We are a K-12 districtc with 20 locations. We recently updated our K1000 to the latest version, and enabled SSL as well. I'm not sure if that has anything to do with this, but it's solely isolated to one location at this point.

The AMP connection is green for most of the machines there, which shows they are online. However, it shows the last day synced as about 7 days ago on a lot of them. Could this be an issue with SSL or updated agent being pushed out to them? I have a replication box there, that is not powered on at the moment - could it be because they aren't the latest client due to the replication box not updating the clients (since it lost power)?

Answer Summary:
Everything seems to be workig fine after I got the replication box powered on. I think the replication server and all clients were provisioned with the new agent, and they're all checking in now.
0 Comments   [ + ] Show Comments


Please log in to comment

Community Chosen Answer


Everything seems to be workig fine after I  got the replication box powered on. I think the replication server and all clients were provisioned with the new agent, and they're all checking in now.

Answered 02/12/2013 by: sfigg
Red Belt

Please log in to comment



Well if the agents aren't at the replicaiton point and you don' thave it failing over to the KBOX, the agents wouldn't get updated and shouldn't be impacted by anything. Did you check if port 443 was ok from that site?What agent version were they at and did they meet the minimum version for upgrade? 

Did you involve support when you upgraded? 

Answered 02/11/2013 by: nshah
Red Belt

  • We upgraded with support, and all agents seem to be checking in except for that school. The school should have been the same agent as others. I'm guessing it was that the replication box is off, and failover to the main K1000 is disabled, to not bog down our WAN. I just wasn't sure if K1000 agent provisioning was done by the replication box or not. I have a coworker going to relocate the replication box this afternoon, so I'll see if that fixes it.
  • Also, do you know if there is something special I need to do in order for SSL to be enabled on these clients? The support rep for KACE said that they will enable it automatically, but I'm not sure how to check. We haven't disabled non-SSL regular http access yet. We want to make sure SSL is working 100% before we forward port 80 to 443.
Please log in to comment

Check the amp.conf files on some of the clients and see if they are using https for their connections

Answered 02/11/2013 by: jdornan
Red Belt

  • Nope - looks like they use it for the web URL, but not for the AMP connection - am I right in this assumption?

    companyname=wheaton cusd200
    splashtext=dell kace systems management appliance is verifying your pc configuration and managing software updates. please wait...
  • Ok I got it to work from a remote machine...but it seems that the certificate must be installed on every machine, right? Is there a way to deploy this certificate through K1000? And what about doing it through K2000 while imaging, so each machine is setup with the certificate when deployed?
Please log in to comment

Are these clients MacOS computers? A lot of our MacOS clients are showing this behaviour since the upgrade. At least I have noticed it mostly on MacOS computers, I haven't gone looking for it on Windows machines. The only solution I have found so far is to remove and re-install the agent. I have a ticket open with support but haven't received much feedback from them.

Answered 02/12/2013 by: chucksteel
Red Belt

  • Check the KBOX_LOG fiule just after trying a provision and see if there is a line like this

    [2013-02-08 16:19:08 -0700] KBOX [info] Not allowing a (ppc) machine (F1966D4C935B4240BF7084899FD1A8E8) to upgrade to agent version 5.4.5315
Please log in to comment
Answer this question or Comment on this question for clarity