Update mismatch
Hi all, I'm struggling to get my head round something DC is doing on a couple of systems here in regards to mismatch of information on a system or two. Here is the missing patches listed as critical on one of our servers. And also a screenshot of the internet explorer about window indicating that this patch is installed. I've looked in windows update and it doesn't list the patch as installed so I'm assuming maybe it's included as part of a system roll up or something of the like? My question
5 tips for seamless endpoint security
Hey there, Are you worried about your endpoints being hacked or breached? Here is a simple tips to build the best endpoint security in your enterprise. Building an effective endpoint security has become all time priority for enterprises. With the amount of cyber attacks evolving day by day, enterprises have to practice certain simple best practices to keep them vigilant against any unforeseen vulnerability breaches. Read more: https://goo.gl/taAmSB
Ensure that application is installed
Hello, Is that possible to create a group of users/computers and assign application that must be installed on them? I know it`s possible to create a configuration for a group, and once PC is added to the group -> Configuration will be applied. But what if someone uninstall this app? Is there a way to force Desktop Central to install it again after it found that the application has been uninstalled? Thank You
Required Best Practice for Windows Endpoint Patching.
Hi Team, Hope you guys doing good. Recently we gone through Audit & caught up in windows patching. It seems our device was not properly compliance. Currently we are using desktop central to pushed patches on endpoints. required your suggestion to create best Windows endpoint patching practice. Currently we used automatic scheduled deployment utility in DC, but systems are not properly patched up. For remote users we also enable NATING on DC server to access remote agent, but it wont work as usual.
Agent Installed remark colouring
I may already know the answer to this but why is the remarks for agent installs somethings red and sometimes black. See attached. I suspect the red remark means the device requires a restart but I'm not sure.
Reporting on Dynamic custom group
I wish to run the 'Vulnerable System Report' but only reporting on a group of computer names based on the computer naming convention. The report both when running or trying to schedule to run only allows a static custom group and not dynamic custom group or event just filtering the results. I don't wish to use a static group as new devices could be missed. Is it possible to run this report only for computers starting with a set naming convention such as NWAST NWASR NWASI
What's the difference between "Not Approved" and "Declined" patches
I see a handful of patches with a status of "not approved". I have not declined those patches. How did they get that status?
Issue deploy
Sometimes when i have doing a deploy a I get next issue: The specified path is being used in a substitute ¿Any idea of this issue?
[Solved] Asset scanning fails [10.0.149-10.0.151]
Hello, I've upgraded my MeDC server to build 10.0.149 and now about the half of my computers fails to scan assets (patch scan is working). Server is a Windows Server 2012R2 Clients are Windows 8.1 x64 Pro and Windows Server 2012R2 No problems on Windows Server clients Half of Windows 8.1 clients cannot scan asset, no details for failure, just scan failed. I cannot see any difference between a computer that can scan asset and one that cannot. I've been though client logs and I see no error except
Change from SQL2008 to SQL2016
Anyone know what would be the best way to move db from sql2008 to sql2016 and if there's any sql changes required for the new version? TIA. Jim..
RSS URL?
Could I have URLs for forum RSS feeds I have it on my MS Outlook before but lost due reinstall Outlook. (I'm also interesting in SD+ ) Dmitry
download patches in closed network
good morning/ evening, i read this article and i followed the instructions. https://www.manageengine.com/products/desktop-central/help/configuring_desktop_central/patch_management_for_closed_network.html in "update the patch database" section, when i tried to execute this command "patchsync.bat -c updatedb", the command prompt (CMD) says this: dbName is :: pgsql Dec 3, 2017 3:56:20 PM com.adventnet.sym.server.downloadmgr.DownloadManager downloadFile INFO: Going to establish connecton for http://patchdb.manageengine.com/dc-crs/crs-meta-data.xml
Find out if your Intel system is vulnerable to Intel SA-00086 vulnerability.
Beware! This Thanksgiving, Intel decided to talk turkey about a string of vulnerabilities, Intel SA-00086, that external researchers discovered in their chips. Intel released the Intel SA-00086 detection tool that runs on Windows and Linux systems. But what they don’t provide is a solution to automate the detection for multiple computers. As a system admin it is necessary to run the detection on 1000s of machines in your enterprise network. This can be done in a fraction of seconds with Desktop
Ensure your company is GDPR compliant using Desktop Central
While companies are working their way towards GDPR compliance, Desktop Central—our very own endpoint management solution—can help you keep your users' PII secure so you can stay GDPR compliant. Manage your servers, desktops, laptops, smartphones, and even tablets, all from one central location and maintain GDPR compliance for long time. Read more: https://www.manageengine.com/products/desktop-central/gdpr.html
Desktop Central updating SDP- Various Updating Issues
I am currently running SDP v9 and Desktop central v 8. I have deployed DC agents to all machines however I have 3 issues: 1. Not all devices are being imported into SDP from DC . If I add new devices these do seem to import however devices which were added some time ago appear to be missing from SDP. SDP shows 382 devices and DC 506 devices. 2. The device model is not being imported into SDP from DC (However DC displays the device model) 3. Lenovo model is not displaying the model name e.g. Lenovo E32
Patch Vulnerability DB Report
DC is scheduled to update the patch vulnerability DB daily and email a report. This is great. Is there a way to have the report only show information relevant to our inventory? We do not have any Linux or Mac devices so I don't really need to know there is a new patch for these devices. Same with software we do not use. Today's report shows there is a new patch for Blue Jeans. We do not use Blue Jeans so I don't need to know there is a new patch. Thanks for the help.
Disk Space Report Scheduled or on Event
Hi, I am looking to configure a report on 4 servers that would run once the HDD space reaches a certain limit, this will then send a warning email to the concerned people. is it possible , custom query or something thanks so far i have setup a daily disk report , but that is not enough.
Automatic deployment as new configurations for better overview
Hi It would be very helpful if ME DC would create new configurations for automatic deployment schedules where patches will be installed. This gives us an overview on the status of those installations, because currently it happens in the background and it's not clear (unless there's an easy way to get the status of those installations already).
Change Agent Server Address
We currently have two different manage engine desktop central servers on two different networks, i'm looking to combing them. Is there an easy to change the address the agents use to connect to the manage engine desktop central server and point them to the server in the other network?
File/folder operation Run after
Hello, It would be very useful to be able to choose a "Run after" (like "Install after" for Software deployment) for File/Folder Operation (actually it would probably be useful in any configuration). Do you plan to implement this? Thanks Sylvain
A new hotfix to Desktop Central 10 is now available- build 10.0.142
hello Support, where can I download the update please ? regards Claudio
Difference between these two hotfix webpages
Hi In my ME DC interface I see messages about available hotfixes (currently 10.0.140) that lead me to this page: https://www.manageengine.com/products/desktop-central/service-packs1.html?dci The normal page with hotfixes however, is this one: https://www.manageengine.com/products/desktop-central/service-packs.html What is the difference between both? It's quite confusing. I can also tell that when I tried to do an hotfix upgrade to 10.0.13x using the first page, the upgrade failed. The upgrade to
UpdMgr.bat
Can someone please provide the correct UpdMgr.bat file for Desktop Central 9? The file I have has all of the syntax jumbled together.
macOS High Sierra - Desktop Central Web Clips (Webloc)
Have upgraded to macOS High Sierra and have been using Web Clips to map smb shares For example: smb://server.domain.au/Staff This used to work in previous versions of Mac's OS, when using Desktop Central. I have been using Web Clips to add to the task bar, and launch the above line. Now this does not work, and I now open up where the Web Clips (webloc) are stored. Thanks. :)
Deploy root SSL certificates?
I have internal root CA's that I currently push to my Windows domain via GPO. This works for IE and Chrome, but not Firefox. Is there a way I can deploy a certificate to Firefox installations? And if it is not possible, I would like to request for this feature
Forwarding Server Security
Desktop Central Forwarding server appears to be vulnerable to XSS and Forceful browsing attacks. Is there a way to mitigate this. The default configuration also exposes the DesktopCentral login to the internet, and 2-Factor can be bypassed with the mobile app - all serious security concerns for an internet facing device. How can this be disabled or mitigated? Thanks!
*WARNING* for admins using Automatic Patch Deployment
We just had a mini-crisis with desktop central patch deployment the other day as we had a mess of unapproved updates deploy through our automatic patch deployment policy. After sending our logs to support and long remote assistance session we learned exactly what caused us such a panic. I am sharing with the community to hopefully to spare anyone from a similar scenario. We got lucky in the end, the patches did not negatively affect our PCs. We will not make the same mistake twice. Chat transcript:
Wake on LAN not working
I can remote shutdown a computer but not wake up. When remote shutdown the computer completely powers off with the NIC light not blinking. According to the desktopcentral help I have read the NIC light should be blinking for wake on LAN to work. How can this be when the computer is completely shutdown ? According to Microsoft, Windows 7 & Windows 10 are designed to not work in this state (S5) and will only wake on LAN from sleep or hibernate, not shutdown, so I am totally confused as to how this
Where is KB4035631 (August 2017 Windows 10 Servicing Stack Update) within Patch Management?
This new servicing stack update is reported as a Critical Update for WIndows 10 1607 via WSUS - yet there is no sign of it at all within Patch Management in DesktopCentral. I have done several searches - updated DS patch database a few times and nothing can be found. While DS has accounted for all other August 2017 patches - if I am to start using this on a regular basis (and retire WSUS) - it needs to have the identical patches that are offered by WSUS at all times. Appreciate any insight as to
Desktop Central No Longer Deploying Autodesk Software
A couple weeks ago I set up packages in DC to deploy various autodesk software. Because autodesk creates silent install packages using .lnk files, and since DC can't handle .lnk files, I had to create a batch file that launches the .lnk file and silently installs the software. This worked perfectly until a week ago. Now, pushing the software doesn't seem to install the software unless I choose "install as" and then sign in with my network credentials under "run as user." That wouldn't be the end
Post-Installation Activities question
What types of scripts are allowed for post-installation ? .bat / .cmd / .vbs ? What about AutoIt or Python ? Could someone post an example of something simple like a file copy script. Say you want to copy a .txt file to a folder post installation. I am new to Desktop Central and learning something new each day. I appreciate any help.
"Send Request to Help Desk" Icon
End users are using Windows 7 & Windows 10 workstations. My issues involves the learning curve (and lazy curve) that prevents some of my end-users from creating Help Desk requests. The current process is to go down to the System Tray, right click ManageEngine Desktop Central, and the select Send request to Help Desk. Many of my end-users will simply will not do this and I cannot force them to. My goal is to make the Send Request window appear by simply double-clicking on an icon that I push to
Desktop Central - Hardware Inventory Query
Does Inventory Alert in Desktop Central has the capability to generate alert on changes/modification in hardware component level; like if memory removed, processor removed or hard disk removal etc???
Any advice on Windows 10 patch management?
Hi I'd like to consider upgrade clients from Windows 7 Pro to Windows 10 Pro, but the automatic updates are still an inconvenience of that OS. I'd like to know what Manageengine recommendations are to be able to use the patch management feature of Desktop central properly. I can't find any guide on the website. Is there a way to disable automatic updates by Microsoft in the Pro version? Or will the defer updates need to be activated to avoid immediate update installations? If not both, what is the
Post-Installation Activities
New to Desktop Central, formerly SCCM, and I am already a big fan ! Post installation activities only lists 'custom script'. What kinds of scripts can I use ? .bat .cmd ? What about .vbs, AutoIT, Python ? Also, does my script have to live in the 'script repository' or can it just be added to the software deployment package when I '+add files' ? If someone could post a screenshot of a post-installation script entry that would be super helpful.
Error in deployment "Could not connect the share from the client computer
Hello. I'm attempting to deploy a software configuration and I'm receiving an error in the remarks, "Could not connect the share from the client computer: The specified network name is no longer available". I've tried looking in the log and I'm not locating the information. What does this mean exactly? Thanks, Jesse Barnes
Unable to update patch database using closed network process
Are there any known issues with updating the patch database using the closed network process in DC version 10.0.135? I have not been successful since our version upgrade 2 weeks ago.
Patch Tuesday: November 2017 updates
Hi there, Patch Tuesday is back again with 53 security vulnerabilities this time. As usual, Microsoft has released updates for its various products. We strongly recommend patching all these latest security patches right away to avoid unnecessary security breaches, while installing the non-security patches at your discretion. Read more: https://goo.gl/F3EW6Q
Building a Quarterly Pilot/Prod Patching Process
Hello, I work for an MSP and we are trying to build a quarterly prod patching process that includes a pilot group scenario for a particular client and future clients. We currently use Kaseya(we are looking at moving off Kaseya for patching with a possible move to ManageEngine) and the communication from them is that based on how Microsoft handles superseding of Monthly CU/Rollups the Pilot and Prod patching would need to occur in between the releases of Monthly CU/Rollups to avoid superseding making
Can ManageEngines patch management deliver this?
Hi, we are looking for product to replace SCCM for windows patching for our ~3000 windows servers, our main requirements are: 1. Price << SCCM 2. Microsoft products patching (OS/Office/.net/etc basically everything WSUS does) 3. 3rd party products patching 4. Client->Server pull communication (no connections from server to clients are possible in some of our networks) 5. Multiple management/distribution points across network zones, communicating to "main node" for central view of overall estate.
Next Page