Jump to content
Kaspersky Support Forum

About this blog

Entries in this blog

Known Problem

KSC API use cases examples - retrieving Events, HW, SW inventory [KSC for Windows]

Description and cautions The article shares working example of using KSC API calls for one of the available scenarios - retrieving events, HW and/or SW inventory data. For the Windows version of cURL, you need to specify that the arguments need to be escaped with "\", otherwise there will be an error. For example:  'Authorization: KSCBasic user=\"YXBpLXVzZXI=\", pass=\"cGFzc3dvcmQ=\", internal=\"1\"' Details Prerequisites internal user: api-user Exa
svc_kms

svc_kms in Known Problem

0
Known Problem

Get error "curl: (58) schannel: Failed to import cert file" when sending a request via KPSN API from Windows client [Kaspersky Private Security Network]

Issue An attempt to send POST request via KPSN API from a Windows client.: curl --cert C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_crt.pem --key C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_key.pem -k -X POST -d "{\\"action ": \\"check_url\\",\\"data ": {\\"urls ": [\\"website1.com "]}}" https://10.90.116.27:80/api/ Fails with the following error: curl: (58) schannel: Failed to import cert file C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_crt.pem, last error is 0x80092002 Th
svc_kms

svc_kms in Known Problem

0
Known Problem

Akconnect utility description [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. When troubleshooting typical KSC issues, you will likely need to check the availability of TCP port 13000 on the KSC Server.  Both telnet and akconnect tools can be used to achieve this. Syntax is very simple: akconnect host port Examples: akconnect.exe 192.168.1.19 13000 >akconnectoutput.txt telnet 192.168.1.19 13000 >telnetoutput.txt Where 192.168.1.19 is the IP address or DN
svc_kms

svc_kms in Known Problem

0
Known Problem

"Administration Server has untrusted self signed certificate" error in Web Console [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Scenario: When login to KSC Web Console, it shows the following error: Administration Server uses an untrusted self-signed certificate. Please modify the application configuration by specifying a valid certificate for Administration Server. Alternative wording (for older KSC versions): Administration Server has untrusted self signed certificate. Please, reconfigure the application with corre
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC API use cases examples - tasks results and statistics data for Dashboards and Reports [KSC for Windows]

Description and cautions The article shares working examples of using KSC API calls for one of the available scenarios - retrieving tasks results and statistics data for Dashboards and Reports. For the Windows version of cURL, you need to specify that the arguments need to be escaped with "\", otherwise there will be an error. For example:  'Authorization: KSCBasic user=\"YXBpLXVzZXI=\", pass=\"cGFzc3dvcmQ=\", internal=\"1\"' Details Prerequisites internal
svc_kms

svc_kms in Known Problem

0
Known Problem

Troubleshooting klnagent connection issues by analyzing klnagchk log+openssl verification of TLS traffic [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Klnagchk.exe is usually used to check if the connection between server and NAgent is OK. The expected result is the following: Attempting to connect to Administration Server...OK Attempting to connect to Network Agent...OK Network Agent is running. In case of problem with klnagent service, Kaspersky Network Agent should be re-installed and trace collected.  If there is a probl
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC API use cases examples - publishing KSC virtual server Administration Agent package [KSC for Windows]

Description and cautions The article shares working examples of using KSC API calls for one of the available scenarios - publishing KSC virtual server Administration Agent package. For the Windows version of cURL, you need to specify that the arguments need to be escaped with "\", otherwise there will be an error. For example:  'Authorization: KSCBasic user=\"YXBpLXVzZXI=\", pass=\"cGFzc3dvcmQ=\", internal=\"1\"' Details Prerequisites Make sure
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC backup task fails with System error 0x800703FA [KSC for Windows]

Description Sometimes KSC backup task may fail with the following error: #1181 (-2147023878) System error 0x800703FA (Illegal operation attempted on a registry key that has been marked for deletion.) At first, rebooting the OS may help, but the error may return. Cause The user identity associated with the COM+ application was logged on when the COM+ application was first initialized. If that user logs off, their profile will be unloaded and the COM+ application will no l
svc_kms

svc_kms in Known Problem

0
Known Problem

Events are not received by KSC or not transferred to SIEM [KSC for Windows]

Problem Sometimes the problem with events receiving/transferring on KSC (including export to SIEM) may occur. The first thing that you have to check is Kaspersky Event Log. The following warnings may occur: Warning Total number of events stored in database (4010532) has exceeded the actual limit of 4000000 event(s). Starting to delete excessive events from the database... Warning 600 event(s) have been deleted from the database because the limit
svc_kms

svc_kms in Known Problem

0
Known Problem

Failed to install the software module update - Bad Junction [KSC for Windows]

Problem Description, Symptoms & Impact When deploying Auto patches from KSC, installing Network Agent or Kaspersky Endpoint Security, installation fails with bad junction errors. Diagnostics While Auto patch deployments over KSC will directly generate an event in Events section of KSC, manual Network Agent or KES installations will end with Fatal Error message and installation logs will contain information such as below: Application: Kaspersky Security Cent
svc_kms

svc_kms in Known Problem

0
Known Problem

Configuring domain authentication by using NTLM and Kerberos protocols [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. The article is giving a working configuration instructions for domain authentication by using NTLM and Kerberos protocols. NOTE: Domain authentication in OpenAPI over Kerberos protocol has the following restrictions: Administration Server address must be specified exactly as the address for which the Service Principal Name (SPN) is registered for domain account name. In the domain, yo
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC Network Agent Installation errors: "Setup Wizard cannot process the command line", "Setup wizard cannot process the internal error." [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Product: Any KSC version Problem Description, Symptoms & Impact Network Agent local installation errors: "Setup Wizard cannot process the command line", "Setup wizard cannot process the internal error."  Diagnostics Error can be found on the screenshots or in the installation log. Workaro
svc_kms

svc_kms in Known Problem

0
Known Problem

Deployment of a Kaspersky failover cluster [KSC for Windows]

Description and cautions That article is describing a specific scenario: HA Cluster KSC with 4 CGWs between two different and geographical isolation DC (Data Center). High level procedure: KLAdmins group: ksc, rightless / gmsa-ksc-server, gmsa-ksc-nwc; $KSC-NODE-1, $KSC-NODE-2, $SQL-SRV / sql / gmsa-sql-server SMB shares: data, state, sc_backup, kl-share | SMB Permissions NTFS ACL - - Full Control for KLAdmins Created MS SQL Database - KLFOC | Grand Access
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC backup fails with "Error -1963 ('Database connection is broken " 'Connection failure{08S01};' [KSC for Windows]

Scenario After the deployment of KSC in the environment, the Backup task fails with the following error using the KSC Backup task or klbackup utility (screenshot is below). All the permissions were correctly assigned on the shared folder, and ports were opened, but still the backup was failing. There were no blocking events in the Firewall traffic logs. Error -1963 ('Database connection is broken " 'Connection failure{08S01};' LastStataement='select type from sys.system_object whe
svc_kms

svc_kms in Known Problem

0
Known Problem

Patch Management FAQ [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. If you open KSC -> Advanced -> Application management -> Software Updates, there is a column Not assigned for installation (new version). Some computers may have this status or Not assigned for installation status. What does it mean? Installation status Not assigned for installation means that the update is applicable for this host (as a minor upgrade), but there is no patch management tasks
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC update error: Failed to establish the HTTPS connection: TLS error (54) [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Product:  KSC 11+ Applies also to the update utility version 4.1 and more recent. Consider the following problematic scenarios: You have installed KSWS on the KSC server and enabled Traffic Security component and Traffic Security uses MITM mechanism to analyze traffic. You use a 3rd party sof
svc_kms

svc_kms in Known Problem

0
Known Problem

NetAgent14: Installation Error "System Error 0x1F (Device attached to the system doesn't work) [KSC for Windows]

Problem Description, Symptoms & Impact The installation of the Network Agent isn't possible on a device because of the error System error 0x1F (A device attached to the system is not functioning.) Diagnostics In the MSI Log and Application Eventlog can be found the following line: (1192/0x0 ("System container 'LOC-PUB-6EEB50F8D2EB46029DB4CCB77E0DA651' is corrupt") Workaround & Solution The issue comes from a corrupt cryptostorage in the OS. It's not a KL rel
svc_kms

svc_kms in Known Problem

0
Known Problem

Get error "curl: (58) schannel: Failed to import cert file" when sending a request via KPSN API from Windows client [Kaspersky Private Security Network]

Issue An attempt to send POST request via KPSN API from a Windows client.: curl --cert C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_crt.pem --key C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_key.pem -k -X POST -d "{\\"action ": \\"check_url\\",\\"data ": {\\"urls ": [\\"website1.com "]}}" https://10.90.116.27:80/api/ Fails with the following error: curl: (58) schannel: Failed to import cert file C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_crt.pem, last error is 0x8009200
Stan Shpatar

Stan Shpatar in Known Problem

0
Known Problem

Error 80240037 Windows patch management [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.   Problem: You have a new CPU in your managed device and Windows operating system released prior to Windows 10\Windows Server 2016. Start "Find vulnerabilities and required updates" for a managed devices. Task results and Kaspersky Event log on a workstation may indicate a following error: Windows Update Agent error 80240037 ("The functionality for the operation is not supported.") #1181 (
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC update error: retranslation operation results in the TLS error "CrlHasExpired" [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Product:  KSC 11 and more recent versions Consider the following problematic scenario: You use a caching proxy server to download updates for the KSC Server, for example, Squid. KSC is configured to download updates via https (default config).  $up2date-1103-eka.log analysis KL uses the HTT
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC database fields explained: nIP, nStatus [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. There are multiple fields in database that are not easy to interpret. For example nIP, nStatus and many others. Most of them are from public view v_akpub_host which is one of the main sources of information about managed computer on KSC. The objective of this article is to help understanding the encoding used, if you want to learn more about public views and specific fields refer to klakdb.chm located in the
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC Web Console shows an error after upgrade - incorrect user or password [KSC for Windows]

The problem is in the certificate - it has a 1024 bit long key. While Web Console now works only with 2048 bit long keys.  The customer needs to reissue KSC server certificate to 2048 key length. What to do -  1. Generate reserve KSC certificate - for example by using command -  klsetsrvcert -t CR -g "dns_name" -o "RsaKeyLen:2048" where DNS name is DNS name of KSC 2. Wait several days - hosts will connect to KSC and receive reserve cert.  The customer could check on c
svc_kms

svc_kms in Known Problem

0
Known Problem

SIEM intergration - no events: the most frequent reason for error [KSC for Windows]

This article is about Kaspersky Security Center for Windows (KSC for Windows) Problem You set up integration with SIEM but no events come up on SIEM side. In some cases there is no incoming traffic to SIEM from KSC server. Solution In vast majority of cases the root cause can be located in KSC server trace Trace example #1 25.01.2017 09:56:56.855 00001320.0000015C L1 KLSPLG: There is no key for SystemM
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC backup fails with error Database is corrupted. At least one repository corrupted [KSC for Windows]

Scenario Backup task fails indicating corrupted files. Specific file names may vary.  The following error appears in Kaspersky Event Log (file name may vary): Database is corrupted. At least one repository corrupted C:\ProgramData\Application Data\KasperskyLab\adminkit\1093\gsyn\klsdata.dat has been corrupted and will not be recovered. Hardware fixing and application reinstallation are required. Possible root causes The most common reasons are OS crash and unexpected reb
svc_kms

svc_kms in Known Problem

0


×
×
  • Create New...