SlideShare a Scribd company logo

KACE Agent Architecture and Troubleshooting Overview

Dell World
Dell World

Hear from the engineers about the agent architecture, best practices and troubleshooting tips to keep things running smoothly: http://dell.to/1GDYpr8

Software
1 of 26
Download to read offline
Dell World 2014 KACE Agent Architecture and Troubleshooting Overview Allen Tsai: Principal Engineer Rob Napier: Principal Engineer November, 06, 2014 Dell World User Forum
Dell World 2014 • Changes in 6.0/6.3 • Key field issues addressed • What a healthy agent looks like • Data files • Agent plugins • Log file • Windows installer • AMP watchdog • Agent security • Debugging tips Overview
Dell World 2014 • Application Blacklisting for Windows and Mac • Updated User Alert (Windows and Mac parity) • Expanded inventory collection • Improved reliability • Improved security • AMP watchdog Changes in 6.0 & 6.3
Dell World 2014 • KA-334 : Cannot replicate patches to UNC path • KA-1231: Replicated large files keep on growing in size • KA-1328: AMPAgent incorrectly terminates csrss.exe as its child process upon exit • KA-231: AMPAgent can utilize too much CPU on Mac and Windows Key Field Issues Addressed in 6.0/6.3
Dell World 2014 • AMPAgent service/daemon running • Valid amp.conf with the proper host specified • Valid amp_auto.conf (6.3) with AMP port 52230 • Network characteristics of a healthy agent • Heartbeat every 20 seconds • Regular inventory (interval specified by K1) • Cycle thru read/write operations (visible in debug) What a healthy agent looks like
Dell World 2014 • amp.conf • amp_auto.conf (6.3) • inventory.xml • kinventory.db • InventoryData.Software • ksw_process.db • ksw_timestamps.db • Metering_data.txt • kbots_cache/kbots.xml Data Files
Dell World 2014 • host=<hostname> : all you need in amp.conf is a host field, and the agent can fill in the rest once it’s connected to the server. • debug=true|all : use debug field to increase logging, but watch out for rollover. • The log will roll over at 4 MB and 5 old logs are kept. • Starting with 6.3, all the below calculated properties are stored in amp_auto.conf • wto, rto, cto, crto : write, read, connect and connect-retry timeouts • servercompress : control whether the agent automatically compress uploads • maxDownloadSpeed : set the max speed in KB/s that the agent can download payloads at • processtimeout=xxx : override default process timeout in milliseconds • ampurl, ampport, weburl, webport, companyname, splashtext, etc… : some variables are controlled by agent and should not be changed by the user amp.conf & amp_auto.conf
Dell World 2014 • kinventory.db • SQLite database used for inventory capture and for generating inventory.xml file. • Useful for debugging when inventory.xml is missing or incomplete. • Can be deleted to have kinventory repopulate in case of suspected corruption. • inventory.xml • The XML that describes the machine generated from the information in kinventory.db • Useful to check if agent is collecting the information correctly when troubleshooting incorrect inventory data kinventory.db & inventory.xml
Dell World 2014 • Software inventory collected to match against Dell Software Catalog • Contains the list of all binaries and their attributes from the entire file system • Contains some additional information such as Windows add/remove registry keys • Used by K1 to determine all the software titles installed on the system • Not to be confused with regular inventory, which is more hardware oriented InventoryData.software
Dell World 2014 • SQLite database introduced in 5.5 to capture the software metering data. • This database stores all the real time metering data as processes launch/terminate, and will be flushed when server asks for a report. • Maximum rows is configurable. The default maximum is 5000 rows and can be adjusted depending on the software meter flush interval. • On the Mac, there are multiple copies of ksw_process database, one per logged in user. The databases will have _username appended to the base filename. • E.g.: ksw_process_atsai.db ksw_process.db
Dell World 2014 • SQLite database introduced in 5.5 to store information such as last alive date • Used to recover in case software metering process itself is terminated and unable to determine the termination time for process it is monitoring. Provides a best guess answer as to when processed we were monitoring terminated once software meter process starts back up. • Like ksw_process.db, there are multiple DB on the Mac, one per user with _username appended to the base filename. • E.g.: ksw_timestamp_atsai.db ksw_timestamp.db
Dell World 2014 • Software meter results flushed from ksw_process.db • Contains a list of all processes that ran on the system, their attributes, start time and end time as well as user that launched the process. • This is generated when K1 asks the agent to flush its result and upload to server. metering_data.txt
Dell World 2014 • Lists all online and offline scripts. • Provides ID and VERSION of active scripts, located in the same folder. • Used by the boot, login and offline script engines to loop through and look for applicable scripts. • Updated by kbot number 3. • C:Program Files (x86)DellKACErunkbot.exe 3 0 kbots_cache/kbots.xml
Dell World 2014 • The primary functions of the agent arehandled by the AMPAgent service/daemon and 4 supporting plugins • pluginWeb: handles script downloads, replication, log uploads. • pluginRunProcess: handles scripts and runs processes thru runkbot. • pluginPatching: handles detecting/deploying of patches. • pluginDesktopAlerts: handles displaying broadcast user alerts or pre-install script alerts. Agent Plugins
Dell World 2014 • With 6.0, we consolidated all agent logs into a single log file KAgent.log. • This allows for a better trace of exact events that happened on the agent without having to cross reference all the logs and match up by time. • The log contain the date, module and the function name that generated the log. [2014-10-14.19:58:32][KInventory:CInventoryData::Initi] KInventory InventoryData opened DB successfully [2014-10-14.19:58:32][KInventory:CInventoryData::Initi] KInventory InventoryData populated the DB [2014-10-14.19:59:15][KInventory:runInventory ] KInventory Inventory Capture completed and stored in C:ProgramDataDellKACEinventory.xml [2014-10-14.19:59:15][KCopy:UploadUsingCurl ] UploadFile: Server gzip compression is active [2014-10-14.19:59:15][KCopy:UploadUsingCurl ] UploadFile: uploading file C:ProgramDataDellKACEinventory.xml.gz to https://engk1agent3/service/inventory.php?KUID=F2C603AD-08C8-48D3-A556-25F2702F6D89&VERSION=6.0.32 Log File starting 6.0
Dell World 2014 • By default, Windows agent provisioning, removal and updates produce two debug logs files: • ampmsi.log: msiexec /L*v log file, found in the %TEMP% folder • ampinstaller.log: custom action log file, found in the %TEMP% folder as well as the KACE data folder • The log files indicate when agent installed and/or uninstalled, and flags and properties passed in. • When run non-silently, the agent will honor the current locale language if is one of the 10 supported languages. Otherwise, default is English. • Use the new GPO Provisioning tool to help create the GPO. Will not need to use the setlang VB script to override default locale anymore if use the GPO Provisioning tool. • https://www.kace.com/support/resources/kb/solutiondetail?sol=133776 Windows Installer
Dell World 2014 • /i <msi file> : install msi file (example: msiexec /i amp.msi) • /x <msi file> : The preferred way to uninstall agent is to run “AMPTools uninstall” • /qn : silent install (example: msiexec /qn /i amp.msi) • /L*v <log_file> : create log file (example: msiexec /L*v amp.log /i amp.msi) • HOST=<host_name> : set amp.conf host value (example: msiexec /i amp.msi HOST=kbox7.acme.com) • Alternatively: you can append to msi filename (example: msiexec /i amp_kbox7.acme.com) • DEBUG=true : set amp.conf debug value (example: msiexec /i amp.msi HOST=kbox7 DEBUG=true) • NOHOOKS=1 : don’t install boot & logon hook dlls (msiexec /i amp.msi HOST=kbox7 NOHOOKS=1) • CLONEPREP=1 : do not start AMP service until next reboot (msiexec /i amp.msi CLONEPREP=1) Windows Installer Common Properties
Dell World 2014 • Introduced in 6.3, AMPWatchDog monitors the health of agent and perform simple recovery to address majority of the common issues • Conditions which AMPWatchDog monitors currently: • AMPAgent executable exists in expected location • AMP configuration file exist with server host • AMP Service/Daemon not running (Restart agent) • Inventory.xml exists and is less than 3.5 times the configured frequency (Restart agent) • ampport=port exists in amp_auto.conf (Restart agent) • Logs netstat output relevant to ampagent connection AMPWatchDog
Dell World 2014 • Agent by default will accept http connection if https can not be established with K1 • Uses OpenSSL 1.0.1h with Heartbleed addressed • Agent is not affected by the POODLE vulnerability • Only publicly signed certificates honored • The signing root authority must be included in the curl certificate bundle (cacert.pem in agent data directory, exported from Mozilla) • Different SSL options to set in amp.conf • sslrequired: Agent will not fall back to http if https can not be established • verifyssl: Agent will verify the server certificate, implied sslrequired • TLS will be on by default in the future Agent Security
Dell World 2014 • What are the basic stuff to look for when suspecting agent issues? • Turn on Debug=true • Is agent running? • Is the KAgent.log being updated? (under users directory) • Is the agent connected? DNS issues? Use FQDN when possible. Can you resolve the host and telnet to port 52230? • Agent is 32 bits, remember that for any registry/file system OS redirections • Test agent functionalities by running runkbot 2 0 • Windows: c:Program Files (x86)DellKACErunkbot 2 0 • Mac: /Library/Application Support/Dell/KACE/bin/runkbot 2 0 • Linux: /opt/dell/kace/bin/runkbot 2 0 • Are there crash dumps? • Windows: c:ProgramDataDellKACE*.dmp • Mac: Console Trouble Shooting
Dell World 2014 • Eliminate possible system conflicts (disable firewall, turn off AV program, etc.) • Look at the log file in the KACE data folder • Win XP: “C:Documents and SettingsAll UsersDellKACEuser • Vista and Win 7: C:ProgramDataDellKACEuser • Mac: /Library/Application Support/Dell/KACE/data/user • Linux: /var/dell/kace/user • Verify valid amp.conf file, and regenerate it if needed using AMPTools • AMPTools resetconf host=kbox7.acme.com • Verify existence of valid kbots_cache/kbots.xml files and supporting script xml files Debugging Tips
Dell World 2014 • Verify K1000 host name resolves using browser or command line • ping kbox7.acme.com • telnet kbox7.acme.com 52230 • Enable debugging by running “AMPTools debug=true” which will set debug value in amp.conf and restart the agent. • Alternatively, you can temporarily enable debugging on Windows without restarting the agent using “sc control ampagent 199” (This only enables debug for AMPAgent, not all binaries) Debugging Tips (continued)
Dell World 2014 • HexDump • Setting HEX_DMP environment variable before starting AMPAgent will cause AMPAgent to log the exact informtion it tries to send and receive over the wire. • HeartBeat o [Smurf_write_SYNC ] ------------------------------------------------------------- ------------------- [Smurf_write_SYNC ] 00000000 00 00 00 01 05 ..... [Smurf_write_SYNC ] 00000005 ---------------------------------------------- ----------------------- • Agent connection string o [Smurf_write_SYNC ] ------------------------------------------------------------- ------------------- o [Smurf_write_SYNC ] 00000000 00 00 00 01 02 00 06 00 00 00 21 36 34 34 35 46 ..........!6445F o [Smurf_write_SYNC ] 00000010 45 42 34 34 34 33 37 34 36 33 31 41 30 33 39 35 EB444374631A0395 o [Smurf_write_SYNC ] 00000020 30 42 31 31 32 34 39 37 34 31 41 00 00 00 00 0a 0B11249741A..... o [Smurf_write_SYNC ] 00000030 30 2c 32 2c 34 2c 36 2c 35 00 00 00 00 6b 76 65 0,2,4,6,5....kve Debugging Tips (continued)
Dell World 2014 • Basic information to collect when observed crashes • Collect crash dumps or crash call stack • Windows 2008/Vista and newer: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsWindows Error ReportingLocalDumps • Mac: Agent crashes will show under System Diagnostic Report in Console. Collect the crash call stack. • Collect agent version • Collect agent log in debug mode • All the information are important in order to debug and simulate the failure successfully. Need the agent version in order to match the crash dump up with the debug symbols. Crashes Diagnostics
Dell World User Forum Q & A
Dell World User Forum Thank you.

Recommended

Inventory Tips & Tricks
Inventory Tips & TricksInventory Tips & Tricks
Inventory Tips & Tricks
Dell World
 
The Background Noise of the Internet
The Background Noise of the InternetThe Background Noise of the Internet
The Background Noise of the Internet
Andrew Morris
 
Troubleshooting K1000
Troubleshooting K1000Troubleshooting K1000
Troubleshooting K1000
Dell World
 
賽門鐵克 NetBackup 7.5 完整簡報
賽門鐵克 NetBackup 7.5 完整簡報賽門鐵克 NetBackup 7.5 完整簡報
賽門鐵克 NetBackup 7.5 完整簡報
Wales Chen
 
Solaris cluster customer presentation
Solaris cluster customer presentationSolaris cluster customer presentation
Solaris cluster customer presentation
xKinAnx
 
60 Admin Tips
60 Admin Tips60 Admin Tips
60 Admin Tips
Gabriella Davis
 
MAA for Oracle Database, Exadata and the Cloud
MAA for Oracle Database, Exadata and the CloudMAA for Oracle Database, Exadata and the Cloud
MAA for Oracle Database, Exadata and the Cloud
Markus Michalewicz
 
10 ways to improve your rman script
10 ways to improve your rman script10 ways to improve your rman script
10 ways to improve your rman script
Maris Elsins
 

Recommended

Inventory Tips & Tricks
Inventory Tips & TricksInventory Tips & Tricks
Inventory Tips & Tricks
Dell World
 
The Background Noise of the Internet
The Background Noise of the InternetThe Background Noise of the Internet
The Background Noise of the Internet
Andrew Morris
 
Troubleshooting K1000
Troubleshooting K1000Troubleshooting K1000
Troubleshooting K1000
Dell World
 
賽門鐵克 NetBackup 7.5 完整簡報
賽門鐵克 NetBackup 7.5 完整簡報賽門鐵克 NetBackup 7.5 完整簡報
賽門鐵克 NetBackup 7.5 完整簡報
Wales Chen
 
Solaris cluster customer presentation
Solaris cluster customer presentationSolaris cluster customer presentation
Solaris cluster customer presentation
xKinAnx
 
60 Admin Tips
60 Admin Tips60 Admin Tips
60 Admin Tips
Gabriella Davis
 
MAA for Oracle Database, Exadata and the Cloud
MAA for Oracle Database, Exadata and the CloudMAA for Oracle Database, Exadata and the Cloud
MAA for Oracle Database, Exadata and the Cloud
Markus Michalewicz
 
10 ways to improve your rman script
10 ways to improve your rman script10 ways to improve your rman script
10 ways to improve your rman script
Maris Elsins
 
Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them AllScylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
ScyllaDB
 
Features and Comparison - Ubuntu, Debian, Cent OS
Features and Comparison - Ubuntu, Debian, Cent OSFeatures and Comparison - Ubuntu, Debian, Cent OS
Features and Comparison - Ubuntu, Debian, Cent OS
Shubham Sharma
 
Backup Exec 21
Backup Exec 21Backup Exec 21
Backup Exec 21
Ayman Seyam
 
OpenStack DRaaS - Freezer - 101
OpenStack DRaaS - Freezer - 101OpenStack DRaaS - Freezer - 101
OpenStack DRaaS - Freezer - 101
Trinath Somanchi
 
Linux beginner's Workshop
Linux beginner's WorkshopLinux beginner's Workshop
Linux beginner's Workshop
futureshocked
 
Must Read HP Data Protector Interview Questions
Must Read HP Data Protector Interview QuestionsMust Read HP Data Protector Interview Questions
Must Read HP Data Protector Interview Questions
Laxman J
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion Techniques
Thomas Roccia
 
Linux crontab
Linux crontabLinux crontab
Linux crontab
Teja Bheemanapally
 
Oracle license management training part 3
Oracle license management training part 3Oracle license management training part 3
Oracle license management training part 3
Redress Compliance Limited
 
Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...
Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...
Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...
Walmyr Lima e Silva Filho
 
Apa itu malware
Apa itu malwareApa itu malware
Apa itu malware
Mohammad Ali Syarief
 
Advanced rac troubleshooting
Advanced rac troubleshootingAdvanced rac troubleshooting
Advanced rac troubleshooting
Riyaj Shamsudeen
 
DominoMigrationProposal
DominoMigrationProposalDominoMigrationProposal
DominoMigrationProposal
Lynn Levash
 
Active Directory
Active DirectoryActive Directory
Active Directory
Wellington Oliveira
 
Troubleshooting Native Memory Leaks in Java Applications
Troubleshooting Native Memory Leaks in Java ApplicationsTroubleshooting Native Memory Leaks in Java Applications
Troubleshooting Native Memory Leaks in Java Applications
Poonam Bajaj Parhar
 
Alles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssenAlles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssen
panagenda
 
OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...
OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...
OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...
Altinity Ltd
 
Blue Phoenix Idms Migration
Blue Phoenix Idms MigrationBlue Phoenix Idms Migration
Blue Phoenix Idms Migration
GilShalit
 
05_DP_300T00A_Optimize.pptx
05_DP_300T00A_Optimize.pptx05_DP_300T00A_Optimize.pptx
05_DP_300T00A_Optimize.pptx
KareemBullard1
 
Practical DevSecOps: Fundamentals of Successful Programs
Practical DevSecOps: Fundamentals of Successful ProgramsPractical DevSecOps: Fundamentals of Successful Programs
Practical DevSecOps: Fundamentals of Successful Programs
Matt Tesauro
 
Optimizing K2000 Workflow
Optimizing K2000 WorkflowOptimizing K2000 Workflow
Optimizing K2000 Workflow
Dell World
 
KACE Ends Mac Systems Management Discrimination
KACE Ends Mac Systems Management DiscriminationKACE Ends Mac Systems Management Discrimination
KACE Ends Mac Systems Management Discrimination
sendhil_jay
 

More Related Content

What's hot

Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them AllScylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
ScyllaDB
 
Oracle license management training part 3
Oracle license management training part 3Oracle license management training part 3
Oracle license management training part 3
Redress Compliance Limited
 
DominoMigrationProposal
DominoMigrationProposalDominoMigrationProposal
DominoMigrationProposal
Lynn Levash
 
Alles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssenAlles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssen
panagenda
 
Practical DevSecOps: Fundamentals of Successful Programs
Practical DevSecOps: Fundamentals of Successful ProgramsPractical DevSecOps: Fundamentals of Successful Programs
Practical DevSecOps: Fundamentals of Successful Programs
Matt Tesauro
 

What's hot (20)

Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them AllScylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
Scylla Summit 2022: ScyllaDB Rust Driver: One Driver to Rule Them All
 
Features and Comparison - Ubuntu, Debian, Cent OS
Features and Comparison - Ubuntu, Debian, Cent OSFeatures and Comparison - Ubuntu, Debian, Cent OS
Features and Comparison - Ubuntu, Debian, Cent OS
 
Backup Exec 21
Backup Exec 21Backup Exec 21
Backup Exec 21
 
OpenStack DRaaS - Freezer - 101
OpenStack DRaaS - Freezer - 101OpenStack DRaaS - Freezer - 101
OpenStack DRaaS - Freezer - 101
 
Linux beginner's Workshop
Linux beginner's WorkshopLinux beginner's Workshop
Linux beginner's Workshop
 
Must Read HP Data Protector Interview Questions
Must Read HP Data Protector Interview QuestionsMust Read HP Data Protector Interview Questions
Must Read HP Data Protector Interview Questions
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion Techniques
 
Linux crontab
Linux crontabLinux crontab
Linux crontab
 
Oracle license management training part 3
Oracle license management training part 3Oracle license management training part 3
Oracle license management training part 3
 
Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...
Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...
Testando na Gringa - Se preparando para uma entrevista técnica para uma vaga ...
 
Apa itu malware
Apa itu malwareApa itu malware
Apa itu malware
 
Advanced rac troubleshooting
Advanced rac troubleshootingAdvanced rac troubleshooting
Advanced rac troubleshooting
 
DominoMigrationProposal
DominoMigrationProposalDominoMigrationProposal
DominoMigrationProposal
 
Active Directory
Active DirectoryActive Directory
Active Directory
 
Troubleshooting Native Memory Leaks in Java Applications
Troubleshooting Native Memory Leaks in Java ApplicationsTroubleshooting Native Memory Leaks in Java Applications
Troubleshooting Native Memory Leaks in Java Applications
 
Alles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssenAlles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssen
 
OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...
OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...
OSA Con 2022 - Signal Correlation, the Ho11y Grail - Michael Hausenblas - AWS...
 
Blue Phoenix Idms Migration
Blue Phoenix Idms MigrationBlue Phoenix Idms Migration
Blue Phoenix Idms Migration
 
05_DP_300T00A_Optimize.pptx
05_DP_300T00A_Optimize.pptx05_DP_300T00A_Optimize.pptx
05_DP_300T00A_Optimize.pptx
 
Practical DevSecOps: Fundamentals of Successful Programs
Practical DevSecOps: Fundamentals of Successful ProgramsPractical DevSecOps: Fundamentals of Successful Programs
Practical DevSecOps: Fundamentals of Successful Programs
 

Viewers also liked

Viewers also liked (10)

Optimizing K2000 Workflow
Optimizing K2000 WorkflowOptimizing K2000 Workflow
Optimizing K2000 Workflow
 
KACE Ends Mac Systems Management Discrimination
KACE Ends Mac Systems Management DiscriminationKACE Ends Mac Systems Management Discrimination
KACE Ends Mac Systems Management Discrimination
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
 
Fifty shades of compliance by Mark Bartrick, Forrester Research
Fifty shades of compliance by Mark Bartrick, Forrester ResearchFifty shades of compliance by Mark Bartrick, Forrester Research
Fifty shades of compliance by Mark Bartrick, Forrester Research
 
How to work with a vendor during an audit & what not to do – is there such a ...
How to work with a vendor during an audit & what not to do – is there such a ...How to work with a vendor during an audit & what not to do – is there such a ...
How to work with a vendor during an audit & what not to do – is there such a ...
 
KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017
 
IBM Audit Defence Strategies: Eric Chiu - Fisher IT Asset Consulting (ITAM Re...
IBM Audit Defence Strategies: Eric Chiu - Fisher IT Asset Consulting (ITAM Re...IBM Audit Defence Strategies: Eric Chiu - Fisher IT Asset Consulting (ITAM Re...
IBM Audit Defence Strategies: Eric Chiu - Fisher IT Asset Consulting (ITAM Re...
 
IBM License management
IBM License managementIBM License management
IBM License management
 
SCCM
SCCMSCCM
SCCM
 
Configuration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environmentsConfiguration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environments
 

Similar to KACE Agent Architecture and Troubleshooting Overview

How to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceHow to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experience
Docker, Inc.
 
1049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 2016
1049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 20161049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 2016
1049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 2016
panagenda
 
Sa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administratorsSa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administrators
Sharon James
 
Planning Optimal Lotus Quickr services for Portal (J2EE) Deployments
Planning Optimal Lotus Quickr services for Portal (J2EE) DeploymentsPlanning Optimal Lotus Quickr services for Portal (J2EE) Deployments
Planning Optimal Lotus Quickr services for Portal (J2EE) Deployments
Stuart McIntyre
 
Soccnx10: Best and worst practices deploying IBM Connections
Soccnx10: Best and worst practices deploying IBM ConnectionsSoccnx10: Best and worst practices deploying IBM Connections
Soccnx10: Best and worst practices deploying IBM Connections
panagenda
 
Cloud Native Development
Cloud Native DevelopmentCloud Native Development
Cloud Native Development
Manuel Garcia
 

Similar to KACE Agent Architecture and Troubleshooting Overview (20)

(ATS6-PLAT07) Managing AEP in an enterprise environment
(ATS6-PLAT07) Managing AEP in an enterprise environment(ATS6-PLAT07) Managing AEP in an enterprise environment
(ATS6-PLAT07) Managing AEP in an enterprise environment
 
High Volume Payments using Mule
High Volume Payments using MuleHigh Volume Payments using Mule
High Volume Payments using Mule
 
How to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceHow to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experience
 
Best And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM ConnectionsBest And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM Connections
 
1049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 2016
1049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 20161049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 2016
1049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 2016
 
Sa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administratorsSa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administrators
 
CNIT 152 10 Enterprise Service
CNIT 152 10 Enterprise ServiceCNIT 152 10 Enterprise Service
CNIT 152 10 Enterprise Service
 
be the captain of your connections deployment
be the captain of your connections deploymentbe the captain of your connections deployment
be the captain of your connections deployment
 
Planning Optimal Lotus Quickr services for Portal (J2EE) Deployments
Planning Optimal Lotus Quickr services for Portal (J2EE) DeploymentsPlanning Optimal Lotus Quickr services for Portal (J2EE) Deployments
Planning Optimal Lotus Quickr services for Portal (J2EE) Deployments
 
Soccnx10: Best and worst practices deploying IBM Connections
Soccnx10: Best and worst practices deploying IBM ConnectionsSoccnx10: Best and worst practices deploying IBM Connections
Soccnx10: Best and worst practices deploying IBM Connections
 
CNIT 152: 10 Enterprise Services
CNIT 152: 10 Enterprise ServicesCNIT 152: 10 Enterprise Services
CNIT 152: 10 Enterprise Services
 
Detailed Introduction To Docker
Detailed Introduction To DockerDetailed Introduction To Docker
Detailed Introduction To Docker
 
Windows 2012 R2 Multi Server Management
Windows 2012 R2 Multi Server ManagementWindows 2012 R2 Multi Server Management
Windows 2012 R2 Multi Server Management
 
CNIT 121: 10 Enterprise Services
CNIT 121: 10 Enterprise ServicesCNIT 121: 10 Enterprise Services
CNIT 121: 10 Enterprise Services
 
Cloud Native Development
Cloud Native DevelopmentCloud Native Development
Cloud Native Development
 
.NET Cloud-Native Bootcamp
.NET Cloud-Native Bootcamp.NET Cloud-Native Bootcamp
.NET Cloud-Native Bootcamp
 
Practical solutions for connections administrators
Practical solutions for connections administratorsPractical solutions for connections administrators
Practical solutions for connections administrators
 
Apache Airflow (incubating) NL HUG Meetup 2016-07-19
Apache Airflow (incubating) NL HUG Meetup 2016-07-19Apache Airflow (incubating) NL HUG Meetup 2016-07-19
Apache Airflow (incubating) NL HUG Meetup 2016-07-19
 
Fluentd and docker monitoring
Fluentd and docker monitoringFluentd and docker monitoring
Fluentd and docker monitoring
 
Cognos Performance Tuning Tips & Tricks
Cognos Performance Tuning Tips & TricksCognos Performance Tuning Tips & Tricks
Cognos Performance Tuning Tips & Tricks
 

More from Dell World

Channel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsChannel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software Solutions
Dell World
 
NVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about TimeNVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about Time
Dell World
 

More from Dell World (20)

Dell Data Center Networking Overview
Dell Data Center Networking OverviewDell Data Center Networking Overview
Dell Data Center Networking Overview
 
Dell Storage Management
Dell Storage ManagementDell Storage Management
Dell Storage Management
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions Lab
 
2020 Vision For Your Network
2020 Vision For Your Network2020 Vision For Your Network
2020 Vision For Your Network
 
Dell Cloud Manager Overview
Dell Cloud Manager OverviewDell Cloud Manager Overview
Dell Cloud Manager Overview
 
Dell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch Provisioning
 
Simplifying Systems Management
Simplifying Systems ManagementSimplifying Systems Management
Simplifying Systems Management
 
Channel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsChannel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software Solutions
 
Innovating Teaching & Learning: Next Generation Student Access Model
Innovating Teaching & Learning: Next Generation Student Access ModelInnovating Teaching & Learning: Next Generation Student Access Model
Innovating Teaching & Learning: Next Generation Student Access Model
 
Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)Executing on the promise of the Internet of Things (IoT)
Executing on the promise of the Internet of Things (IoT)
 
Focus on business, not backups
Focus on business, not backupsFocus on business, not backups
Focus on business, not backups
 
NVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about TimeNVMe PCIe and TLC V-NAND It’s about Time
NVMe PCIe and TLC V-NAND It’s about Time
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats
 
The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...The Keys To A Successful Identity And Access Management Program: How Does You...
The Keys To A Successful Identity And Access Management Program: How Does You...
 
Client Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced ThreatsClient Security Strategies To Defeat Advanced Threats
Client Security Strategies To Defeat Advanced Threats
 
What a data-centric strategy gives you that others do not
What a data-centric strategy gives you that others do notWhat a data-centric strategy gives you that others do not
What a data-centric strategy gives you that others do not
 
Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?Cloud: To Build or Buy - Can You Justify On-Premises IT?
Cloud: To Build or Buy - Can You Justify On-Premises IT?
 
Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption Cloud security: Accelerating cloud adoption
Cloud security: Accelerating cloud adoption
 
Detecting advanced and evasive threats on the network
Detecting advanced and evasive threats on the networkDetecting advanced and evasive threats on the network
Detecting advanced and evasive threats on the network
 
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
So You Need To Build A Private Cloud. What Now? Best Practices For Building Y...
 

Recently uploaded

Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
VictorSzoltysek
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 

Recently uploaded (20)

Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 

KACE Agent Architecture and Troubleshooting Overview

  • 1. Dell World 2014 KACE Agent Architecture and Troubleshooting Overview Allen Tsai: Principal Engineer Rob Napier: Principal Engineer November, 06, 2014 Dell World User Forum
  • 2. Dell World 2014 • Changes in 6.0/6.3 • Key field issues addressed • What a healthy agent looks like • Data files • Agent plugins • Log file • Windows installer • AMP watchdog • Agent security • Debugging tips Overview
  • 3. Dell World 2014 • Application Blacklisting for Windows and Mac • Updated User Alert (Windows and Mac parity) • Expanded inventory collection • Improved reliability • Improved security • AMP watchdog Changes in 6.0 & 6.3
  • 4. Dell World 2014 • KA-334 : Cannot replicate patches to UNC path • KA-1231: Replicated large files keep on growing in size • KA-1328: AMPAgent incorrectly terminates csrss.exe as its child process upon exit • KA-231: AMPAgent can utilize too much CPU on Mac and Windows Key Field Issues Addressed in 6.0/6.3
  • 5. Dell World 2014 • AMPAgent service/daemon running • Valid amp.conf with the proper host specified • Valid amp_auto.conf (6.3) with AMP port 52230 • Network characteristics of a healthy agent • Heartbeat every 20 seconds • Regular inventory (interval specified by K1) • Cycle thru read/write operations (visible in debug) What a healthy agent looks like
  • 6. Dell World 2014 • amp.conf • amp_auto.conf (6.3) • inventory.xml • kinventory.db • InventoryData.Software • ksw_process.db • ksw_timestamps.db • Metering_data.txt • kbots_cache/kbots.xml Data Files
  • 7. Dell World 2014 • host=<hostname> : all you need in amp.conf is a host field, and the agent can fill in the rest once it’s connected to the server. • debug=true|all : use debug field to increase logging, but watch out for rollover. • The log will roll over at 4 MB and 5 old logs are kept. • Starting with 6.3, all the below calculated properties are stored in amp_auto.conf • wto, rto, cto, crto : write, read, connect and connect-retry timeouts • servercompress : control whether the agent automatically compress uploads • maxDownloadSpeed : set the max speed in KB/s that the agent can download payloads at • processtimeout=xxx : override default process timeout in milliseconds • ampurl, ampport, weburl, webport, companyname, splashtext, etc… : some variables are controlled by agent and should not be changed by the user amp.conf & amp_auto.conf
  • 8. Dell World 2014 • kinventory.db • SQLite database used for inventory capture and for generating inventory.xml file. • Useful for debugging when inventory.xml is missing or incomplete. • Can be deleted to have kinventory repopulate in case of suspected corruption. • inventory.xml • The XML that describes the machine generated from the information in kinventory.db • Useful to check if agent is collecting the information correctly when troubleshooting incorrect inventory data kinventory.db & inventory.xml
  • 9. Dell World 2014 • Software inventory collected to match against Dell Software Catalog • Contains the list of all binaries and their attributes from the entire file system • Contains some additional information such as Windows add/remove registry keys • Used by K1 to determine all the software titles installed on the system • Not to be confused with regular inventory, which is more hardware oriented InventoryData.software
  • 10. Dell World 2014 • SQLite database introduced in 5.5 to capture the software metering data. • This database stores all the real time metering data as processes launch/terminate, and will be flushed when server asks for a report. • Maximum rows is configurable. The default maximum is 5000 rows and can be adjusted depending on the software meter flush interval. • On the Mac, there are multiple copies of ksw_process database, one per logged in user. The databases will have _username appended to the base filename. • E.g.: ksw_process_atsai.db ksw_process.db
  • 11. Dell World 2014 • SQLite database introduced in 5.5 to store information such as last alive date • Used to recover in case software metering process itself is terminated and unable to determine the termination time for process it is monitoring. Provides a best guess answer as to when processed we were monitoring terminated once software meter process starts back up. • Like ksw_process.db, there are multiple DB on the Mac, one per user with _username appended to the base filename. • E.g.: ksw_timestamp_atsai.db ksw_timestamp.db
  • 12. Dell World 2014 • Software meter results flushed from ksw_process.db • Contains a list of all processes that ran on the system, their attributes, start time and end time as well as user that launched the process. • This is generated when K1 asks the agent to flush its result and upload to server. metering_data.txt
  • 13. Dell World 2014 • Lists all online and offline scripts. • Provides ID and VERSION of active scripts, located in the same folder. • Used by the boot, login and offline script engines to loop through and look for applicable scripts. • Updated by kbot number 3. • C:Program Files (x86)DellKACErunkbot.exe 3 0 kbots_cache/kbots.xml
  • 14. Dell World 2014 • The primary functions of the agent arehandled by the AMPAgent service/daemon and 4 supporting plugins • pluginWeb: handles script downloads, replication, log uploads. • pluginRunProcess: handles scripts and runs processes thru runkbot. • pluginPatching: handles detecting/deploying of patches. • pluginDesktopAlerts: handles displaying broadcast user alerts or pre-install script alerts. Agent Plugins
  • 15. Dell World 2014 • With 6.0, we consolidated all agent logs into a single log file KAgent.log. • This allows for a better trace of exact events that happened on the agent without having to cross reference all the logs and match up by time. • The log contain the date, module and the function name that generated the log. [2014-10-14.19:58:32][KInventory:CInventoryData::Initi] KInventory InventoryData opened DB successfully [2014-10-14.19:58:32][KInventory:CInventoryData::Initi] KInventory InventoryData populated the DB [2014-10-14.19:59:15][KInventory:runInventory ] KInventory Inventory Capture completed and stored in C:ProgramDataDellKACEinventory.xml [2014-10-14.19:59:15][KCopy:UploadUsingCurl ] UploadFile: Server gzip compression is active [2014-10-14.19:59:15][KCopy:UploadUsingCurl ] UploadFile: uploading file C:ProgramDataDellKACEinventory.xml.gz to https://engk1agent3/service/inventory.php?KUID=F2C603AD-08C8-48D3-A556-25F2702F6D89&VERSION=6.0.32 Log File starting 6.0
  • 16. Dell World 2014 • By default, Windows agent provisioning, removal and updates produce two debug logs files: • ampmsi.log: msiexec /L*v log file, found in the %TEMP% folder • ampinstaller.log: custom action log file, found in the %TEMP% folder as well as the KACE data folder • The log files indicate when agent installed and/or uninstalled, and flags and properties passed in. • When run non-silently, the agent will honor the current locale language if is one of the 10 supported languages. Otherwise, default is English. • Use the new GPO Provisioning tool to help create the GPO. Will not need to use the setlang VB script to override default locale anymore if use the GPO Provisioning tool. • https://www.kace.com/support/resources/kb/solutiondetail?sol=133776 Windows Installer
  • 17. Dell World 2014 • /i <msi file> : install msi file (example: msiexec /i amp.msi) • /x <msi file> : The preferred way to uninstall agent is to run “AMPTools uninstall” • /qn : silent install (example: msiexec /qn /i amp.msi) • /L*v <log_file> : create log file (example: msiexec /L*v amp.log /i amp.msi) • HOST=<host_name> : set amp.conf host value (example: msiexec /i amp.msi HOST=kbox7.acme.com) • Alternatively: you can append to msi filename (example: msiexec /i amp_kbox7.acme.com) • DEBUG=true : set amp.conf debug value (example: msiexec /i amp.msi HOST=kbox7 DEBUG=true) • NOHOOKS=1 : don’t install boot & logon hook dlls (msiexec /i amp.msi HOST=kbox7 NOHOOKS=1) • CLONEPREP=1 : do not start AMP service until next reboot (msiexec /i amp.msi CLONEPREP=1) Windows Installer Common Properties
  • 18. Dell World 2014 • Introduced in 6.3, AMPWatchDog monitors the health of agent and perform simple recovery to address majority of the common issues • Conditions which AMPWatchDog monitors currently: • AMPAgent executable exists in expected location • AMP configuration file exist with server host • AMP Service/Daemon not running (Restart agent) • Inventory.xml exists and is less than 3.5 times the configured frequency (Restart agent) • ampport=port exists in amp_auto.conf (Restart agent) • Logs netstat output relevant to ampagent connection AMPWatchDog
  • 19. Dell World 2014 • Agent by default will accept http connection if https can not be established with K1 • Uses OpenSSL 1.0.1h with Heartbleed addressed • Agent is not affected by the POODLE vulnerability • Only publicly signed certificates honored • The signing root authority must be included in the curl certificate bundle (cacert.pem in agent data directory, exported from Mozilla) • Different SSL options to set in amp.conf • sslrequired: Agent will not fall back to http if https can not be established • verifyssl: Agent will verify the server certificate, implied sslrequired • TLS will be on by default in the future Agent Security
  • 20. Dell World 2014 • What are the basic stuff to look for when suspecting agent issues? • Turn on Debug=true • Is agent running? • Is the KAgent.log being updated? (under users directory) • Is the agent connected? DNS issues? Use FQDN when possible. Can you resolve the host and telnet to port 52230? • Agent is 32 bits, remember that for any registry/file system OS redirections • Test agent functionalities by running runkbot 2 0 • Windows: c:Program Files (x86)DellKACErunkbot 2 0 • Mac: /Library/Application Support/Dell/KACE/bin/runkbot 2 0 • Linux: /opt/dell/kace/bin/runkbot 2 0 • Are there crash dumps? • Windows: c:ProgramDataDellKACE*.dmp • Mac: Console Trouble Shooting
  • 21. Dell World 2014 • Eliminate possible system conflicts (disable firewall, turn off AV program, etc.) • Look at the log file in the KACE data folder • Win XP: “C:Documents and SettingsAll UsersDellKACEuser • Vista and Win 7: C:ProgramDataDellKACEuser • Mac: /Library/Application Support/Dell/KACE/data/user • Linux: /var/dell/kace/user • Verify valid amp.conf file, and regenerate it if needed using AMPTools • AMPTools resetconf host=kbox7.acme.com • Verify existence of valid kbots_cache/kbots.xml files and supporting script xml files Debugging Tips
  • 22. Dell World 2014 • Verify K1000 host name resolves using browser or command line • ping kbox7.acme.com • telnet kbox7.acme.com 52230 • Enable debugging by running “AMPTools debug=true” which will set debug value in amp.conf and restart the agent. • Alternatively, you can temporarily enable debugging on Windows without restarting the agent using “sc control ampagent 199” (This only enables debug for AMPAgent, not all binaries) Debugging Tips (continued)
  • 23. Dell World 2014 • HexDump • Setting HEX_DMP environment variable before starting AMPAgent will cause AMPAgent to log the exact informtion it tries to send and receive over the wire. • HeartBeat o [Smurf_write_SYNC ] ------------------------------------------------------------- ------------------- [Smurf_write_SYNC ] 00000000 00 00 00 01 05 ..... [Smurf_write_SYNC ] 00000005 ---------------------------------------------- ----------------------- • Agent connection string o [Smurf_write_SYNC ] ------------------------------------------------------------- ------------------- o [Smurf_write_SYNC ] 00000000 00 00 00 01 02 00 06 00 00 00 21 36 34 34 35 46 ..........!6445F o [Smurf_write_SYNC ] 00000010 45 42 34 34 34 33 37 34 36 33 31 41 30 33 39 35 EB444374631A0395 o [Smurf_write_SYNC ] 00000020 30 42 31 31 32 34 39 37 34 31 41 00 00 00 00 0a 0B11249741A..... o [Smurf_write_SYNC ] 00000030 30 2c 32 2c 34 2c 36 2c 35 00 00 00 00 6b 76 65 0,2,4,6,5....kve Debugging Tips (continued)
  • 24. Dell World 2014 • Basic information to collect when observed crashes • Collect crash dumps or crash call stack • Windows 2008/Vista and newer: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsWindows Error ReportingLocalDumps • Mac: Agent crashes will show under System Diagnostic Report in Console. Collect the crash call stack. • Collect agent version • Collect agent log in debug mode • All the information are important in order to debug and simulate the failure successfully. Need the agent version in order to match the crash dump up with the debug symbols. Crashes Diagnostics
  • 25. Dell World User Forum Q & A
  • 26. Dell World User Forum Thank you.