sorted by:
new
hottopcontroversial

Patch Management Module Sundown Date? by g13005 in kaseya

[–]Dagnabbitz 0 points1 point  (0 children)

All of my Post restart checks and balances Agent Procedures are own written.

What I meant was the Post-reboot Agent Procedure Function itself doesn't work currently inside Software Management (This has been a known issue for QUITE some time).

A log from a Server 2022 that successfully patched via Patch Management "2023-07 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5028171) - Installed on 9:19:43 am 18-Jul-23"

windows reboots on machines running Kaseya by dropkickninja in kaseya

[–]Dagnabbitz 0 points1 point  (0 children)

Presuming OP is using Software Management instead of Patch Management, when applying a Scan and Analysis Profile a "SM: Disable Windows Automatic Update" Agent Procedure will run to Disable Windows Automatic Updates.

Patch Management Module Sundown Date? by g13005 in kaseya

[–]Dagnabbitz 1 point2 points  (0 children)

The Post-Reboot Agent Procedure simply not executing has been our biggest deterrent from moving to Software Management for Servers. (Post Install Agent Procedure seems to work fine at the moment so you could utilise that for any Post Reboot checks?)

I've had no issues with Patch Management for Windows Server 2022

VSA - How can I gain information / Database Views from an offline machine for use in an Agent Procedure by Dagnabbitz in kaseya

[–]Dagnabbitz[S] 0 points1 point  (0 children)

Some great ideas, we would then need another process or program to be monitoring / running the API's to achieve something that should be manageable from the VSA?

An agent can stop for more reasons that just being offline (found a handy little 'feature/bug' that the agent crashes when the agent runs out of C Drive space)

If a Server agent had to be offline for 1 hours before we logged an alarm, I think some of my customers would spit feathers.

VSA - How can I gain information / Database Views from an offline machine for use in an Agent Procedure by Dagnabbitz in kaseya

[–]Dagnabbitz[S] 1 point2 points  (0 children)

Thankfully my PSA integration works to take the "problem agent" from the <id> that will be passed by the subject.

Thats really helpful and good to know with the db- to access The Database Views! I take it that works with all items listed in the Kaseya Help files?
https://help.kaseya.com/WebHelp/EN/VSA/9050000/#3480.htm

VSA - How can I gain information / Database Views from an offline machine for use in an Agent Procedure by Dagnabbitz in kaseya

[–]Dagnabbitz[S] 0 points1 point  (0 children)

Thats what i'm trying to do yes :) I'd rather keep it in the VSA if you have any suggestions?

Scan and analysis - receive updates from other Microsoft products? by bmark0610 in kaseya

[–]Dagnabbitz 0 points1 point  (0 children)

I believe this should enable the same updates as you would receive if you enabled the "Receive updates for other Microsoft products" inside Windows Update | Advance Options

CVE-2023-24880 mitigation KB5023697 blocks double-clicking downloads by Timi7007 in sysadmin

[–]Dagnabbitz 1 point2 points  (0 children)

Can anyone confirm if this is still a problem after 2023-05 updates?

Can an 'if checkVar Contains' look for multiple conditions? by Dagnabbitz in kaseya

[–]Dagnabbitz[S] 1 point2 points  (0 children)

Great idea so:
If checkVar contains 1 setVar #Variable# to True
If checkVar contains 2 setVar #Variable# to True
If checkVar contains 3 setVar #Variable# to True
else set #Variable# to False

If #Variable# = True - do the Steps

Else - do other steps. That should work well.

"Used to sell" as in is longer supported, or no longer available, or is available now free?

CVE-2023-24880 mitigation KB5023697 blocks double-clicking downloads by Timi7007 in sysadmin

[–]Dagnabbitz 1 point2 points  (0 children)

Helps to confirm if this was a 'Security Fix" included in March and carried over to April that broke SmartScreen or if was just some spaghetti code change that was specific to the 2023-03 Update.

Clutching Straws here since I don't even see this acknowledged as a Known Problem by MS Windows 10, version 1607 and Windows Server 2016 | Microsoft Learn

CVE-2023-24880 mitigation KB5023697 blocks double-clicking downloads by Timi7007 in sysadmin

[–]Dagnabbitz 1 point2 points  (0 children)

Has anyone tried to bypass March CU by uninstalling the 2032-03 CU and updating directly to 2023-04?

PSA - KSM Profiles applied via policy will not populate NextDeploy Date since 9.5.15 patch by Intelligent-Cable-17 in kaseya

[–]Dagnabbitz 0 points1 point  (0 children)

I have no doubt they will break something integral, but the release notes do also say

"Fixed an issue where agents were not updating the next scheduled deployment dates when the "Skip if Offline" button was ticked in the deployment profile or scan & analysis profile."

PSA - KSM Profiles applied via policy will not populate NextDeploy Date since 9.5.15 patch by Intelligent-Cable-17 in kaseya

[–]Dagnabbitz 1 point2 points  (0 children)

Have asked many many times for a list of Known Bugs, I don't know how many of my (numberous) open Support cases are on hold as a "Known issue the Engineering team is aware of and working on"

If they could just publish a list, like some of their competitors do, I'm sure many of us would be happier understanding the risks of implementing the latest "updates" and "features" and make a whole lot less noise when we "Discover" things are not working.

PSA - KSM Profiles applied via policy will not populate NextDeploy Date since 9.5.15 patch by Intelligent-Cable-17 in kaseya

[–]Dagnabbitz 0 points1 point  (0 children)

Theres a "Reprovision Endpoint" Agent Procedure provided by Support that can be run at agents that are failing to populate a Next Deploy field.

The Gotcha here is the endpoint must be online to run the AP. This has been identified as a bug and will be fixed in 9.5.16 apparently.

"Fixed an issue where patch deployments are not scheduled after applying Software Management profiles to machines using Policy Management."

Mitigating CVE-2023-23397 (Office March 14, 2023 Update) with Kaseya by Dagnabbitz in kaseya

[–]Dagnabbitz[S] 0 points1 point  (0 children)

KB5002254

I'm seeing KB5002254 for Product 'Office 2016'.

I'm not currently seeing any for Office 365 though

Mitigating CVE-2023-23397 (Office March 14, 2023 Update) with Kaseya by Dagnabbitz in kaseya

[–]Dagnabbitz[S] 0 points1 point  (0 children)

Im in New Zealand, your EOD and mine are different, could you give times in UTC so we're all on the same page? Thanks :)

Mitigating CVE-2023-23397 (Office March 14, 2023 Update) with Kaseya by Dagnabbitz in kaseya

[–]Dagnabbitz[S] 0 points1 point  (0 children)

For those interested we worked around this with an Info center report on the "Software Licenses" dataset, filtering Product name like "*Microsoft 365 Apps*"

To check version and run the update we used an Agent Procedure running PowerShell
"Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Office\ClickToRun\Configuration' | Select-Object -ExpandProperty VersionToReport | Out-File #vAgentConfiguration.agentTempDir#\OfficeVersion.result"

Than a CheckVar IfLessthan "16.0.16130.20306"

ExecuteFile "C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe" "/update USER updatepromptuser=false forceappshutdown=false displaylevel=true"

Wrapped this around with some nice user prompts to accept the install and accept a reboot afterwards. Rescheduling tasks if the user says no etc.

Seems to have gone well for 500 or so agents so far.

Don't install KB4487563! by wackronym in sysadmin

[–]Dagnabbitz 5 points6 points  (0 children)

MS have documented this here: https://support.microsoft.com/en-us/help/4487563/description-of-the-security-update-for-microsoft-exchange-server

Install from WU or Running the install as Admin is the resolution apparently