Good morning,

as you can see in the image below, i can no longer select any computer component, since i updated landesk 9.6 to ivanti 2017.

Is someone have and idea, how to fix this issue ?

Sincerely

Hi everyone,

I've been breaking my mind over this one and wondered if anyone had any useful information for me. I followed the directions for setting up the Chromebook import from Gsuite here: How to setup Chromebooks in LDMS 2016

I tested this on my dev server, and even though it took a little bit of time (I let it run over night to collect all of our 50,000+ devices) it did eventually pull this information into the console. Since it worked so well in dev, I attempted the exact same steps on my prod server, but it didn't work. I scheduled a run over the weekend, but came back in today and no records were imported. SO I removed everything and started from scratch, walking through the documentation again, even generating a new client cert from Gsuite, removing and re-adding all of the settings in both google and the Ivanti console. I tried restarting my scheduler service, resetting IIS (I saw something about this in a related search regarding certs) and tried rebooting the entire server in case there was some hung process or something that I couldn't identify. Still nothing.

When I go look at the Dashboard on the Google API and Services page, I see some sort of "traffic" though there's not much description about what's actually happening during the run. I walked through the test on Google again, on this page: Chromeosdevices: list  |  Directory API  |  Google Developers - And the test completes successfully. I see results from our Google domain, and a short version of our list of Chromebook is displayed. This leads me to believe that all of the stuff on the Google end is configured and working properly, but there's something not connecting from our server and Google.

When I go to Configure -> Device Discovery -> Chromebooks, and run the "Test Credentials" the window just times out for a long, long time (it did this on my dev server too) and eventually starts responding again after a minute or two. There are no messages about whether or not the test was successful. If I put in credentials I know to be incorrect, I immediately get a failure message, so I think the credentials and certificate are okay.

What else am I missing here? Is there some sort of configuration I've not done? Are there certain rules on the server or in the console that need to be set a certain way? I'm really out of ideas here!

Hello to all,

I'm completely new to Landesk so I apologise if the question may be trivial.

I need to check the situation of a customer's environment who uses Landesk 9.6 and recently renewed the license.

He was using Landesk for patching Windows clients only.

First of all I need to understand if the license is correct, and I think yes:

I tried to download the latest Microsoft patches, since for what I know they were still stuck at 2015...

The download process seems to go well, but then I have this situation:

1 - on Patch and Compliance tool, I can see that some of the updates after 2015 have an icon with a question mark, some others with a red cross:

(example)

What do these icons mean?

2 - in the Patches folder, even deleting all what it was inside and re-launching the update task, the "new" downloaded patches arrive to the same date (more or less 7/2015).

I can't understand if it's a matter of license or configuration, I need to download all the new patches in order to deploy them.

Can you help me?

Thanks

Please confirm the following:

Port UDP 0: Opened on your network devices

WOL in the client BIOS: Enable

Device Agent has WoL enabled

And please also review the following articles on our community:

Understanding Wake On LAN

Understanding Wake On LAN

Troubleshooting WOL (Wake on LAN)

http://community.ivanti.com/support/docs/DOC-2090

Please also see the following information surrounding Wake on WAN which I think would apply more so in your circumstance.

This document discusses how it works and what needs to be done to set it up. Please review this documentation and test its functionality in your environment, and let me know if you run into any issues and where they occur. You may want to attach screenshots of errors or items that may be helpful to diagnose the issue.

Here is a basic checklist of what needs to be enabled for this to work:

1. WOL needs to be enabled in the BIOS
2. WOL needs to be enabled on the NIC
3. WOL needs to be enabled in the devices network settings
4. Routers and switches need to be configured to pass WOL packets between subnets (by default this is generally blocked)

As discussed in the aforementioned community document the associated traffic travels on port 0 by default. This can be changed via the following steps from the Ivanti Endpoint Manager Console on the core server:

1. Configure
2. Services
3. Scheduler [tab]
4. Wake On LAN settings
5. Change port

If configuring your network to accept this traffic is not an option, then at least one workstation must be available and running the Ivanti EPM Agent with the Targeted Multicast feature. In order for this to work, all the time, this device must be available or dedicated to this task.

Another thing to keep in mind as well is that in order to configure and use the Targeted Multicast feature on a machine to use WOL/WOW the following basic need has to be met:

Each subnet needs at least one Multicast Domain Representative. WOL/WOW will not work across subnets without these. Not only do they need to be on each subnet but they need to be online so they can receive these requests form the core.

To configure a Multicast Domain Representative, you can follow the simple instructions found using the link below from our Ivanti Help Center:

Ivanti Help Center

Configure Targeted Multicast

http://help.ivanti.com/Topic/Index/ENU/LDMS/9.5/Content/Windows/swd_t_configure_multicast.htm

We have a new Endpoint manager implementation and I'm trying to understand how/how often the AD location is updated for a client.  We want to use AD OUs as targets for tasks.  When I move a machine from one OU to another it doesn't seem to update after a patch or inventory scan.  I'm assuming that agent is pulling this information from the client, because there doesn't seem to be a task to update EM with AD information directly.  Is the problem the delay between times that the client logs into AD and refreshes its locations information?

Problem:

A brand new 2017.1 install keeps failing at "Configuring Provisioning for your environment".

Symptom:

The related OSD.Upgrade.exe logs output the following error. (This log is referenced when pressing "View Log" next to the failed "Configuring provisioning for your environment")

05/11/2017 15:15:40 INFO  2168:1     RollingLog : *************************************************************************

05/11/2017 15:15:40 INFO  2168:1     RollingLog : *********************** Failure injecting LANDESK files!.  Critical Error

05/11/2017 15:15:40 INFO  2168:1     RollingLog : *************************************************************************

05/11/2017 15:15:40 INFO  2168:1     RollingLog : Error injecting files.

05/11/2017 15:15:40 INFO  2168:1     RollingLog : Error occurred, not committing changes.

05/11/2017 15:15:40 INFO  2168:1     RollingLog : Unmounting wim file from C:\Users\TestUser\AppData\Local\Temp\imgtmp\new_boot_wim, not committing changes

05/11/2017 15:15:40 INFO  2168:1     RollingLog : running command: dism.exe  /unmount-wim /mountdir:"C:\Users\TestUser\AppData\Local\Temp\imgtmp\new_boot_wim" /discard

05/11/2017 15:15:40 INFO  2168:1     RollingLog : Something bad may have happened trying to mount the image. Or image was not mounted.

05/11/2017 15:15:40 INFO  2168:1     RollingLog :   ********************   Failure while upgrading boot.wim:

05/11/2017 15:15:40 INFO  2168:1     RollingLog : Upgrade of Wim files failed. Exiting

05/11/2017 15:15:40 INFO  2168:1     RollingLog :

===================================================

05/11/2017 15:15:40 INFO  2168:1     RollingLog :

============  Processing Failed.       ============

05/11/2017 15:15:40 INFO  2168:1     RollingLog :

===================================================

Solution:

Run the install as local system to bypass the permissions issue

1. Close out of the current setup
2. Download PsExec from Microsoft SysInternals
3. Extract the PSTools.zip
4. Open command prompt as administrator
5. In the command prompt navigate to the newly unzipped folder
6. Type the command psexec -i -s cmd.exe to open a command prompt as local system
7. Within this new command prompt window, rerun the 2017.1 setup.exe. It should pick up where it left off on the "Configuring provisioning for your environment" part of the install.

The installation should continue from this point without further failure.

Issue:

An administrator would like to determine the agent version of one of the machines they are managing.

Solution:

• For multiple devices, create a query:

          How to: Easily determine LANDesk agent name and version using a query

• For single devices:
  • While in the LANDESK Management Console> Network View > Expand "Devices" > Select "All devices" > Right click the device in question > Inventory> Expand "LANDESK Management" > Inventory > Select "Scanner" > The Version value is the agent version

Summary

When trying to schedule a brand new agent deployment to Mac computers, there a few things that will need to be done in order for the deployment to succeed.

MANUAL INSTALLATION

Installation steps:

1. Open Safari or another browser
2. Browse to http://<coreServerFQDN/ldlogon/mac (coreServerIPaddress should work as well)
3. Click the name of the agent configuration that you want to install
4. Once the agent configuration has been downloaded run the installer (requires admin rights).

Note: Once an agent is installed on a Mac all new agents can be pushed to the Macs just like Windows.

PUSH FROM THE CORE

Prerequisites

1) Make sure the LANDesk Scheduler Service has an administrative account that has administrative rights on Mac devices (This account will need to be able to read, write, and execute applications)

• On the Core Console, select Configure then Services
• Select the Scheduler tab
• Select the Change Login... button
• Click Add
• Enter the Mac administrative account that will be managing all desired Mac devices on the network

2) Enable remote login on Mac

• Select the Apple
• Select System Preferences
• Select the Sharing folder
• Check Remote Login

3) Enable essential ports or disable firewall

• If the firewall needs to be enabled on Mac devices, please refer to this document for essential ports necessary to facilitate Mac to LANDesk connectivity: Ports used by LANDESK Management Suite - Full List
  • In order to enable ports, with the firewall turned on, select the "Firewall Options..." button as seen in the following screenshot.
• To disable the firewall:
  • Click the Apple
  • Select System Preferences...
  • Select Security & Privacy
  • Select the Firewall tab
  • Turn the firewall off

Steps to install:

1. Detect the Macintosh devices using Unmanaged Device Discovery (UDD)
2. Drag the discovered device(s) to an agent configuration in the Agent Configuration GUI: this will trigger a Scheduled Job creation.
3. Start the job.

Problem:

After a fresh install or upgrade, the feature icons may appear as blank boxes, though they function properly.

Though the following screenshot doesn't display the issue, those icons may appear as blank or different colored boxes. The problem is generally consistent depending on the window.

Solution:

This should work with 2016* and 2017.1 installs.

Replace the C:\ProgramData\LANDesk\ManagementSuite\Install\10.1\Data\Main\bin\Resources with the decompressed installation media folder C:\LANDESKSoftware2016-3\Resources. (2017.1's default installation media is C:\Ivanti2017-1)

The following are the default and tested permissions pertaining to the LDLOGON folder used by LDMS and Ivanti Endpoint Manager (EPM). Any other permissions configurations are not supported and may cause EPM services to not function properly. (Global policy restrictions, inherited permissions, etc. may override certain settings.)

Everyone: Read & Execute, List folder contents, Read

IUSR: Read & Execute, List folder contents, Read

SYSTEM: Full Control

NETWORK SERVICE: Full Control

LANDesk Management Suite: Read & Execute, List folder contents, Read

LANDesk Administrators: Full Control

Administrators: Full Control

LDPing Definition:

When your LDMS Core needs to communicate with an agent, it calls the CBA_Anonymous local account on the agent computer, to perform an LDPing on the client web service. The LDPing returns the hostname and Landesk inventory ID of the Agent computer as xml. This information is verified to authenticate the client before executing any task.

There are two methods of testing to see if ldping is working.

Manually run ldping from a web browser:

http://localhost:9595/allowed/ldping

Successful response

Unsuccessful response

Manually run ldping from a command prompt:

1. Open an elevated command prompt
2. Navigate to the ManagementSuite folder (cd %ldms_home%)
3. Type "pds2dis.exe ping name_of_device" (The name can be a short name, FQDN, or IP)

Successful response:

Unsuccessful response:

Issue:

When opening the console, it does not show any text. There may be a sporadic error message that says "VIBlend Winforms Controls".

console.exe.log says "03/17/2017 08:52:52 INFO  5496:Main Thread RollingLog : Critical Exception: System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."

Cause:

There is a defect (386087) related to having FIPS enabled that may impact VIBlend, causing these display and popup issues. It's likely this occurred after joining to the domain due to FIPS being enabled as a group policy setting.

Solution:

This is fixed in EPM 2017.1. The best course of action is to upgrade.

A workaround in place of upgrade is to disable FIPS. This can be done under Local Policies > Security Options, set "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" to disabled.

Contents

Discovery

Discovery is the process of finding Unmanaged Devices (PC’s, printers, servers, switches, routers, or any other device with an IP address, whether wired or wireless) on the network. The Discovery process looks for devices referred to as Unmanaged Devices. Once identified, certain devices can have a LANDESK Agent deployed to them, making them manageable from the Console from that point on.

Discovery can use two methods to find Unmanaged Devices, namely, Unmanaged Device Discovery (UDD), and eXtended Device Discovery (XDD).

Unmanaged Device Discovery (UDD)

The Unmanaged Device Discovery (UDD) method sends ping packet requests (ICMP protocol) on a predefined subnet range, and listens for ICMP Replies. The information obtained from ICMP Reply packets is used to compare with database entries to see if the responding machines are already present in the database. The MAC address and the NetBIOS Name are in the response packets. Management Suite searches for those entries in the database to ascertain whether the device is in the database.

If the corresponding MAC Address or NetBIOS Name, discovered in the network scan, is not present in the database, the device will be added to the UDD tool.

UDD lists the Operation System, if known, on devices it discovers. If the device was discovered via NT Domain discovery, the Operating System is listed in the Active Directory table, so UDD uses what is in the table to populate the UDD column. For all other UDD discovery, LANDESK uses NMAP Operating System Fingerprinting to discover the operating system on a Device. This technology sends malformed packets, which each operating system responds to in different ways. Through the responses, the Operating System is often discernible.

If you don't designate a subnet address range on a TCP/IP search, discovery is performed only on the network segment where the console initiating the discovery resides. For example, if you've installed four Consoles on four different PC workstations, each residing on a different network segment, you would have to initiate four scans, one from each of the four Consoles.

On network segments where there are no PC workstations with Consoles installed, you must use a subnet address range to scan that network segment.

To Launch a UDD Scan:

1. On the LANDESK Console click Tools > Configuration > Unmanaged Device Discovery.

2. On the Unmanaged Device Discovery tool click Scan Network (first icon on left on toolbar).

3. Enter the IP address range to scan in the Starting IP, Ending IP, and Subnet mask fields.

4. Click the More button if you desire to set additional scan options, then click Close.

     a. Standard network scan

     b. LANDESK Common Base Agent

     c. NT or LDAP Domain discovery

     d. LDAP

     e. IPMI-enabled devices

     f. Intel vPro-AMT devices

     g. Virtual hosts

5. Click Add.

6. Click Scan now, or Schedule task, to scan immediately or schedule the scan for later.

If from the Scan Network screen you click the More option, you will see this window.

Discover devices using a standard network scan: Searches for computers by doing an NMAP ping sweep. This is the most thorough search, but also the slowest. You can limit the search to certain IP and subnet ranges. By default this option uses NetBIOS to try and gather information about the device.

• IP OS Fingerprinting: Uses NMAP to try to discover what OS the device has.
• Use SNMP: UDD uses Simple Network Management Protocol (SNMP) to discover devices. Click Configure to enter information about SNMP on your network.
• Discover devices with LANDESK PDS2 installed: Searches for the standard LANDESK agent, formerly called Ping Discovery Service 2 (PDS2) on computers. This option discovers computers that have LANDESK products installed.
• Discover devices using NT domain: Searches for devices in a domain you specify.
• Discover devices using LDAP: Searches for devices in a specified Light-weight Directory Access Protocol (LDAP) directory.
• Discover Virtual Host: Looks for servers running the VMware ESX Server.

UDD Rights

In order to perform UDD a Console User needs to have Unmanaged Device Discovery right assigned to them through Role-Based Administration.

The View right grants the Console User the right to see and access the UDD tool. The Edit right grants the ability to create UDD scanner configurations. The Deploy right grants the ability to schedule and run different UDD scans.

NOTE: Agent discovery cannot be used to search outside firewalls, because firewalls generally limit the flow of packet traffic to designated ports.

Extended Device Discovery (XDD)

Extended device discovery (XDD) can help you find devices that UDD scans do not discover. XDD uses a managed device elected to be a listener on its subnet. XDD enabled managed devices listen for Address Resolution Protocol (ARP) broadcasts and maintain a cache (both in memory and in a file on the local drive) of devices that make ARP requests. Networked devices use ARP to obtain a Dynamic Host Configuration Protocol (DHCP) assigned address to join a network. Even heavily firewalled devices rely on ARP. Because of this, XDD can help you find devices that UDD scans do not discover.

Client Self-Election Process

In order to have one (and only one) device listening on each subnet, and reporting discovered devices to the Core Server, Management Suite uses a unique and ingenious process called the Client Self-Election Process (CSEP). In CSEP, one device on each subnet performs the role as listener. If that managed device is turned off or disconnects from the network, another device dynamically becomes the listener. With this technology, each subnet always has a listener so no devices are missed, and only one device per subnet is sending discovery information to the Core Server, utilizing only a minimal amount of bandwidth.

The CSEP implementation eliminates the need to have multiple agent configurations for devices on subnets. There is no need to have a configuration for listeners, and a separate configuration for non-listener devices. The self-election process makes it possible for each device to have the same configuration, and be able to be the listener, if elected.

Self-Electing Subnet Services

Currently, two services can be configured to use Self-Electing Subnet Services (SSS or S³), including Extended device discovery (ARP), and Extended device discovery (WAP). To configure the services to use S³, open the Self-electing subnet services tool. Here, the desired state of both services can be set. It also shows the subnets configured to use S³.

To set devices to be a part of the S³ election process, use the Client Connectivity agent setting. The setting is made by selecting the Enable self-electing subnet services checkbox, on the Self-electing subnet services page.

The Self-electing subnet services page sets which devices will participate in the election to be a listener. The Extended device discovery page configures how devices will work the process. Parameters include:

1. Use address resolution protocol (ARP): Whether to discover ARP announced devices
   • Duration ARP entry stats cached (in seconds): The length of time to keep discovered devices in the cache (default 86400 or 1 day)
   • Maximum delay before pinging an unknown device for the LANDESK agent (in seconds): Default 3600 or 1 hour
   • Frequency the cached ARP table is refreshed (in seconds): How often discovered devices are reported to the Core Server
   • Logging Level: The level of logging to select (IF the Force logging level checkbox is selected. Levels include:
     1. Errors only
     2. Errors and Warnings
     3. Debug
   • Give desktops preference over laptops: Whether to weight the election process to give desktops a higher probability of being selected to be the listener.
2. Use wireless access point discovery (WAP): Whether to discover WAP devices
   • Frequency of WAP scan (in seconds): How often discovered to scan for WAP devices
   • Logging Level: The level of logging to select (IF the Force logging level checkbox is selected. Levels include:

1. Errors only

2. Errors and Warnings

3. Debug

Process for XDD Discovered Devices

If Management Suite does not find a corresponding MAC address or NetBIOS Name in the database, the Core Server will act upon these added devices by waiting a random amount of time (between 15 minutes and 1 hour) to send a ping request to Agents that would exist on a managed device. The ping request packets from the Core Server are TCP port 9595 to the Standard LANDESK Agent, TCP port 9535 to the LANDESK Remote Control service, and TCP port 4343 to HTML5 Remote Control.

• Standard LANDESK agent: Enables the Ping Discovery Service (PDS). If the standard LANDESK agent is installed on a device, you can schedule software distributions and device setup configurations.
• Remote control: Lets you remotely access and control a device.

Any device that is not in the database, and does not send a response packet to the ping requests will be added to the UDD list.

There is a column in the UDD list titled “ARP Discovered”. Items found via a UDD scan populate the ARP Discovered field with “false”, while XDD discovered devices populate the field with “true”.

XDD can be set to listen to Wireless Access Point (WAP) traffic as well. If enabled, the listener will report wireless routers to the Core, and these routers will appear in the UDD list.

Setting an Agent Setting to include XDD

1. To include XDD as a part of agent setting, do the following:

2. Open the Agent Settings tool in the Console (Tools > Configuration > Agent Settings).

3. Expand My agent settings or Public agent settings and select Client connectivity.

4. Click the Create New Settings icon on the Agent settings toolbar. (The Client connectivity settings window appears.) OR open an existing Agent Setting you wish to change.

NOTE: This can optionally be configured by editing an Agent Configuration setting, selecting Client connectivity, and clicking [Configure]. (The Configure client connectivity settings window appears. Click [New]; (the Client connectivity settings window appears OR open an existing Agent Setting you wish to change.)

5. Click Extended device discovery (left window).

1. Click to select the Use address resolution protocol (ARP) checkbox, and configure the desired settings.
2. Optionally, you can click to select Use wireless access point discovery (WAP) checkbox and configure the desired settings.
3. Click Save.

Issue

Folder \LANDesk\Discovery\ElasticSearch occupies large disk space.

Explanation

Discovery Services is a tool under development to provide additional features and capabilities to customers. At present it is in a beta state and not advised for use in production systems, however portions of the functionality are installed and enabled in Ivanti Endpoint Manager 2017. Elasticsearch is used by Discovery Service as a backend data store. A basic installation is included with the install of Ivanti Endpoint Manager 2017 and can provide limited functionality.

Resolution

Currently it is recommended to disable the "Elasticsearch" service in Windows to reduce memory and disk utilization unless specifically using Discovery Services with Concorde.

For this issue with disk space, please apply the following steps.

1. Stop and disable ElsaticSearch service from Services in Windows.
2. Delete all content from \LANDesk\Discovery\ElasticSearch\data\elasticsearch\nodes\.

Issue:

It may become apparent in different logs that certain functions of the LDMS software are referencing a previously used core. The following script may be used to locate and replace the name of the old core with the current core name.

As with any significant change, a backup of the SQL database is highly recommended.

Solution:

Create a new query in SQL manager with the following input:

select * from keyvalue

where KeyName like 'OLDCORENAME'

or StringValue like 'OLDCORENAME'

select * from metasystems

where SYSTEMNAME like 'OLDCORENAME'

select * from alertparameters

where ParamValue like 'OLDCORENAME'

update TABLE set VALUE = 'NEWCORENAME' where VALUE = 'OLDCORENAME'

Options: Computer Management, Event Viewer, Local User and Groups, Ping, Terminal Services Remote Control, Terminal Services Remote Control Console and Tracert in the Ivanti's Endpoint Manager version 2017.3 are located under Computer Management.

Issue:

Once an antivirus key has been received from Ivanti support, a Landesk administrator will need to apply the key to the core console before the end users will stop receiving alerts about an expiring license.

Solution:

1) Before beginning this process, the Anti-Virus key will need to be downloaded from portal.ivanti.com.

2) From the core console > Tools> Security and Compliance> Security activity

3) In the Security Activity console > Select the settings (gear) icon > Select LANDESK Antivirus license information

4) Select the ellipses (...) next to Path: > locate the unzipped .key file that was downloaded from portal.ivanti.com > Import

The next time a Vulscan is run on the client machines, they should no longer be receiving these alerts.

The information can be found when the console is open. Navigate in the menu bar to "Help" and then "About". In the next window click on "More info" to get more detailed version information.

Ivanti Endpoint Manager 2017.3 SU2 (10.1.30.401)

README: https://community.ivanti.com/downloads/Readme/Pages/epm2017.3-SU2.html Release Date: Useful links: Ivanti Endpoint Manager 2017.3 Release Information and Useful Links Information about patches: LANDESK Software 10.1.30 - Software License Monitoring LANDESK Software 10.1.0 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console Ivanti 2017.3 - SU LANDESK Software - Data Analytics LANDESK Software - Data Analytics Content LANDESK Management Suite Version 10.1.30 10.1.30 9.6-ThinkManagement 2017-1129 10.3.1578 10.3.1457 2017.3.2

Ivanti Endpoint Manager 2017.3 SU1 (10.1.30.401)

README: https://community.ivanti.com/downloads/Readme/Pages/epm2017.3-SU1.html Release Date: Useful links: Ivanti Endpoint Manager 2017.3 Release Information and Useful Links Information about patches: LANDESK Software 10.1.30 - Software License Monitoring LANDESK Software 10.1.0 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console LANDESK Software - Data Analytics LANDESK Software - Data Analytics Content Ivanti 2017.3 - SU LANDESK Management Suite Version 10.1.30 10.1.30 9.6-ThinkManagement 10.3.1554 10.3.1465 2017-1013 2017.3.1

Ivanti Endpoint Manager 2017.3 (10.1.30.401)

README: https://community.ivanti.com/downloads/readme/pages/epm2017.3readme.html Release Date: October 5th 2017 Useful links: Ivanti Endpoint Manager 2017.3 Release Information and Useful Links Information about patches: LANDESK Software 10.1.30 - Software License Monitoring LANDESK Software 10.1.0 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console LANDESK Software - Data Analytics LANDESK Software - Data Analytics Content 10.1.30 10.1.30 9.6-ThinkManagement 10.3.1554 10.3.1440

Ivanti Endpoint Manager 2017.1 SU2 (10.1.10.287)

README: https://community.ivanti.com/downloads/Readme/Pages/EPM2017-SU2.html Release Date: Useful links: Information about patches: LANDESK Software 10.1.10 - Software License Monitoring LANDESK Software 10.1.10 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console Ivanti 2017.1 - SU LANDESK Software - Data Analytics LANDESK Software - Data Analytics Content LANDESK Management Suite Version 10.1.10 10.1.0 9.6-ThinkManagement 2017-0707 10.3.1527 10.3.1435 2017.1.2

Ivanti Endpoint Manager 2017.1 SU1 (10.1.10.287)

README: https://community.ivanti.com/downloads/Readme/Pages/EPM2017-SU1.html Release Date: Useful links: Information about patches: LANDESK Software 10.1.10 - Software License Monitoring LANDESK Software 10.1.10 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console Ivanti 2017.1 - SU LANDESK Software - Data Analytics LANDESK Management Suite Version 10.1.10 10.1.0 9.6-ThinkManagement 2017-0627D 10.3.1527 2017.1.1

Ivanti Endpoint Manager 2017.1 (10.1.10.287)

README: https://community.ivanti.com/downloads/Readme/Pages/IEM2017Readme.html   Release Date: May 3rd 2017   Useful links: Information about patches:          LANDESK Software 10.1.10 - Software License Monitoring LANDESK Software 10.1.10 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console LANDESK Software - Data Analytics LANDESK Software - Data Analytics Content 10.1.10 10.1.0 9.6-ThinkManagement 10.3.1497 10.3.1385

LANDESK Management Suite 2016.3 SU5 (10.1.0.168)

README: https://community.ivanti.com/downloads/Readme/Pages/LD2016.3-SU_5.html Release Date: Useful links: Information about patches: LANDESK Software 10.1.0 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console LANDESK Software 10.1 - SU LANDESK Software 10.1.1 - Software License Monitoring LANDESK Software - Data Analytics LANDESK Management Suite Version LANDESK Software - Data Analytics Content 10.1.0 9.6-ThinkManagement 2017-0731 10.1.1 10.3.1429 2016.3.5 10.3.1442

LANDESK Management Suite 2016.3 SU4 (10.1.0.168)

README: https://community.ivanti.com/downloads/Readme/Pages/LD2016.3-SU_4.html Release Date: Useful links: Information about patches: LANDESK Software 10.1.0 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console LANDESK Software 10.1 - SU LANDESK Software 10.1.1 - Software License Monitoring LANDESK Software - Data Analytics LANDESK Management Suite Version LANDESK Software - Data Analytics Content 10.1.0 9.6-ThinkManagement 2017-0612B 10.1.1 10.3.1424 2016.3.4 10.3.1440

LANDESK Management Suite 2016.3 SU3 (10.1.0.168)

README https://community.ivanti.com/downloads/Readme/Pages/LD2016.3-SU_3.html Release Date: Useful links: Information about patches: LANDESK Software 10.1.0 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console LANDESK Software 10.1 - SU LANDESK Software 10.1.1 - Software License Monitoring LANDESK Software - Data Analytics LANDESK Management Suite Version LANDESK Software - Data Analytics Content 10.1.09.6-ThinkManagement2017-021010.1.110.3.13892016.3.310.3.1423

LANDESK Management Suite 2016.3 (10.1.0.168)

README: https://community.ivanti.com/downloads/Readme/Pages/LD2016.3.html Release Date: Useful links: Information about patches: LANDESK Software 10.1.1 - Software License Monitoring LANDESK Software 10.1.0 - IT Asset Management LANDESK Software 9.6 - ThinkManagement Console LANDESK Software - Data Analytics LANDESK Software - Data Analytics Content 10.1.0 10.1.0 9.6-ThinkManagement 10.3.1353 10.3.1301

LANDESK Management Suite 2016.0 (10.0.0.271)

README: https://community.ivanti.com/docs/DOC-39935 Release Date: Useful links: Information about patches: LANDESK Software 10.0.0 - Software License Monitoring LANDESK Software 9.6 - ThinkManagement Console LANDESK Software - Data Analytics LANDESK Software - Data Analytics Content 10.0.0 9.6-ThinkManagement 10.0.1111 10.0.1111

LANDESK Management Suite 9.6 SU3 (9.60.0.244)

README https://community.ivanti.com/downloads/Readme/Pages/LD96SP3.html Release Date: Useful links: Information about patches: LANDESK Software 9.60 - Service Pack 2 LANDESK Software - Data Analytics LANDESK Software 9.60 - Service Pack 3 LANDESK Software 9.60.2 - Software License Monitoring LANDESK Software - Data Analytics 9.61 Update LANDESK Software 9.60.4 - SU LANDESK Software - Data Analytics Content 9.60.2.72A 9.62.0670 9.60.3.168D 9.60.2 9.62.1106 2017-0509 10.3.1423

LANDESK Management Suite 9.6 SU2 (9.60.0.244)

<<<<<AS WITH ANY DATABASE UPGRADES OR MAJOR CHANGES, PLEASE BACKUP YOUR DATABASE BEFORE ATTEMPTING THIS>>>>>

Issue:

A LANDesk administrator is interested in upgrading their core from 9.5 to 2016.3 and keep their same database.

Solution:

Here is one method of installing 9.5 SQL database to 2016.3 as running DBSetup.exe on 9.5 databases is evidently not the most complete option.

1. Build or gain access to a Server 2012 R2 device. This is going to be a temporary core server. This can be a VM or a physical server. But, it should have Server 2012 R2 freshly installed on it.

2. Give this device the same computer name as the former production core server. The production server should be shutdown or taken off the network for now.

3. Install LDMS 2016.3 onto this temp core server. During the install, select the options to upgrade an existing database and point the installer to your 9.5 database.

4. The installer will upgrade this database in the most complete manner.

5. Once the core server install is complete, you can shut down the temp core server.

6. Boot up your production core server. You may need to point Configure > Services in the Management Console to the newly updated 2016.3 DB.

More Information:

There are a couple things to be aware of. Most importantly that you may need to investigate DNS to see if any records were created that point your core name to the IP address of the temp core server (which had the same name). If so, they need to be deleted to ensure DNS correctly routes to the production core. After your production core is validated to be connected successfully to the upgraded DB, you will want to decommission the temp DB server. Since it has the same name as your production core, it would cause issues if it were to be brought online.

To remove the console or, if a console needs to be reinstalled.

1) Run the EPM Tool.  EndPoint Manager (EPM) Tool

- Option B for Console removal.

- C to continue the un-install.

- This will also remove the agent from the machine.

- Restart the machine.

2) Run the install for the target version again.

- If the machine has .net 4.7 then you will need to run this script.

https://community.ivanti.com/docs/DOC-47883

- After running this script you will need to reboot the system. ( to reload the registry.

- In some cases soft of the software might be left over so you will want to run this tool to double check that there are not any entries for data Analytics or landesk:

Microsoft fixit tool: https://support.microsoft.com/en-us/help/17588/fix-problems-that-block-programs-from-being-installed-or-removed

Click on uninstalling then it will populate a list for you.   After each program you run,  You need to run the tool again.

3) Run the install software.

4) Then apply any SU udpates.