How can we improve the SMA (K1000)?

Inventory Only Agent

Provide an agent that will return hardware, software, custom, and patch inventories but will not allow for patching, scripting or managed install distributions.

183 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
You have left! (?) (thinking…)
Dean Wade shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
under review  ·  Dean Wade responded  · 

The K1000 agentless inventory now supports most server class devices, including Windows, Linux, Debian, SUSE, RHEL, Ubuntu, Fedora, and FreeBSD. It would good to know if you think that a read-only agent is still necessary given the broader support agentless has.

25 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • Mike Thaxter commented  ·   ·  Flag as inappropriate

    We had a similar issue here. We just broke up our KACE SMA into different sub-Orgs;
    a Server Org / Full Managed Workstation Org / Inventory Org.
    Based on OU in the filter in the "Default" Org, you can assign or move "assets" from one org to another.
    The Fully Managed Org can perform all the required updatings and everything, while the Inventory Org can just handle the "non"-manged machines, or authorize them out to other techs to support them how they feel.
    But in the end you can have a complete list of all "Domain" machines for your overall Asset Inventory.

  • Craig Andersen commented  ·   ·  Flag as inappropriate

    Our use case would be the ability to use one agent that can be applied at the top of our AD structure. Agentless is a hassle with 1000's of different subnets. We can not have the full agent installed in case patching management or a script would be ran on certain critical devices.My idea would be a base inventory agent with the ability to provision additional services like metering,patching,software distribution,scripting. This would also allow us to use custom inventory rules that agentless doesn't provide.

  • Flappers commented  ·   ·  Flag as inappropriate

    Bumping this, as agentless devices can't provide the same information that you get from a standard inventory (software installed/ license etc,).

    Having a read only agent would solve many issues that we are facing.

  • Jason S. commented  ·   ·  Flag as inappropriate

    Yes, we still want a read-only agent as the agent itself is why we bought Kace. Remote scanning is not reliable enough for mobile systems. Also, there are systems were we want inventory information, but do not want any software pushed to it. This is nearly impossible when certain labels include "All Windows 7 computers", etc.

  • Jason E. commented  ·   ·  Flag as inappropriate

    In our use case, the need for an inventory-only agent would be somewhat supplanted by the uservoice-requested "exclude labels." That being said, I'd still like to see an inventory-only agent.

  • Josef commented  ·   ·  Flag as inappropriate

    I agree with the comments bellow; in current world all incoming ports to client must be closed no exception; therefore client less inventory is useless and dangerous concept.

    On open internet I still would like collect info about the machines; how could i determine the IPs for client less ??!

    The Inventory only option sounds very good.

  • erush commented  ·   ·  Flag as inappropriate

    For security reasons (and scope of work) we don't open up ports on clients that would allow for provisioning, the same would be for Agentless. An Inventory Only Agent would forgo the need to open ports on the client.

  • BlaiseG commented  ·   ·  Flag as inappropriate

    Agentless would work for servers in our environment, as a first step. My use case is to have an agent stub that is ONLY used for replication. We house our replication shares for our remote sites on servers at this sites. And, unfortunately, these servers appear in the organization used by our end user support teams. This is FAR FROM IDEAL in our environment as responsibilities are segregated by function. We want to ensure support/administration is performed by the appropriate team (no accidental reboots or software deployments to servers). For this to work, a stub/lite agent (replication only agent) would have a configuration pointing to 1 org and the agentless inventory would be part of a different org. Essentially, this replication only agent would not appear in the device list or wouldn't be available for targeting via scripts, MIs, etc.

  • MichAda commented  ·   ·  Flag as inappropriate

    We could really benefit from this on servers. No way agent will ever live on server due to potential misconfig. incorrect label, ect. Risk is way too high.

    But to capture the other data would be super!

  • Ben commented  ·   ·  Flag as inappropriate

    this feature is great for our system developing team which has test environment that should not be changed by patching. Previously i used LANDesk Ver.8.8, and it had this feature!
    Recently i moved to KACE, and i disappointed there is no feature like this.

  • Jon commented  ·   ·  Flag as inappropriate

    this would be perfect for our vendor owned machines and production servers, we could monitor what is installed and the status of the box, but not have to worry about deploying to something that has found its way into the wrong smartlabel

  • HG commented  ·   ·  Flag as inappropriate

    Agree with a lot of the posters here - we're still new to kace, and trusting that an agent cannot change any settings on a production server while still reporting "read only" would be reassuring

  • James Robinson commented  ·   ·  Flag as inappropriate

    Being able to download only what each machine needs would be a great benefit and save on Gb's of patches not required.

  • Ingo commented  ·   ·  Flag as inappropriate

    This is one feature LANDesk Patch Manager has that I'm jealous of. They call it "Pre-stage" - it makes the deployment process so much quicker, but gives us the opportunity to test it first.

← Previous 1

Feedback and Knowledge Base