donkeykongjr

@rshumsky Could you help with this one?

Is there anyway that we can include a variable for the "KLHST_WKS_HOSTNAME" to the alerts generated by the KSC? If that were possible we could get straight to the endpoint in question without having to drill-down by making quite so many calls and server-side array queries. It would also avoid any ambiguity where endpoint hostnames can occur more than once across different sites/groups.

Is there anyway that we can include a variable for the "KLHST_WKS_HOSTNAME" to the alerts from the KSC? If that were possible we could get straight to the endpoint in question without having to drill-down by making quite so many calls and server-side array queries. It would also avoid any ambiguity where endpoint hostnames can occur more than once across different sites/groups.

Is there no way to close an already open session when you are done with it? I am used to opening a session, passing some commands then closing or deleting that session. if not we could try using the token authentication method, but the documentation for the APi is not the best and the layout can be a little confusing at times.

Thanks for the reply rshumsky . Unfortunately we are having problems establishing a session again to the API using the basic authentication method. This works fine for roughly 24 hours then following that whenever we try to start a session again we receive a 403 forbidden response with a message "authentication header unexpected". If we try a new account this will work again, but by tomorrow we will receive the same message.

rshumsky Could you help with this?

Can anyone shed some light on the proper syntax/format to use in a cURL command that will return results to the strAccessor wstring? We are trying to query the FindGroups and FindHosts methods of the HostGroup class so that we can return hostnames to work with (KLHST_WKS_HOSTNAME) but not having any luck. As an example, the data field we are passing to FindGroups is currently -d '{wstrFilter: "", vecFieldsToReturn: ["id", "name"], lMaxLifeTime: 60}'

rshumsky Thanks for your assistance with this one. It appears that our documentation was incorrect and the web console was installed using a different port! Have changed the port and now can authenticate.

Thanks rshumsky , We have already tried it without the internal field but with no internal field specified we receive a message stating that the authentication header is invalid. If we keep the internal field and set it to 0, we receive the same message.

We are having the same problem using cURL on windows for testing and cannot login. We have tried many variants and also receive an authentication failure message. The current command we are using is curl -X POST https://hostname:13299/api/v1.0/login -H "Authorization: KSCBasic user="username", pass="password", internal="1"" -H "Content-Type: application/json" -H "Content-Length: 2" -d "{}" -k -v The user account is a full local admin on the server and can login to the MMC console. Username and password have been Base64 encoded. We have also tried using Postman and receive the same error message.

Hi guys, Thanks for replying. I have managed to work around this now and for the affected machines have run a shell script to uninstall the agent through our RMM system followed by another to install it and all seems to be fine now. For some reason installing from the dmg seemed to cause an issue on some machines, For these ones, extracting the contents of the dmg and installing using the shell script with a few changes seems to be fine.

Hey Intrusus, Were you able to get anywhere with this? We have exactly the same problem with the Network Agent on all of our Mac installations. We have not yet deployed KES, just the agent itself. These appear to install without issue but never check in to the KSC. Running klnagchk on the machines gives us exactly the same error as above - 1128 the product was not installed correctly.