KACE Product Support Question

"KBOX" DNS Entry

10/26/2015 2162 views
I currently have a ticket open with support. Ever since our 6.4  upgrade I have about 1,400 machines that lose their AMP connection. When I take a look at them the amp_auto.conf file is correct, but the amp.conf file just has host=kbox and the services have stopped. I've kept these machines semi-connected by running "amptools host=mykbox.domain.org" in my login script. At the next check-in it reverts back to just host=kbox.

When I brought this up to support they let me know that they have nothing that would be causing this. I also have a DNS entry to point "kbox" to one of my Kace servers. They have also never heard of this. I'm going on two weeks now of these machines having issues. I know I didn't dream up the DNS entry for "kbox", but for the life of me I cannot find any technical documentation to back me up. Right now I'm currently being told that something I'm doing is changing the name in the amp.conf file even though I had no issues at all on 6.3. Does anyone have any links that back this up, or has anything seen this especially on 6.4?

I created a custom inventory rule to inventory that file. Is anyone else seeing host=kbox?

ShellCommandTextReturn(cmd.exe /c type C:\programdata\dell\kace\amp.conf)
Answer Summary:
0 Comments   [ + ] Show comments


Answer Chosen by the Author

I ended up updating my SAN cert to include "kbox.mydomain.org". I applied to to all of my Kbox's and since then I haven't had any trouble. My best guess was the addition of Konea in 6.4 that may have caused this. Either way I know it's not a standard config. 

I'm curious on how many customers out there run multiple Kace servers with SSL?
Answered 11/03/2015 by: dugullett
Red Belt

All Answers

I have been running 6.4 since March and have not seen that.  I put your CIR in place to see what shows, my machine and one test machine look OK.
Answered 10/27/2015 by: SMal.tmcc
Red Belt

  • Yeah mine isn't every machine, but a good amount. Do you have a DNS entry for "Kbox"?
    • Yeah we do have DNS entry, will let you know on the cir about 500 of my machines have checked in since creating CIR and they all look good. I am running SSL Server Version: 6.4.119927
      Agent Version: 6.4.180
      • A lot of my issues are caused from having multiple Kboxs. If I just had the one if it failed over to "Kbox" the DNS would pick it up, and it would correct itself to the new name. I'm not sure how well that CIR will work with just on Kbox.

        Just curious... who told you about the DNS entry? I've always had it in there for years. Support is making it sound like they've never heard of doing that, and a result pointing the finger at that being the issue. Of course now I cannot find any docs to back me up. :)
      • That was from 5.x days they had us put it in when we were doing jump start. We have entries for both the k1000 and k2000. Here is one article that mentions DNS from 5.x days https://support.software.dell.com/k1000-systems-management-appliance/kb/111863
      • cannot see how you would reach the web UI from a browser without a DNS entry either
never seen this behaviour.
The amp.conf ist only modified by the KACE appliance if you run a script to do this or deploy the agents or file copy or similar.
Check your settings and also check your AD settings if a script is changing this setting

Answered 10/27/2015 by: Nico_K
Red Belt

  • I've looked through everything. I have recently disabled the GPO deployment. I've double checked AV settings. This was not an issue at all on 6.3. I came in, and updated to 6.4 and lost 2,500 AMP connections instantly. I was able to get a lot of them back via a login script running amptools, and using psexec. Over the weekend I verified that the majority had connected back up. I then removed the login script, and had the same amount of failure. What's getting me is it's not 100% of my machines. Our machines are VERY cookie cutter though. I could understand if it was happening to all.

    I updated two of my servers to 6.4, and I'm having the issue on both. Luckily one of them is where I have the DNS redirected to. I have another still on 6.3, and I'm not seeing the issue at all.

    My other thought was Konea. I noticed that was new in 6.4. The way I'm generating my cert for my Kbox's is not the standard way. I'm wondering how many users out there are actually running more that one Kbox?
The CIR has been running 24hours and I have also found that bug in one org
the first org has 791 machines that have the cir now and they all look ok
the 2nd org has 497 machines with the CIR and 2 of those have the same symptoms.  It also effects the amp_auto.conf file.

Answered 10/28/2015 by: SMal.tmcc
Red Belt

  • I've always just had a handful of machines. I have scripts on the Kbox's that basically say if you're in this label you belong to this Kbox, and it moves it over. After the 6.4 upgrade I had thousands show up. The one with the DNS entry never experienced a problem (noticeable anyways), but the other was pretty bad.

    I updated my SSL cert to include kbox.domain.org last night since none of my Kboxs have that name. My thinking is it has something to do with Konea that was released in 6.4. Looking at the konea.log file it would do a ping for days before making a connection at which point it was the wrong server. It seems to be working better today with the occasional machine going to the wrong box. I'm going to remove my login script later this week to see if it maintains.

    I have one more Kbox with the same config as the problem one that is still on 6.3, and I'm not seeing one error. Unfortunately I think I'm one of the few with multiple Kace servers.
    • The SSL cert seems to be a lot of the issue. I had 14 machines last night move over to the wrong box all at the same time. I verified no scripts etc were running on those machines. When I checked the event log I had the message below. I would assume the agent was corrupted? I'm still waiting to hear back from support, but I'm thinking about attempting to run a repair.

      The description for Event ID 0 from source AMPWatchDog cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

      If the event originated on another computer, the display information had to be saved with the event.

      The following information was included with the event:

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ