Jump to content
Kaspersky Support Forum

KSC Domain account lose device permissions after task run, reboot KSC fix it

MatheusPP
 Share

Recommended Posts

MatheusPP

MatheusPP

Posted
Posted

Hi,

I have recently splitted my KSC in servers/desktops and recreated them on Windows Server 2022, following the online documentation for installation, the only difference been one was configured with a AD group managed service account and the other using the autogenerated local account. After this rebuild I am seeing a wierd behavior on the KSC with the gMSA account.

Every time I, using the my priviledged account that installed the application, run a task like installing KES remotely, I lose all my permissions to see devices after some progress on the task. I can disconnect and connect normally, but on the monitoring dashboard it reports 0 devices managed (normally would display near 200), if I browse to the groups I cant see any devices.

If I reboot the KSC server and reconnect the console, everything is back to normal. At first it seems to be random, but I manage to correlate it to happen after I start some tasks.

I was unable to reproduce this problem on the other KSC that is running with the local account.

I tried to look into the documentation for a way to change the service account, but it seems it is not possible to migrate out of a gMSA for a local account, only the other way around.

Any idea in how to fix this?

Link to comment
Share on other sites
MatheusPP

MatheusPP

Posted
  • Author
Posted

The account used for the installation of KSC do not have automatic password rotation and has not changed its password since installation.

The account that runs the services is a group Managed Service Account that also connects to the database (SQL Server) using Windows Authentication, configured following guidance from:

 Step 9. Selecting the account to start Administration Server (kaspersky.com)

Link to comment
Share on other sites
Renan Corassa

Renan Corassa

Posted
Posted (edited)

Have you ever experienced a disconnection from the MMC console while using the interface?

Check the KSC Server event viewer to try to locate any warning and/or failure events.

I believe there may be some failure between KSC and the Database.

 

Edited by Renan Corassa
Link to comment
Share on other sites
MatheusPP

MatheusPP

Posted
  • Author
Posted

I only saw disconnects during reboots, it stays connected, I can browse the menus, see policies and KSC server properties, can see the tasks, packages, but all the devices go missing.

I should point out, I have other collegues using the same KSC and they are unable to reproduce my problem. I believe this to be an issue with my account been the one used to install the KSC.

Link to comment
Share on other sites
JL - KL DACH

JL - KL DACH

Posted
Posted

Hello,

please can you try using KLSRVSWCH Utility on the Adminsitrationserver directly to change the Service Account?
It is located in the Installation folder of Adminserver and have to be started "as Adminsitrator". Then try changing the account to another one which should be a Domain Administrator. More Info here:
https://support.kaspersky.com/help/KSC/14/en-US/13053.htm

Thank you in advance

Best Regards

 

Link to comment
Share on other sites
JL - KL DACH

JL - KL DACH

Posted
Posted

Hello,

local System account is greyed as described in the above link. 


"Windows Vista and later Windows versions do not allow the use of a LocalSystem account for the Administration Server. In these Windows versions, the LocalSystem account option is inactive."

Please refer to section:

To change an Administration Server service account to a user account or a managed service account:

 

Best Regards

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...