Computer Policies no longer dynamic - v143 MSP
Our computer configurations no longer apply to new comupters. This is since we upgrade our MSP version to 143. We have several computer configurations which are collections and individual type that apply to our domain. New added computers (installed agent on PC) are added to the console and user policies do apply - however, the computer configurations are not adding or applying to the new computers. Another way to explain it - since v143, its like the domain group is no longer dynamic where computer
Is there a way to configure DC to use WSUS as its source for MS updates?
We have our WSUS servers nicely "tuned" thanks to AdamJ ("Overdrive")'s phenomenal "Clean-WSUS" Powershell script, so superseded updates are purged *daily*. Here's more info, and the script, here: https://community.spiceworks.com/scripts/show/2998-adamj-clean-wsus I'm seeing DC attempting to push already-superseded updates, frequently irritating end-users with needless reboots. https://pitstop.manageengine.com/portal/community/topic/is-anyone-using-me-dc-to-patch-their-windows-servers NOTE: Abraham
Office 2010 customized package
I have a custom install of Office 2010 that I built using the Microsoft Office Customization Tool. I uploaded the Office 2010 folder and added this switch: setup.exe /adminfile \\server\share\Office2010\Updates\setup.msp It continues to give me an error saying that the file could not be located. Does anyone know what I might be missing? Darren
Pre-Installed Keeper Password Manager on Windows 10 exposes systems to passwords stealing
Problem: There's a good reason why security analysts get nervous about bundled third-party software: it can introduce vulnerabilities that the companies can't control. Google researcher Tavis Ormandy discovered that a Windows 10 image came bundled with a third-party password manager, Keeper, which came with a glaring browser plugin flaw -- a malicious website could steal passwords. Solution: It is recommended to disable Content Delivery Manager (for PreInstalledApps enabled) using Desktop Central's
Windows 10 1607 Update
Hello Our Windows 10 machines currently running 1151 build are not receiving the Anniversary edition update from Desktop Central. If we remove a machine from Desktop central, the update is downloaded. Machines with the desktop central agent do not receive the update, even though our scans are set to download all updates at all levels and deploy. Do you support this? Microsoft released this over 2 months ago. Thanks Chris
Credentials used
Hi, I'm having a problem where an account that has had its password changed is being locked out. It appears to be being locked out by our server that has both servicedesk and desktop central running on it. I can only think that maybe this user account was provided to either of these tools at some point either for scanning or patching or emailing or something!! Is there anything that can be run for me to be able see all the credentials stored for both products so I can work out where I need to update
Automatically install new builds?
I like the fact that ManageEngine is regularly rolling out updates to DesktopCentral. The downside is that it takes precious time to manually download/install each new build. Is there any way to set it up so that DesktopCentral will automatically download new builds and automatically update itself?
Microsoft Patch Tuesday December 2017 updates
Microsoft Patch Tuesday is here for December 2017 with 34 security updates, 2 key fixes for 7 different products. Patch now and stay safe to have a happy vacation ahead. Read more: https://goo.gl/2QUDRa
ActiveX for users
How can I distribute ActiveX settings to users via Configurations?
TeamViewer hacked: Here’s how to protect your systems
Hi there, TeamViewer can be exploited using a vulnerability allowing users to switch between viewer and presenter side, or remotely control the server. If you are using TeamViewer in your enterprise, do act now. Read more: https://goo.gl/2E65yX
DC Remote Control History too short
How can I extend the history of remote control sessions? I need to be able to go back for up to 3months for each client
Update mismatch
Hi all, I'm struggling to get my head round something DC is doing on a couple of systems here in regards to mismatch of information on a system or two. Here is the missing patches listed as critical on one of our servers. And also a screenshot of the internet explorer about window indicating that this patch is installed. I've looked in windows update and it doesn't list the patch as installed so I'm assuming maybe it's included as part of a system roll up or something of the like? My question
5 tips for seamless endpoint security
Hey there, Are you worried about your endpoints being hacked or breached? Here is a simple tips to build the best endpoint security in your enterprise. Building an effective endpoint security has become all time priority for enterprises. With the amount of cyber attacks evolving day by day, enterprises have to practice certain simple best practices to keep them vigilant against any unforeseen vulnerability breaches. Read more: https://goo.gl/taAmSB
Ensure that application is installed
Hello, Is that possible to create a group of users/computers and assign application that must be installed on them? I know it`s possible to create a configuration for a group, and once PC is added to the group -> Configuration will be applied. But what if someone uninstall this app? Is there a way to force Desktop Central to install it again after it found that the application has been uninstalled? Thank You
Required Best Practice for Windows Endpoint Patching.
Hi Team, Hope you guys doing good. Recently we gone through Audit & caught up in windows patching. It seems our device was not properly compliance. Currently we are using desktop central to pushed patches on endpoints. required your suggestion to create best Windows endpoint patching practice. Currently we used automatic scheduled deployment utility in DC, but systems are not properly patched up. For remote users we also enable NATING on DC server to access remote agent, but it wont work as usual.
Agent Installed remark colouring
I may already know the answer to this but why is the remarks for agent installs somethings red and sometimes black. See attached. I suspect the red remark means the device requires a restart but I'm not sure.
Reporting on Dynamic custom group
I wish to run the 'Vulnerable System Report' but only reporting on a group of computer names based on the computer naming convention. The report both when running or trying to schedule to run only allows a static custom group and not dynamic custom group or event just filtering the results. I don't wish to use a static group as new devices could be missed. Is it possible to run this report only for computers starting with a set naming convention such as NWAST NWASR NWASI
What's the difference between "Not Approved" and "Declined" patches
I see a handful of patches with a status of "not approved". I have not declined those patches. How did they get that status?
Issue deploy
Sometimes when i have doing a deploy a I get next issue: The specified path is being used in a substitute ¿Any idea of this issue?
[Solved] Asset scanning fails [10.0.149-10.0.151]
Hello, I've upgraded my MeDC server to build 10.0.149 and now about the half of my computers fails to scan assets (patch scan is working). Server is a Windows Server 2012R2 Clients are Windows 8.1 x64 Pro and Windows Server 2012R2 No problems on Windows Server clients Half of Windows 8.1 clients cannot scan asset, no details for failure, just scan failed. I cannot see any difference between a computer that can scan asset and one that cannot. I've been though client logs and I see no error except
Change from SQL2008 to SQL2016
Anyone know what would be the best way to move db from sql2008 to sql2016 and if there's any sql changes required for the new version? TIA. Jim..
RSS URL?
Could I have URLs for forum RSS feeds I have it on my MS Outlook before but lost due reinstall Outlook. (I'm also interesting in SD+ ) Dmitry
download patches in closed network
good morning/ evening, i read this article and i followed the instructions. https://www.manageengine.com/products/desktop-central/help/configuring_desktop_central/patch_management_for_closed_network.html in "update the patch database" section, when i tried to execute this command "patchsync.bat -c updatedb", the command prompt (CMD) says this: dbName is :: pgsql Dec 3, 2017 3:56:20 PM com.adventnet.sym.server.downloadmgr.DownloadManager downloadFile INFO: Going to establish connecton for http://patchdb.manageengine.com/dc-crs/crs-meta-data.xml
Find out if your Intel system is vulnerable to Intel SA-00086 vulnerability.
Beware! This Thanksgiving, Intel decided to talk turkey about a string of vulnerabilities, Intel SA-00086, that external researchers discovered in their chips. Intel released the Intel SA-00086 detection tool that runs on Windows and Linux systems. But what they don’t provide is a solution to automate the detection for multiple computers. As a system admin it is necessary to run the detection on 1000s of machines in your enterprise network. This can be done in a fraction of seconds with Desktop
Ensure your company is GDPR compliant using Desktop Central
While companies are working their way towards GDPR compliance, Desktop Central—our very own endpoint management solution—can help you keep your users' PII secure so you can stay GDPR compliant. Manage your servers, desktops, laptops, smartphones, and even tablets, all from one central location and maintain GDPR compliance for long time. Read more: https://www.manageengine.com/products/desktop-central/gdpr.html
Desktop Central updating SDP- Various Updating Issues
I am currently running SDP v9 and Desktop central v 8. I have deployed DC agents to all machines however I have 3 issues: 1. Not all devices are being imported into SDP from DC . If I add new devices these do seem to import however devices which were added some time ago appear to be missing from SDP. SDP shows 382 devices and DC 506 devices. 2. The device model is not being imported into SDP from DC (However DC displays the device model) 3. Lenovo model is not displaying the model name e.g. Lenovo E32
Patch Vulnerability DB Report
DC is scheduled to update the patch vulnerability DB daily and email a report. This is great. Is there a way to have the report only show information relevant to our inventory? We do not have any Linux or Mac devices so I don't really need to know there is a new patch for these devices. Same with software we do not use. Today's report shows there is a new patch for Blue Jeans. We do not use Blue Jeans so I don't need to know there is a new patch. Thanks for the help.
Disk Space Report Scheduled or on Event
Hi, I am looking to configure a report on 4 servers that would run once the HDD space reaches a certain limit, this will then send a warning email to the concerned people. is it possible , custom query or something thanks so far i have setup a daily disk report , but that is not enough.
Automatic deployment as new configurations for better overview
Hi It would be very helpful if ME DC would create new configurations for automatic deployment schedules where patches will be installed. This gives us an overview on the status of those installations, because currently it happens in the background and it's not clear (unless there's an easy way to get the status of those installations already).
Change Agent Server Address
We currently have two different manage engine desktop central servers on two different networks, i'm looking to combing them. Is there an easy to change the address the agents use to connect to the manage engine desktop central server and point them to the server in the other network?
File/folder operation Run after
Hello, It would be very useful to be able to choose a "Run after" (like "Install after" for Software deployment) for File/Folder Operation (actually it would probably be useful in any configuration). Do you plan to implement this? Thanks Sylvain
A new hotfix to Desktop Central 10 is now available- build 10.0.142
hello Support, where can I download the update please ? regards Claudio
Difference between these two hotfix webpages
Hi In my ME DC interface I see messages about available hotfixes (currently 10.0.140) that lead me to this page: https://www.manageengine.com/products/desktop-central/service-packs1.html?dci The normal page with hotfixes however, is this one: https://www.manageengine.com/products/desktop-central/service-packs.html What is the difference between both? It's quite confusing. I can also tell that when I tried to do an hotfix upgrade to 10.0.13x using the first page, the upgrade failed. The upgrade to
UpdMgr.bat
Can someone please provide the correct UpdMgr.bat file for Desktop Central 9? The file I have has all of the syntax jumbled together.
macOS High Sierra - Desktop Central Web Clips (Webloc)
Have upgraded to macOS High Sierra and have been using Web Clips to map smb shares For example: smb://server.domain.au/Staff This used to work in previous versions of Mac's OS, when using Desktop Central. I have been using Web Clips to add to the task bar, and launch the above line. Now this does not work, and I now open up where the Web Clips (webloc) are stored. Thanks. :)
Deploy root SSL certificates?
I have internal root CA's that I currently push to my Windows domain via GPO. This works for IE and Chrome, but not Firefox. Is there a way I can deploy a certificate to Firefox installations? And if it is not possible, I would like to request for this feature
Forwarding Server Security
Desktop Central Forwarding server appears to be vulnerable to XSS and Forceful browsing attacks. Is there a way to mitigate this. The default configuration also exposes the DesktopCentral login to the internet, and 2-Factor can be bypassed with the mobile app - all serious security concerns for an internet facing device. How can this be disabled or mitigated? Thanks!
*WARNING* for admins using Automatic Patch Deployment
We just had a mini-crisis with desktop central patch deployment the other day as we had a mess of unapproved updates deploy through our automatic patch deployment policy. After sending our logs to support and long remote assistance session we learned exactly what caused us such a panic. I am sharing with the community to hopefully to spare anyone from a similar scenario. We got lucky in the end, the patches did not negatively affect our PCs. We will not make the same mistake twice. Chat transcript:
Wake on LAN not working
I can remote shutdown a computer but not wake up. When remote shutdown the computer completely powers off with the NIC light not blinking. According to the desktopcentral help I have read the NIC light should be blinking for wake on LAN to work. How can this be when the computer is completely shutdown ? According to Microsoft, Windows 7 & Windows 10 are designed to not work in this state (S5) and will only wake on LAN from sleep or hibernate, not shutdown, so I am totally confused as to how this
Where is KB4035631 (August 2017 Windows 10 Servicing Stack Update) within Patch Management?
This new servicing stack update is reported as a Critical Update for WIndows 10 1607 via WSUS - yet there is no sign of it at all within Patch Management in DesktopCentral. I have done several searches - updated DS patch database a few times and nothing can be found. While DS has accounted for all other August 2017 patches - if I am to start using this on a regular basis (and retire WSUS) - it needs to have the identical patches that are offered by WSUS at all times. Appreciate any insight as to
Next Page