Upgrading to KACE SDA 5.x on a Hyper-V Platform...You need to read this!!

So we have had this situation come about on a couple of customer engagements in the last month, and as the guidance found in documentation is difficult to find, I thought there may be KACE Users who need to know this information.

If you are in the following situation

You are running Microsoft Hyper-V as your preferred virtual platform of choice and you are considering an upgrade to v5.1 of your SDA.

The negative outcome

Hyper-V will try to take a backup of your KACE SDA and you may lose your KACE SDA database entirely.

You may be able to log a call with support and I am sure they will try to help you recover, but typically we have found the only answer is to start again.

So if you do not want to lose all those hours of work you have put into your SDA you need to set the following setting on your Hyper-V host:

Configuring backup integration services appropriately for KACE Systems Deployment Appliance (SDA) virtual machines running on Hyper-V prevents MySQL database file corruption. KACE SDA virtual machine running on Hyper-V is incorrectly configured for virtual machine (VM) backup, resulting in some MySQL database file corruption inside the appliance, rendering the appliance unusable until Technical Support is contacted to resolve the issue, by restoring the database from the most current, non-corrupted database backup.

This is caused by the Hyper-V live virtual machine backup feature, that facilitates zero down time backup of live virtual machines. For more information, visit https://technet.microsoft.com/en-us/library/dn531031(v=ws.12).aspx.

However, Microsoft does not yet support the Hyper-V live backup feature for any version of FreeBSD virtual machines running on Hyper-V, which includes Hyper-V VMs of the KACE SDA products, since they are based on FreeBSD. For more information, visit https://technet.microsoft.com/library/dn848318(ws.12).aspx.

If correctly configured, when a backup is taken of a VM that does not support live backup, the Hyper-V server takes the VM offline (placed into the saved state) for the duration of the backup process, and then restores the VM to its previous state after the backup process is done. While the VM has to be taken offline, resulting in downtime for the VM, the backup should be able to complete without adversely affecting the VM’s contents. For more information, visit https://technet.microsoft.com/en-us/library/dn798286.aspx.

Since Microsoft does not support live backups of the FreeBSD operating system that the KACE appliances run on, it is important to configure the appropriate Integration Services settings of the KACE SDA Hyper-V VMs that prevent Hyper-V from attempting to perform live backups of the VM. When the VM's Integration Services settings are not properly configured, some customers have experienced file corruption inside of the KACE Systems Deployment Appliance (SDA) which causes it to not function correctly, resulting in needing to contact Technical Support to correct the problem.

Since Microsoft automatically defaults all new Hyper-V VMs to have the Backup Integration Service enabled, if you created a Hyper-V VM for the KACE SDA, follow the instructions below to correctly configure this service for FreeBSD, to prevent the above database file corruption.

Disabling the live backup feature on KACE SDA Hyper-V VMs is recommended.

To disable the Backup Integration Service, in the VM Settings dialog box, under Management > Integration Services, clear the Backup (volume checkpoint) check box, and click Apply. This setting may have a different name, such as Backup (volume shadow copy), depending on the Windows version of the Hyper-V server.  

A full copy of the Setup Guide for Hyper-V Platforms can be found here
Be the first to comment

KACE Agent fails Detect/Deploy with Handshake Error

 This may not be a one size fits all solution, but I had some machines that consistently failed Patch Detect and Patch Deployment since I upgraded my K1000 appliance to version 8.0.318. The Agents were initially at version 7.2.10, so I upgraded them to 8.0.152 but that didn't help. I spent a fair amount of time digging into this and even opened a ticket with Quest support. Their first thought was that our anti-virus was interfering, but that didn't pan out. I finally found a clue in the Kagent.log (hidden file) in the C:\ProgramData\Quest\Kace directory. There were entries stating that the UnziptoDir of the thirdpartypatchfiles zip file was failing. So, I looked on my replication server's K1000share\repl2\patches\windows\ directory and the file was there and it wasn't corrupted. A little testing further on one of the PC's and I found that the file association for .zip files had gotten messed up. I issued a "assoc .zip=CompressedFolder" from an elevated command prompt and then the PC could open zip files again. Since then the Detect or Deploy processes have been working.  
Be the first to comment

KSMA setup with Hybrid Office365/Exchange

You have a Hybrid Office365/Exchange and wondered how to get that setup?

There is no actual KB article for that, so just a clarification there. For the KSMA (K1000) it would see your mail server as two independent servers so one is O365 and another one is going to be your Local Exchange 2013 (I assume), so to put it simple just do the following:

Local Exchange:

But that is not enough so add this.... 


In some special situation this is needed

*NOTE: if you are using O365, every single queue and the network settings needs independent email account!!!!

and that's it...

Questions? let me know
Be the first to comment

Office 365 Monthly Channel.. are you a warrior?

Microsoft released it's servicing channels awhile ago, splitting it to 3 channels.


How does your organization cope with it? have you split your audience too? or have you brought out your "Warrior Attitude" and moved to Monthly Channel all at once?

my approach is a general guidance note. "Split and Enjoy"

  • Identify your most Tech-Savvy, IT and business groups. Caution when adding a business user who performs a critical function in your organization. Start a Monthly Channel group
  • Use a larger group for Semi-Annual Targeted - Rest of your IT dept. and wider business group are ideal candidates
  • keep the Semi-Annual for the production audience.

The Monthly channel group would be the most vocal, as they see the most of the "cool features" that come in.. don't let that fool you :). if something goes wrong, there is very limited support!

Be the first to comment

How to configure MDM management of iOS devices in the Apple Device Enrollment Program

Please check out our new video solution on How to configure MDM management of iOS devices in the Apple Device Enrollment Program This article explains how to set up KACE Cloud MDM management of iOS devices in the Apple Device Enrollment Program (DEP).
Be the first to comment
Showing 6 - 10 of 3198 results