Jump to content
Kaspersky Support Forum

About this blog

Entries in this blog

Known problem

"Administration Server has untrusted self signed certificate" error in Web Console [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Scenario: When login to KSC Web Console, it shows the following error: Administration Server uses an untrusted self-signed certificate. Please modify the application configuration by specifying a valid certificate for Administration Server. Alternative wording (for older KSC versions): Administration Server has untrusted self signed certificate. Please, reconfigure the application with corre
svc_kms

svc_kms in Known problem

0
Known problem

KSC: System error 0x52E (Logon failure: unknown user name or bad password) when downloading updates to the repository [KSC for Windows]

Try the following: 1. Check if the Administration Server is configured to use a proxy server on the Kaspersky Security Center server. 2. Try to clear the updates repository. Download the updates once again and check behavior. If you still have issues, Delete the Download updates repository task and create a fresh task.
svc_kms

svc_kms in Known problem

0
Known problem

NAgent upgrade failure due to mismatch between .msi packages [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. NAgent upgrade failure because the old agent was installed from a different .msi package than the new NAgent's .msi package. The below logs describe the root cause. KLNAG_INS_MSI: CheckInstalledMsiName: installed name 'KasperskyNetworkAgent', installed ext '.msi'  MSI_UTILS: CAGetProperty(OriginalDatabase) called...  KLNAG_INS_MSI: CheckInstalledMsiName: installing name 'Kaspersky Network Agent'
svc_kms

svc_kms in Known problem

0
Known problem

Importing a new SSL certificate for KSC Web Console [Kaspersky Security Center]

Problem After importing a custom certificate instead of a default self-signed one for accessing KSC 13 Web Console, you cannot reach Web Console. When using the default certificate, there is now issue with Web Console. Solution There are several causes and solutions for this issue: You might be using Internet Explorer or any other unsupported browser to access Web Console. So first we need to check if the browser is supported by KSC. Ref : https://support.kas
svc_kms

svc_kms in Known problem

0
Known problem

KSC server is not accounted for in activation code count [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Article applies to KSC13-15.1 Consider the following scenario: Open KSC MMC console; Go to Kaspersky licenses; Select KSC license. Devices on which the license key is active is zero regardless of fact that this key is assigned as active on KSC Server: Explanation In older versions of Kaspersky applications, several license key files were provided to activate
svc_kms

svc_kms in Known problem

0
Known problem

Events are not received by KSC or not transferred to SIEM [KSC for Windows]

Problem Sometimes the problem with events receiving/transferring on KSC (including export to SIEM) may occur. The first thing that you have to check is Kaspersky Event Log. The following warnings may occur: Warning Total number of events stored in database (4010532) has exceeded the actual limit of 4000000 event(s). Starting to delete excessive events from the database... Warning 600 event(s) have been deleted from the database because the limit
svc_kms

svc_kms in Known problem

0
Known problem

Fix vulnerabilities task fails with error 'Transaction became the database conflict victim: '1205, ...' [KSC for Windows]

Problem While running Fix vulnerabilities task, the following error can occur: 'Transaction became the database conflict victim: '1205, 'Lock wait timeout exceeded; try restarting transaction' , LastStatement='CALL vapm_arrange_task_updates(119, 0xC89EAD3312227039C9FAC933840D7936)' Solution Most possible, the reason of the problem is that you have Fix vulnerabilities task or tasks with a big number of vulnerabilities that should be fixed inside one task. For example, you scro
svc_kms

svc_kms in Known problem

0
Known problem

KSC displays the message "you must install WADK" even if WADK is installed [KSC for Windows]

Problem You install latest Windows Assessment and Deployment Kit (Windows ADK) on the server where KSC is installed, but KSC console still shows message "to deploy OS images, you must install the Windows Assessment and Deployment Kit (Windows ADK) on the device that has KSC installed". Solution KSC doesn't see all the needed WADK components being installed. Because Microsoft is always changing components within their installation packages, we recommend to install all utiliti
svc_kms

svc_kms in Known problem

0
Known problem

KSC backup fails with error Database is corrupted. At least one repository corrupted [KSC for Windows]

Scenario Backup task fails indicating corrupted files. Specific file names may vary.  The following error appears in Kaspersky Event Log (file name may vary): Database is corrupted. At least one repository corrupted C:\ProgramData\Application Data\KasperskyLab\adminkit\1093\gsyn\klsdata.dat has been corrupted and will not be recovered. Hardware fixing and application reinstallation are required. Possible root causes The most common reasons are OS crash and unexpected reb
svc_kms

svc_kms in Known problem

0
Known problem

Patch Management FAQ [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. If you open KSC -> Advanced -> Application management -> Software Updates, there is a column Not assigned for installation (new version). Some computers may have this status or Not assigned for installation status. What does it mean? Installation status Not assigned for installation means that the update is applicable for this host (as a minor upgrade), but there is no patch management tasks
svc_kms

svc_kms in Known problem

0
Known problem

KSC Application registry doesn't clear information about deleted applications [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Application registry in KSC contains information about applications that was deleted. Reinstalling Network Agent on a workstation should solve a problem. This behavior can be caused by per-user applications. You can alter how long network agent will retain information about applications on a managed workstation: On a managed workstation : Add a registry key: [HKEY_LOCAL_MACH
svc_kms

svc_kms in Known problem

0
Known problem

Error 80240037 Windows patch management [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.   Problem: You have a new CPU in your managed device and Windows operating system released prior to Windows 10\Windows Server 2016. Start "Find vulnerabilities and required updates" for a managed devices. Task results and Kaspersky Event log on a workstation may indicate a following error: Windows Update Agent error 80240037 ("The functionality for the operation is not supported.") #1181 (
svc_kms

svc_kms in Known problem

0
Known problem

Microsoft Store gets blocked when KSC is acting as WSUS [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.   Problem When you assign KSC as WSUS all hosts are not able to download anything from Microsoft Store. It is a Microsoft's design limitation. Description When KSC acts as WSUS group policy (GPO) "DoNotConnectToWindowsUpdateInternetLocations" is applied to the hosts. It is needed to prohibit hosts from downloading updates from the Internet (it is relevant for Windows 10/Server 2016). Such
svc_kms

svc_kms in Known problem

0
Known problem

KSC database fields explained: nIP, nStatus [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. There are multiple fields in database that are not easy to interpret. For example nIP, nStatus and many others. Most of them are from public view v_akpub_host which is one of the main sources of information about managed computer on KSC. The objective of this article is to help understanding the encoding used, if you want to learn more about public views and specific fields refer to klakdb.chm located in the
svc_kms

svc_kms in Known problem

0
Known problem

KSC backup task fails with System error 0x800703FA [KSC for Windows]

Description Sometimes KSC backup task may fail with the following error: #1181 (-2147023878) System error 0x800703FA (Illegal operation attempted on a registry key that has been marked for deletion.) At first, rebooting the OS may help, but the error may return. Cause The user identity associated with the COM+ application was logged on when the COM+ application was first initialized. If that user logs off, their profile will be unloaded and the COM+ application will no l
svc_kms

svc_kms in Known problem

0
Known problem

KSC and ROBOT attack [KSC for Windows]

This article explains ROBOT attack, RSA Key Exchange, OpenSSL and KSC. Explanation If you are running security analyzer and it shows that connections on ports 13000 (server-nagent traffic) and 17000 (activation proxy) are suspicious for a ROBOT attack, don't panic. Automatic analysis is not accurate. Run specific diagnostics to make sure that KSC traffic is actually not vulnerable. Examples: https://testssl.sh/ https://github.com/robotattackorg/robot-det
svc_kms

svc_kms in Known problem

0
Known problem

KSC OpenSSL protcomp vulnerabilities [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. When running security analyzers on KSC server you may occasionally get warnings about outdated OpenSSL libraries. Normally these vulnerabilities can not be exploited as the OpenSSL library is used in a very specific way. If vulnerable OpenSSL libraries were found in C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\protcomp then there is actually no way to exploit it. Due to this fact this library is us
svc_kms

svc_kms in Known problem

0
Known problem

KSC Distribution Points auto-assignment and selection [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Sometimes it's not clear how KSC assigns Distribution Point (DP) for Managed groups or NLA subnets, and how clients choose DP.  Automatic assignment of distribution points is enabled in Kaspersky Security Center by default. The Administration Server automatically selects the scopes for distribution points, and assigns one or multiple distribution points to each scope depending on how many client
svc_kms

svc_kms in Known problem

0
Known problem

Troubleshooting klnagent connection issues by analyzing klnagchk log+openssl verification of TLS traffic [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Klnagchk.exe is usually used to check if the connection between server and NAgent is OK. The expected result is the following: Attempting to connect to Administration Server...OK Attempting to connect to Network Agent...OK Network Agent is running. In case of problem with klnagent service, Kaspersky Network Agent should be re-installed and trace collected.  If there is a probl
svc_kms

svc_kms in Known problem

0
Known problem

KSC difference between Application Registry and Incompatible Applications Report [KSC for Windows]

Problem You may run into differences between Application Registry and Incompatible Applications Report when trying to find computers with incompatible applications. For example, you created Device selection based on an Applications registry criteria, where you specified incompatible application name in Application name field and got a device selection of 12 computers. After that, you open Incompatible Applications Report and only get 3 computers with that software. It is expected, and
svc_kms

svc_kms in Known problem

0
Known problem

Computer description field is not updated on KSC console

Problem Computer description may stop updating on KSC console. It may be different from what is set on managed PC in computer properties. Solution If computer description field was changed on KSC side manually it will no be updated again. To enable synchronization with local description you have to delete the computer from managed computers group, then from unassigned, and add it back. In case it did not help check that the following services are enabled (set to automatic sta
svc_kms

svc_kms in Known problem

0
Known problem

Issue with encoding of events transferred to SIEM by the KSC [Kaspersky Security Center]

KSC sends events to SIEM in UTF-8 encoding. If the events received from KSC in the SIEM system look unreadable, for example, like this: Тип приложениÑ: ÐеизвеÑтное приложение\r\nÐаправление: ВходÑщее\r\nПротокол: ICMPv6\r\nСтатуÑ: Разрешено\r\nУдаленныРIt is necessary to configure UTF-8 encoding in the SIEM system itself.
Stan Shpatar

Stan Shpatar in Known problem

0


×
×
  • Create New...