Jump to content


  • Content count

  • Joined

  • Last visited

About ak01

  • Rank

Recent Profile Visitors

372 profile views
  1. Thank you. I would like to follow this page (get an e- Mail), but I can only follow sub topics of "Beta Testing". Is it possible to follow the whole page?
  2. ok, thank you. Could you please post a new message within this topic when you have news (e.g. dates, a beta version etc.)?
  3. you stated in February: "The beta testing for KSWS10 SP1 will not start till at least Summer.". When is the beta test scheduled to start? Could you please tell me the current time plan (beta and release date)?
  4. KES 10 keep crashing and create enc1 files

    In my case, sometimes the Update task stops to work (the event section on KSC shows something like "not all components can be updated"), the task starts but does not finish for some reason. After some time (after several task executions which all fail), KES crashes, creates the mentioned dump files and after that crash, KES works again (the update task finishes successfully every time). In my case, this happens only on three computers where a special software is installed and which do not get rebooted for a few weeks. This problem happens on all of the latest KES10 versions. You can disable the creation of these dumps in the policy (so that it does not fill up the hard drive).
  5. We had the same problem and KES10SP2 should work best with Win10 so I just tried to update to that version (instead of creating a ticket) and it solved my issue. My strategy is to only use KES10SP2 for Win10. In our case, a “.application” File did not work. After the update to SP2, it worked again until now (we have not heard from the user so far).
  6. Are you using Windows 10? We had the same issue with KES10SP1MR3 and Win10 (all of a sudden). We basically updated to KES10SP2 (the latest KES version) and it worked again.
  7. Hi thank you, I was able to get the recovery key of a bitlocker controlled testpc (by KES10SP2). I booted into recovery mode of windows, which needs that recovery key to get the cmd window and the recovery key of KSC worked. I guess that KES/KSC gets the recovery key from the system when it enables bitlocker but what if someone changes the key afterwards manually just like in https://www.itsupportguides.com/knowledge-b...r-recovery-key/ Maybe I have to wait for a while but currently KSC still lists the old KeyID (when I actived the KES encryption policy) and not the one which is currently listed (by manage-bde ....). Have you implemented a periodic check of the latest Key ID/recovery key or do you just get the one after policy installation?
  8. We have some Surface Books where bitlocker was enabled at installation (without KES10SP2 Bitlocker control). Lately, a colleague disabled secure boot and after that, windows wanted the recovery key at boot up (it did not boot up without the key). The colleague, who installed the pc, saved the recovery key at installation, but it seems that after he joined the pc to our domain, the recovery key got recreated (and the old one did not work). The conclusion was that the data was lost and the pc had to be reinstalled from scratch. By the way, I tested KES10SP2 bitlocker control earlier and maybe want to use it. I read that KSC stores that recovery key but in that particular case, I would need the recovery key to type it in at boot up. Is it possible to export the recovery key from KSC and does it get updated when the key, for some reason, get changed?
  9. It would be nice to be able to define that users can only start group tasks. Right now, I can just define if they can manage (“Allow management of group tasks” and also stop) group tasks. I would like to have one policy option to allow just to start (e.g. update or fullscan) a group task but not to stop them (This should be another option within the policy -> stop group tasks). I would like to have the following options within KES policy: “Allow management of group tasks” “Allow start of group tasks” “Allow stop of group tasks”
  10. So you do not want to change this behaviour. It would be nice if you would put my suggestion onto a todo list for a future version because beside that, the feature to execute a specific exe/script on a certain number of computers immediately is very useful. When KLSHARE\Packages is not the location where all the software/package sources are stored, where do you store all these files (some setup.exe are pretty huge)? Do you store them in the database?
  11. It would be nice to have some sort of „update files“ button within every installation package. Can you tell me what the KLSHARE is good for (when it seems that it does not use the files out of that share)? I guess that this is not only bat file specific (as I mentioned you can also have configuration files beside installation software). Could you please put this onto a todo list for one of the next KSC versions?
  12. I think that this is not a bug, it is just how it got implemented. I have KSC 10.3.407 (but it also happened in 10.2.x). You can simply reproduce it: Generate a *.bat file with the following content: echo test >> C:\Windows\temp\test.txt After that, create an installation package (2nd option) in KSC and upload that bat file. Create a task out of that installation package and execute it on a particular PC (check if that file was generated). After that task finished, go to KLSHARE… into the exec folder of that installation package and add the following line: echo test2 >> C:\Windows\temp\test.txt Start the same installation task on another computer and check, if that file was generated and if the test.txt file has two lines (in my case, the file consists of only one line -> test). Even when I create a new installation task out of the same installation package, I get only one line (the change of the bat file was not recognized). When I start setup.exe out of the installation package folder on KLSHARE, I get two lines (how it should be)! I noticed that when I change the kpd file (sometimes I want to track the return code by [setupProcessResult]Wait=1), I have to do that before I create any installation task because afterwards, it does not recognize that change any more (and I do not get the return code of the started application/script). There are also installation programs (setup.exe) which use a configuration file within the same folder. If you have to change a setting within that configuration file, you have to delete the whole installation package to be able to deploy that new version. I think that there is some sort of cache within KSC (or the setup.exe) which is generated when the installation package gets created. If that is the case, how can I delete/refresh that?
  13. I use KSC to start scripts on certain computers. That works fine for me. Sometimes I have to change something within the script (or test certain script parts where several changes have to be made) so I change it on the KLSHARE\Packages\executable_packake(xxx)\exec\*.bat File, but when I start that task after that change on some computers, it still executes the original one (which was uploaded during installation package creation). It does not matter if I use new computers (where that task has not been started before) or if I restart the KSC service or even if I restart the KSC server itself. My work around right now is to delete all the tasks, delete the installation package and create it again, but that is inconvenient. Is there a trick to force KSC to use a new script within exec folder on KLSHARE?
  14. It would be nice to be able to upload an object, which got moved to backup to virustotal. It is not that I do not trust Kaspersky but some colleagues sometimes think that it might be a false positive, but when other vendors also think that this is a real malware, than they might agree with that. I can upload that object manually but when I restore that object/file from backup, KES immediately moves it back to the backup (which is normally good, but not in that case). It would be nice to have such an “upload to virustotal” option beside “send to Kaspersky” in KSC (in Advanced -> Repositories -> Backup).
  15. Thank you very much for the KES private fixes (for each version, KES10SP1MR2, KES10SP1MR3, KES10SP2) but a solution within the KES policy (turn it on or off) would be better. Furthermore, whenever an update/mr for KES is available, the old private fix has to be uninstalled (and reboot), KES update installed (and reboot) and the new private fix has to be installed (and reboot). Therefore, two more reboots have to be done. What if you consider to change the style of that window so that it will be a windows balloon or the same window like when KES finds a virus? Could you please consider my suggestions for the next KES version?