SMA (K1000)

Please tell us how you’d like to see the Systems Management Appliance product improved!

How can we improve the SMA (K1000)?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Report to access/track admin login and duration

    It is good to have a report which can give us admin/technicians access log because people responsible for the different orgs. ask and complain about things and we wanted to see if they are actually accessing the server to perform jobs or getting benefited by the Kace 1000 and 2000. I was not able to access this report and kbox technical support said this type of report is not available. I was LANdesk admin and I have used this feature/report to prove that our people are not using the system (LANdesk).

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add additional logging for the appliance

    There should be additional logging on the K1000 appliance to audit when kace admins make huge changes to the environment. Ex: Upgrading the Kace appliance to a major version.
    We have about 7 or 8 employees that have admin access in our k1000 appliance and an upgrade was performed and ended up breaking our environment. We tried to figure out who initiated the upgrade by exporting all the logs and were only able to find other information like who uploaded items into the scripting section, who ran a script, etc. But no information on who started an appliance upgrade. This…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Kace needs to support Secure LDAP for Users running AD and internal CAs.

    Kace needs to provide better support for secure LDAP connections. The most common Active Directory environment running Secure LDAP is running an internal CA.The K1000 does not support using an internally signed certificate. That means that if we want to use LDAP for authentication we have to use unencrypted LDAP. Unencrypted passwords should be a serious concern to Dell.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Dell Updates schedules

    Can you change the standard behavior in schedules whereas, 1) no Device Label is specified and 2) the "All Devices" checkbox is left unchecked, that the schedule will actually deploy to no devices? This is the logical, more intuitive, behavior.
    My thought process usually goes: 0+0=0

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. reverse proxy

    Supporting a reverse proxy setup or providing guidance on how to set up a reverse proxy for the K1000 would be very beneficial for added security. The setup would be something like this:

    K1000 appliance on the internal network behind a firewall
    A reverse proxy on the DMZ (e.g. IIS 8 with ARR)

    Currently trying to set this up is a huge headache and I'm running into all sorts of issues and problems. It would be better from a security standpoint if the K1000 sat behind a reverse proxy.

    A specific use case would be when an organization has an…

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow administrator to choose where Windows updates are stored on client

    These days anti-virus are blocking common locations such as Windows/Temp due to ransomware risks etc. It would be nice if I can tell Kace appliance to download the patches to Kace folder or a user specified folder which we may be able to exclude from AV. Folders like Temp and Downloads are high risk locations these days.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. K1000 license expiration notify on home page

    K1000 license expiration notify on home page 5 warning notificatif before expiration of license.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Set seperate timeout sessions for both the userui and the adminui

    As it stands, there is only one setting for timeout. Given that as support technicians, we have our console open all day, it would be nice to be able to have our queues open without being timed out. As for the users, it seems better to make sure that they do not leave theirs open for an extended period of time.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. User Delegation by Asset

    Allow the ability to Control which Assets Users or Roles have the ability to see / manipulate with the K1000.

    For Example, we have 2 Departments :
    1.) PC Technicians

    We want the ability to give PC Technicians Full Administrative visibility / control ( with ALL Features of the K1000 ) to ONLY Certain Configurable Asset groups ( A Manually Created Group that Contains ALL WORKSTATIONS ).

    2.) Network Admins

    Then allow the Network Admins group full Administrative visibility / control ( with ALL Features of the K1000 ) to ONLY Certain Configurable Asset groups ( A Manually Created Group…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Remove the restriction for RFC1918

    In the most recent patch for K1000 (6.4.120756), Dell added a restriction that prevents the use of certain IPs. This change was not disclosed in the release notes and almost had a significant impact on our network. We now have to run a limited DHCP scope (where we would prefer not to) to accomodate the KBOX and our IP scheme. Please, Dell, leave the networking to us!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add XPS 13 9530 / XPS 15 9550 to Dell Update Catalog

    Add XPS 13 9530 / XPS 15 9550 to Dell Update Catalog

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Dynamic LDAP lookups to assign users to roles

    Currently, when a user is created (either on import, or when they log in), the role they have at that time is assigned to their account, even if the underlying database (e.g. Active Directory) changes. For example, say you've set up the K1000 so that all members of a particular AD security group are admins of the K1000, and all members of another AD security group are K1000 users. If you change a user's AD security group so that they're not in the admin group any longer, that change won't ever take effect on the K1000 and thus the user…

    89 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Granting Permissions

    Current permissions on the adminui side are too simplistic, they give too much control. I have helpdesk staff that need the ability to launch Scripts, manage Computer Inventory, and add/edit things in Assets. We are a smaller IT shop, which is the reason our staff has more than tickets to do.

    I'll use the Assets tab as an example. I need the ability to give some users the ability to Create and Edit in some Assets, but not have the ability to Delete. Some other Assets I don't want them to have anything other than Read. Some other users I…

    103 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add Support for SCAP and OVAL on linux Systems.

    Support existing requests for SCAP and OVAL on linux.
    ESMEA-319: SCAP Support for Linux and
    ESMEA-406: Oval Support for Linux OSes

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Limit MySQL access to specific IP addresses

    Our Security team has run vulnerability scans against the Kace K1000 and it currentloy shows 130+ vulnerabilities 95% of which are related to MySQL.

    What is most desired to mitigate the vulnerabilities is a limitation of MySQL access by source IP address, this would mitigate the exposure of the system. We know that MySQL already has a table to do limit access itself, however the KACE GUI doesn't make access to those MySQL built-in components.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Dell Updates progress message

    Add the ability to show a progress message on Dell Updates, similar to that already available in the patching section to let users (or other IT staff) know when Dell updates are being installed. Currently after the initial message, the only way to tell is to look at the web console for each device.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Optional credentials

    It would be nice to have the option for credentials. Currently, if a function has a credentials field, its required. Sometimes some things hit a RO anonymous share and throwing credentials at it causes it to fail.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. User Portal - Allow customers to run security patch schedule on their own mobile laptop on-demand, to suite their own schedule

    User Portal - Allow customers to run security patch schedule on their own mobile laptop on-demand, to suite their own schedule.

    Customers' work schedules vary greatly. Some run processes that can be interfered with by security patching jobs. They need to schedule their own time to install patches when no purported conflicts with running software could negatively impact their work.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Do not Auto-Fill Login Username

    As part of the medical industry, we have adhere to HIPAA security standards. Because of this we would like the Username to work like a banking site and not allow the username to be saved and Auto-Filled.
    Here is a code example.
    https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion

    Thanks

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Patching alert improvements

    Past experience shows that whenever a set of patches is applied, even if “No Reboot” is chosen that a large percentage of the time the workstation is booted anyway. We don’t use this option anymore. We have one schedule set to detect … and another schedule set to deploy. The deploy job has an alert and is set to force a reboot. This allows our users have a chance to consent to a reboot during the day (laptops).

    I just spoke with a support person and they confirmed that a deploy job has a max timeout of 1 hour, no…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base