SMA (K1000)

Please tell us how you’d like to see the Systems Management Appliance product improved!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. User settable 2FA Settings, Fine-grained 2FA Settings

    The current 2FA implementation is extremely lacking. I only seem to be able to find the prompt to scan a 2FA code after first toggling it on, and then from the administrator panel when lookup up users. Virtually every other 2FA I've configured gives an option in user settings to manage their 2FA codes. Without letting users do that you are asking for lockout issues if a user has to get a new phone, this should not be hidden in the User administration area, unless admins want to hide that from users.

    Furthermore, we should have more fine-grained settings to…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. The System Performance page (MUNIN) is visible to the public!

    The System Performance page or MUNIN must be secured and locked down to allow viewing only by system administrators. We cannot have this System Performance graph (https://<K1000_HOSTNAME>/munin/) visible to the public!

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Specific Script Permissions and Availability based on Role or Label Membership

    We have a situation where we would like to have a user be able to run a task that requires elevated permissions. We would be able to do this through KACE, because we can give the user a login, and access to the scripts. The only issue is we don't want the user to have access to all of the scripts. If there could be a way to configure within the Role or by Membership to a label, we could control what scripts a particular user might have the ability to run.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Service Desk - Security for Choose Action Options

    Allow the ability through roles to lock down the Choose Action options for users. This will keep users from making mass changes to tickets (priority, status, etc.) which can have adverse effects on other users, report statistics, etc.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to change the webui port

    With agent communication going over 443 and the webui port being 443 as well the device cannot securely sit behind a radius firewall that requires dual factor authentication.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow scheduling icon to appear even if LDAP login/password are not provided

    The KBOX seems to require the specification of an LDAP login name and password in order for the scheduling icon to show up. Since our LDAP server does not require a LDAP login/password (all of the relevant user data is visible via anonymous bind), we left those fields blank. When I created a dummy LDAP account just for the purpose of binding, and specified this account for the LDAP login/password, the scheduling icon showed up again.

    Ideally it would be good if this limitation could be removed (so that an LDAP login/password is not required to get the scheduling icon…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add option for "Max Concurrent Devices to Receive Patches"

    Currently we are using the K1000 to do all of our Windows patching. We have ran into the problem where we have some users who are on our VPN and never receive patches. Our bandwidth for our VPN is rather limited, so adding something in to say "only 2 people can receive patches at a time" for a specific schedule would be fantastic as it would reduce bandwidth consumption and allow us to patch our remote users consistently.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Auto-retry failed patch detect and deploys

    Occasionally patch detection or deployment fails usually due to machines going offline. The failure is reported back in the stats but nothing is done about it and this can result in a machine remaining insecure for an extended period.

    I suggest detects and deploys auto-retry in a similar manner to Managed Installs do, say by default three times, next time the machine is online. This should ensure a higher success rate overall and I imagine would be easy to implement.

    Now that users have more control over reboots the resulting delay in the patch deployment (pushing it outside of the…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Firewall for all traffic, not just httpd

    Even with ssh disabled from the web gui, I get a lot of messages re: sshd login attempts. I'd rather have all traffic outside my subnets dropped except for connection to Kace update servers.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add Dell Update support for Dell Embedded Box PC

    Please add dell update support for Dell Embedded PCs (5000 and 7000).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Ability to change konfig & netdiag passwords

    Please allow the ability to change all default system passwords.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Retrieve Windows defender signature version from server/workstations

    add the ability to retrieve windows defender signature version. The inventory already gathers the version information but not the signature version.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
2 Next →
  • Don't see your idea?

Feedback and Knowledge Base