MilanBortel

Hello @rafa_64, there is a built-in task called “Uninstall application remotely”: New task wizard → KSC → Advanced​​​​​Inside this task, you can then choose, what app you want to uninstall. If it’s another AV, I’d try to go for incompatible application: Let me know, if it works for you ;) Cheers, Milan

I see.. Do you have all the NAgent repositories settings enforced? This is unlocked: This is enforced:

Hello @0xDEADC0DE, how about running Inventory task on the host? It might refresh info about installed apps and also OS .. #justguessing Cheers, Milan

Hi @MARYA, why don’t you poll your Active Directory? That would make it all much easier ;) KSC → Device discovery → Active Directory Let us know of result :) Cheers, Milan

Let me close this topic - see attached instructions which helped to solve the situation. Now, we are TLS 1.2 strict. Cheers, Milan

Hello Bob, I think you can solve this with combo - Device Control + Disk Encryption: disable all Removable Drives.. allow trusted device by ID (that would make it read/write of course).. but then - apply Encryption for entire removable drive: When a user connects untrusted USB it would be blocked.. when user connects trusted device it will be by default READ only and in case user wants to write on the disk - it encrypts the entire drive - thus makes it impossible to read on other device 😎 Cheers, Milan

Hello @Fredrik Buchanan, I haven’t used GPO, but I’d recommend trying to do via remote installation task, plus you can set it up, so the Agent would reinstall even if there is already one installed: Let me know, if it makes sense to you ;) Cheers, Milan

with “MSSQL communication can also be encrypted with SSL/TLS” you mean exactly what? I found this article and the way I see it - SQL 2016 supports TLS v1.2, you don’t need to explicitly set this up SQL is running, no problems at all..

I guess the executable looks for file src.sql within c:\windows\system32 where I believe you don’t have such file .. Try to change the working directory to where the src.sql file is located 🤓

and after few seconds the event log displays:

I’m getting back here just to say that updating client to KES 11.2.0.2254 solved this problem..

Well, this event appears in the event log: KSC can’t connect to DB

I waited… and waited … and waited … trust me, that didn’t help 😥

Hello guys, I want to use TLS v1.2 only on server with KSC. changed settings according to https://help.kaspersky.com/KSC/11/en-US/174316.htm restarted KSC service, everything is working fine when I set up the windows server to use only TLS v1.2 https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings then MMC console won’t connect to KSC server, restarting KSC service doesn’t help, restarting windows server doesn’t help: KSC fails to connect only allowing TLS v1.0 from step 3 helps to recover the KSC KSC is running on Windows Server 2016 Standard SQL is running on Windows Server 2012 R2 SQL 2016 Thanks for your ideas, Milan

Hello, I’d recommend to reinstall NAgent via KSC remote installation task. Be careful to disable: reinstalling Network AgentWith this task, you kind of force reinstall the agent .. I’d give it a try 🤓 Cheers, Milan

Hello @JojoArchbold, did you try to restart KSC service? Might help.. I also sometimes “refresh” the devices container (just right-click and Refresh) 🤠 Cheers, Milan

Hello @guitardood, I might have found your problem - KES 11.3.0.773 is only compatible with KSC 12! You can find details in this article. My recommendations - upgrade KSC to version 12 (I have an easy to follow guide on my YT channel here), then your KES hosts will be fully compatible 😎 Cheers, Milan

Hi Tommy, is KSC installed on the same machine as the SQL server? M.

Hi @Nikolay arinchev, you can find GSI log here. Will send the password through private message. Thanks! Milan

Hey everyone, I got this error from one of my machines many times last night.. Never seen before.. KES 11.1.0.15919 Windows 10 1803 Thanks for your ideas 🤔

At least events “application uninstalled/application installed” for, e.g. Chrome update are being published. > Is it true, that there is no access for that machines using KSC diagnostic utilities? Ehm… how can I do it remotely? Right-click on the device in KSC and go Custom tools→ Remote diagnostics Remote diagnostics in KSC

Hi @aehrlich, I’ve been facing the same error on one particular machine - and it was after recent Windows Updates (Feature Update → 1903 → 1909) 😡 I’m afraid that the only thing that helped was a complete reinstall KES + NAgent (using stand-alone installation package). That machine was also connected via VPN to my KSC … after reinstalling, Network Agent finally recognized that there IS a KES installed..from that moment, it’s working now correctly .. Cheers, Milan

I’d also add to create and schedule regularly “Backup of Administration Server data” task - remember, when installing KSC it automatically generates unique certificate, which is then used for key features (SSL communication with clients, Data Encryption). Without having a backup, you lose the original certificate and you would need to reinstall KSC with all clients! 😈

Hello guys, I’m having an issue with logging in the Web console (11.1.144). No matter if I try to log in on the same machine as KSC is installed or from any other, the page displays an error: Information on your page is out of date. Please, refresh page and login again. Have anyone seen the same issue? Milan PS: yes, we tried reinstalling the web console already 😜

Hi Mario, you mean to prevent user from logging into Windows? This can be done on the Active Directory side … see https://community.spiceworks.com/topic/2054421-lockout-ad-user-without-disabling Or did you want to achieve something else? Cheers, Milan