Company Logo
When connecting to the Management Suite Web Console, is there a way to change the logo to own?
Also I would like to change the hyperlink from landesk.com to my company website.
Thank you.
↧
When creating custom queries can I use variables?
When creating custom queries can I use variables. for example "Computer"."OS"."Updates"."Update"."Install Date" <= "$todaysdate" and if so where can I get a list of variables.
↧
APM maintenance
Hello all,
APM maintenance in the default scheduled task setting isn't really covered in the help files.
About the APM maintenance page
This page is in the Default scheduled task settings dialog box. Use this page to TBD.
s it doing what I suspect deleting LDAP targets from current tasks after the set days ? Is this only for accelerated pushes or also policies ?
The note: APM mainetenance will cleanup targetsfrom the LD_LDAP_TARGETS database table that are older than the selected number of days.
↧
Inventory scan fails
I have one end point that is failing on the inventory scans. System scans fail. Manual scans show an error: "LDISCN32: The inventory server XXXXXX did not respond".
I have done a full uninstall of the LANDesk agent and AV. Removed all remnents of Program files and Program data and then pushed a new agent.
The vulscans are working properly and applying needed patches.
In checking the LDISCN32.log file it only tells me that the scan checked for firewall profile but no reason for failure. Firewall settings have been turned off with no change.
I'm sure this is a simply change, but at a loss on where to look.
Thanks
↧
↧
Local keyboard blocked after applying autofix for Win32.Trojan.Agent
Can anyone help?
We have just applied a fix to Win32.trojan.Agent through patch and compliance as we had around 10 - 15 devices detected.
We observed that LDMS requested a machine reboot following this, however after reboot the locally attached keyboard stops working.
The mouse is OK and any remote access is fine!
It's definitely associated with this fix and subsequent reboot and we confirmed on 6 or so of the 'fixed' devices.
Has anyone experienced similar behaviour?
We are running v9.6 sp2.
Kind regards.
↧
Does the cba_anonymous User Need "Log on as a batch job" Permissions?
I can see that the cba_anonymous user is automatically added with the permissions "Log on as a batch job". To verify this, go into gpedit.msc and navigate to Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment. Open "Log on as a batch job".
I would like to know if this is required for proper LANDesk functionality. My company is in the process of hardening servers based on the DISA STIG and this item (no users or groups other than Administrators must have this right) is currently failing due to LANDesk.
If it is required for proper functionality, I would need documentation stating such.
Sure, I could simply remove this user from this setting and see what happens... but I was hoping for some documentation from LANDesk, or even someone else's experience with it.
↧
Not a product question but if you manage the Landesk system(s) for your company....
I am curious to know what your current job title is and if you would be willing to share your job description. In taking on more responsibility with the Landesk platform I am just curious as to how this position should be classified. Thanks in advance!
↧