Agents don't check in after a newly built box is online

Hi all,

hopefully you will be able to help me with the following problem:

We decided that we need to rebuild the KACE box.
The old one was first setup ca 2013 and was updated to 8.1
Also all clients were on 8.1 agents.
But since the the box was so old and we wanted to get rid off of old crap (and maybe database corruptions) we setup a new box (8.0 and updated to 8.1)
We imported the Managed Installs and scripts and stuff as we wanted to keep them.
We set also the IP and the DNS and Webservername to the same settings as it were before, assuming the agents will check in.

But this is not the case.
We found out, that the check in produced a BAD_MAC_IP.
On a few test systems we deleted in c:\programdata\quest\kace\ all except the amp.conf and restarted the machines (or the KONEA)
This let the device check in.

But since most of the devices are offsite and not part of the domain GPO to clean the folder out is not an option.
Also not going onsite to each of the clients and/or let them come into the office.

Is there an option to "fix" all of the clients? (the users should not know how to manage the agent because they don't have admin rights and also should not disable it)

0 Comments   [ + ] Show comments

Answers (3)

Posted by: AbhayR 3 years ago
Red Belt
The Agent won't start talking to the newly built server(having the same hostname, DNS) as the Agent verifies the SSL cert with the server before establishing a connection. This is the security which agent has so it cannot start communicating with any other K1 even with the same name.  You will need to replace the SSL cert on the new K1 with the old one in order for the agents to start communicating back(if you still have the old K1).
Posted by: n1md4 3 years ago
Second Degree Blue Belt
you can use a loginscript GPO running a batch file calling amptools.exe -retrust 
this will reset cert informations and agents will get new certificate informations and check in again to your new kbox
Posted by: Nico_K 3 years ago
Red Belt
write a little batch file with 
c:\program files (x86)\quest\kace\amptools.exe retrust

Then you can send this file to the users or publish them on the service desk user downloads so they can run it.

It is a pity that the systems are not in a domain since so you will have the users do this by themselves.
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ