• • Issue
  • Resolutions
    • The identity of the application pool does not have the Replace a process level tokenuser right.
    • Incorrect alternate Core Server name specified in Scan and Repair settings
    • Core Server Reboot
    • IIS Configuration and/or Permissions Issue
    • Modifying the Identity used by the WSVulnerability Application Pool
      • ASP.NET and CBA_anonymous accounts
    • Database credentials are incorrect
    • GPO Policies on Core Server
    • IP Address or Domain Name Restrictions in IIS
    • Ensure that the proper Web Service Extensions are enabled
    • Patchbiz.dll versions not in sync with other patch manager related files

Issue

The error "Server Busy... retrying" or "Server Busy... Failed." appears when running a vulnerability scan.

The Vulscan.log (Located in C:\Documents and Settings\All Users\Application Data\Vulscan) may contain lines similar to the following:

Thu, 03 Dec 2009 16:45:57 Action SOAPAction: "http://tempuri.org/ResolveDeviceID" failed, socket error: 0, SOAPCLIENT_ERROR: 5.  Status code: 503, fault string:  616   Retrying in 9 seconds...

Resolutions

There can be various causes for this issue.  It mainly centers around connectivity from the core to the client to the proper web services and web pages.

The identity of the application pool does not have the Replace a process level tokenuser right.

This cause usually results in an HTTP 403.19 error. If you are seeing this error in the IIS logs please review this Microsoft KB Article.

http://support.microsoft.com/kb/942048

Incorrect alternate Core Server name specified in Scan and Repair settings

Verify what Scan and Repair Settings the client is using.

Open that Scan and Repair setting and check the server name under "Communicate with alternate core server" on the Network Settings tab.

Core Server Reboot

Often rebooting the core server will clear up an issue like this.  This should be attempted before changes are made.

IIS Configuration and/or Permissions Issue

At this stage in the Vulnerability Scan process, the Vulnerability Scanner attemps to contact the core at http://<coreservername>/WSVulnerabilityCore/VulCore.asmx.

A basic connectivity test can be done:

1. In Internet Explorer go to Tools --> Internet Options --> Advanced and uncheck the box next to "Show friendly HTTP error messages." 

2. Browse from Internet Explorer on the client to http://<coreservername>/WSVulnerabilityCore/VulCore.asmx.

Take note of any error that appears.  If the page returns normally, it should look something like this:

If this fails, directory and virtual directory missions should be verified within IIS (Internet Services Manager) on the core server.

For information on the proper permissions that should be applied to directories, see this article.

Additionally, the .NET Framwork may need to be re-registered and IIS reset as pictured below (Note: The directory for the .NET Framework version may vary)

The web services log file on the core server can be useful for troubleshooting:

Run a vulnerability scan and then check the following log on your core server:

c:\windows\system32\logfiles\w3svc1\(latest log file)

Within this log file there will be lines similar to the following:

2009-12-03 23:48:59 W3SVC1 192.168.0.69 POST /WSVulnerabilityCore/VulCore.asmx - 80 - 192.168.0.45 Microsoft-ATL-Native/8.00 200 0 0

If the HTTP result code (A red "200" in the example above) is in the 400's or the 500's, this can indicate a server-side error.

An internet search of "HTTP ERROR CODES" can aid in diagnosis.

It is also important that the Core Server was not renamed after IIS installation.  Verify that the IUSR_<coreservername> and IUSR_<coreservername> accounts truly match the current name of the core server.  (Check account names in IIS Manager or Computer Management vs. what is returned by running "hostname" in a command prompt" window.

Modifying the Identity used by the WSVulnerability Application Pool

At times there have been Group Policy changes that have restricted the rights to the "Network Service" that the Application Pool normally uses.  Changing this Identity to use "Local System" has at times resolved this issue.

1 - In the IIS manager, if you have not already create a new application pool then add the wsvulnerability web service to it. If you already have the pool then skip this step 1.
2 - On the application pool for WSVulnerability right-click and select properties.
3 - On the properties window select the Identity tab.
4 - Change the Predefined to "Local System"
5 - Open a Command Prompt and run "IISRESET"

Additional information regarding the Optimization of IIS can be found here.

Description

When running a Security Scan on the clients, vulscan returns the above error and the window closes. This happens on every device. The vulscan.log file reads: "Action SOAPAction: "http://tempuri.org/GetHashForFile" failed, socket error: 0, SOAPCLIENT_ERROR: 7. Status code: 500, fault string:"

ASP.NET and CBA_anonymous accounts

On the core server, make sure that the local accounts ASP.NET and cba_anonymous are created and enabled.

Database credentials are incorrect

1. Ensure that the Core server is pointed to the right database.
2. Ensure that the proper credentials are configured on the core in Configure Services | General Tab | Database

GPO Policies on Core Server

• Go to Start | Administrative Tools | Local Security Policy.
• Expand Local Policies.
• Highlight User Rights Assignment

Make sure that the Adjust memory quotas for a process value provides permissions for these accounts:

• Local Service
• Network Service
• IWAM_SERVERNAME
• Administrators

Note: These are the default accounts. The Application pool is running as Network Service and requires this ability.
Note: To test if this is the cause, set the identity of the Application Pool to be Local System. If this works, then permissions is definitely the cause.
Note: It may be necessary to put the Core Server in its on OU and have absolutely no GPOs applied to the OU, not even the default policy.

IP Address or Domain Name Restrictions in IIS

1. Using the Internet Service Manager (Microsoft Management Console), open the Internet Information Server (IIS) snap-in and select the Web site reporting the 403.6 error. Right-click the Web site, virtual directory, or file where the error is occurring. Click Properties to display the property sheet for that item.
2. Select the appropriate Directory Security or File Security property page. Under IP Address and Domain Name Restrictions, click Edit.
3. In the IP Address and Domain Name Restrictions dialog box, if the Denied Access option is selected, then add the IP address, network ID, or domain of the computer that requires access to the exceptions list.
4. In the IP Address and Domain Name Restrictions dialog box, if the Granted Access option is selected, then remove the IP address, network ID, or domain of the computer that requires access to the exceptions list.

Ensure that the proper Web Service Extensions are enabled

On the Core Server in IIS ensure that the following Web Service Extensions are enabled:

Patchbiz.dll versions not in sync with other patch manager related files

Install the latest Service Pack for your version of the Product

If you would like to ensure that when you open up console it is instantely visible which system you are currently using then please follow the steps below.

Once setup it will look like this:

1. Shut console and backup your console.exe.config file located from a standard install in C:\Program Files\LANDesk\LANDesk ServiceDesk\

2. Open up console.exe.config file and under <!-- Custom Action Handlers --> add these two lines:

<add key="ProductEntity" value="!!! TEST - OOTB - TEST!!!!"/>

<add key="OverrideMenuBarBackColorName" value="Red" />

You can change the text where it says "!!! TEST - OOTB - TEST!!!!" and the colour where it says "Red"

Once added, your console.exe.config file should look like this:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <appSettings>
  <!--<add key="Culture" value="de"/>-->
  <add key="Culture" value="en" />
  <add key="TPS Host" value="http://localhost/Touchpaper.Framework.Web" />
  <add key="Url" value="http://localhost/Touchpaper.Framework.Web" />
  <!-- Custom Action Handlers -->
  <add key="ProductEntity" value="!Live System!"/>

  <add key="OverrideMenuBarBackColorName" value="Green" />

  <add key="ChangeManagement.Change.AddConfigurationItem" value="Touchpaper.Console.SnapIn.ConfigurationManager.AddConfigurationItemHandler" />
  <add key="ChangeManagement.Change.DetachConfigurationItem" value="Touchpaper.Console.SnapIn.ConfigurationManager.DetachConfigurationItemHandler" />

XTrace for LDMS 9.6 and newer

As of LDMS 9.6 all that is needed to enable XTrace verbose logging on client machines it to modify the following registry keys on the target client machine:

64-bit:

||HKLM|SOFTWARE|Wow6432Node|landesk|managementsuite|LogOptions

32-bit:

||HKLM|SOFTWARE|landesk|managementsuite|LogOptions

To enable the logging options change their value to "1", or back to "0" to disable the verbose logging. The keys you can modify to enable verbose logging are:

• logInfo
• logType
• logVerbose
• logXTrace

Once the logging options are enabled the existing logs for the various components will simply become more verbose instead of a new logs being generated. You will still gather the same logs you would have before.

XTrace for LDMS 9.5 and older

XTrace functionality is in the registry only.

To activate Xtrace manually create any or all of the following registry entries in the following location:

32Bit OS

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Intel\\LANDesk\\XTrace]

64Bit OS

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Intel\\LANDesk\\XTrace]

Note: The registry entries should be a DWORD value with a "Value data" of 1

An executable that can automatically set these registry key values is attached here:

  LDDebugLogEnabler.zip

Note: The executable is not supported by LANDESK but is written independently by Jared Barneck.

The name of the XTrace log is the value name with a .XLG extension. This log file will show up in the same directory as the application that is being traced.

Note: To enable Xtrace for LANDESK Provisioning, the following method can be used:

1. Modify the Provisioning template
2. Add a Wait action as the first action in the OS Deployment section.  (5 to 10 minutes should be enough to make the changes to the registry)
3. Remote control the client and make the appropriate registry changes to turn on Xtrace.
4. After the template has finished, collect the XTRACE logs you have turned on.  These will end with a .XLG extension.

Problem

The Core and LDAP test connection from System Settings in AOD are successful but when using the "Mobile Device Management" link from the console, it is unable to log in with LDAP account.

The synchronization of the inventory is not working with the following error in the logs :

"The remote server returned an error: (403) Forbidden"

Solution

Edit the System Settings in AOD and change the user with another LDAP use that has sufficient right to read your AD Domain then click save.

After the save, you should be able to Sync the inventory and use integrated login to aod.wavelink.com from the Console.

Note that you can revert back to the old user afterwards and it should still works

The following article is part of our Business Solutions series.  To view additional documents, go to the Momentum home page or access your Products Purchased through the LANDESK Support Portal.

Why Upgrade

Upgrading your LANDESK Service Desk solution enables you to have access to all of the latest features and enhancements so that you can achieve the maximum value from your continued investment in LANDESK. In addition, you can realize the following benefits:

• Ensure you are on a LANDESK supported version of the product.
• New features provide capabilities for productivity gains and improved user experiences.
• Continued access to supplemental Content Packs available through the Support community.

Furthermore, many of the enhancements issued in new releases are driven by customer requests so you are safe in the knowledge that these enhancements provide you with true value that customers actually need and want.  Click here to access the most recent product version, including release notes and supporting documentation.

Architecture and Design Considerations

The LANDESK consulting team provides installation and upgrade services to our customers.  As part of the engagement process, we provide the attached upgrade questionnaire to gather as much relevant information about the customer environment as possible.  This document is valuable for identifying and documenting your existing Service Desk environment along with any special configurations,integration, and team members involved in the upgrade process.

• Technical specifications and supported platform documents
• See attached Upgrade Questionnaire below
• View recorded Tech Brief discussion about Upgrade Considerations

The Upgrade Process

The upgrade process varies slightly from version to version.  The following videos demonstrate how to upgrade your LANDESK Service Desk environment to version 7.8.

	Part 1 - Introduction and Overview	1:59
	Part 2 - Planning your Upgrade	3:24
	Part 3 - Preparing the Environment	6:13
	Part 4 - Performing the Upgrade	11:35

Tips, Tricks, and Troubleshooting

The following resources are available within the LANDESK Community.  For questions or to access the most recent information, please visit the direct links.

How to Change the Database Location

On occasion it might be necessary to change the location of the Service Desk database - this might be because the server name has changed or the database has been moved to a new instance.  The architecture of Service Desk is such that this alteration need only be configured in the tps.config files for all clients to be updated.  https://community.landesk.com/support/docs/DOC-19084

Database migration to a new SQL Server (ServiceDesk)

Migrating a database is a pretty straight forward process and is well documented on technet and other outlets. Here is a list of instructions you can use to migrate a SQL database from one server/host to another.  https://community.landesk.com/support/docs/DOC-31225

After Upgrading from a pre 7.6 version, the database file has increased in size, why?

Question:  I just upgraded my database to Service Desk 7.6 and it has now increased in size, why is this?

Answer:  The reason why the database is increasing so much in size is because in 7.6 we are no longer supporting none unicode string attributes. This means that when you run the MDM to upgrade to 7.6 it's converting the none unicode string attribute to be unicode string attribute and these are bigger in size. This is how it should be and unfortunately not anything that can be changed.

https://community.landesk.com/support/docs/DOC-28476

Upgrade error message when running MDM against the DB

MDM fails with error: The database structures for '...' are incomplete.  Running the MDM fails against Oracle/SQL database with either of these messages:

The database structures for 'EndUser' with primary key '70648c86-e58c-4693-8752-44876573418f' are incomplete.

There is a missing record in the 'tps_end_user' table. Please restore a valid database backup.

https://community.landesk.com/support/docs/DOC-4807

Considerations before upgrading a Service Desk database through version 7.6 or 7.6.1

post 7.6 and 7.6.1 there are some major changes made to the database as it is upgraded.  Due to these changes some considerations need to be made before upgrading.  https://community.landesk.com/support/docs/DOC-28996

How To Import Licenses to Avalanche 6.1 / Manually Creating .lic file

1. Log into your Avalanche 6.1 Console
2. Select 'Tools' on the left
3. Click on the 'Support and Licensing' option
4. Scroll to the bottom of the page
5. Copy the Node Lock into your clipboard
6. Open a new tab to www.wavelink.com/activation
7. Paste the node lock into the input labelled 'Harware Node Lock'
8. Open your license information and copy the license key into your clipboard
9. Paste the license key into the 'License Key' input
10. Press Activate
11. Press the link that is generated to download the license
12. Go back to the Avalanche console (where you should be on the license page still)
13. Click the plus sign to add a license
14. Select the 'License file' radio option
15. Click 'Import...' and navigate to and select your .lic file
16. Press Save
17. Your license should appear in the 'Installed Licenses' section of the page.

Introduction

Support analysts are faced with large queues of incidents and are measured on how fast they can resolve them. To address security and compliance concerns, remote assistance must be secure, user authorized, and auditable. Support personnel are not always at their desk, so being able to access these tools and information from mobile devices would make the support analyst more effective when away from their desk.

The analyst’s primary tools of the trade are the ones that help him resolve issues remotely, which include remote control, data associated to the device and what’s on the device, and information about prior incidents with the device. These remote assistance capabilities help the support analyst perform a quick analysis using historical data, diagnose the issue, and securely remote control the device to troubleshoot and resolve the issue from anywhere. Remote Control sessions are authorized by the user, utilize SSL encryption, and create logs that are auditable to recognize areas for improvement and flag security risks from unauthorized access.

This First Value Remote Assistance installment will help you make the most of the LANDESK remote assistance information and capabilities to improve support processes and reduce time to resolution for break fix incidents.

Architecture and Design Considerations

Remote Management is native to the LANDESK Core and Agent configuration. Once your LANDESK Management Suite Core is installed and the Agent is configured and deployed, you can gain remote access to the machine. Please ensure that all necessary ports are opened for Remote Management and Remote Control. For a list of ports please see the following:

Port List

• https://community.landesk.com/support/docs/DOC-1591

Cloud Service Appliance

For those that are looking to remotely manage a client that is off-network, you will need to have a LANDESK Cloud Service Appliance configured.  For information in regards to the CSA, please see the following:

Preparation and Pre-Configuration

• Community Reminder
  • Just a reminder, to register on http://community.landesk.com. Use your company-registered email, which will tie your community account to your Company account on our back-end and give you access to your company information.
• Downloads
  • http://download.landesk.com/product/9_5/LDcsa43.exe
• Hardware Requirements & FAQ
  • https://community.landesk.com/support/docs/DOC-27528

Install

• Install Guide for 4.3
  • https://community.landesk.com/support/docs/DOC-32340
• Quick configuration
  • https://community.landesk.com/support/docs/DOC-29405

Next Steps

• Landing Page
  • https://community.landesk.com/support/community/systems/cloudservices

Setup and Configuration

Effective use of remote assistance will increase the value of your LANDESK investment. The following videos will help demonstrate our best practices for setup and configuration of remote assistance.

	Part 1 - Improving Remote Assistance	2:50
	Part 2 - Using Remote Control	3:58
	Part 3 - Using the Inspector	6:34
	Part 4 - Real-Time Inventory	3:44
	Part 5 - Device Health	2:10
	Part 6 - Web Console	2:32

Tips, Tricks, and Troubleshooting

The following resources are available to help with setup, configuration, and troubleshooting.  For up-to-date information and to ask questions or comment, please visit the original document location using the links below.

Community Articles

How software packages are gathered for Inventory

How To: Add (or Stop) XTrace + Log Verbose for 1 device in 2-CLICKS from any LDMS Console

How connect to remote registry

How to remote MAC machine via CSA

Enable HTML Remote Control for "IT Help Desk"

Help and Documentation

• How to Use inspector to troubleshoot problems
• Classic Remote Control
• HTML5
• Using remote control logging

LANDESK Security and Patch News

Headlines

• (June 15, 2015) LANDESK has added the latest IAVA information to the April  2015 Microsoft security bulletin release.

New Vulnerabilities

• Vulnerability ID – None

New Vulnerabilities

• Vulnerability ID – None

Changed Vulnerabilities

V_CHS_MS15-055.xml

V_CHS_MS15-056.xml

V_CHS_MS15-057.xml

V_CHS_MS15-061.xml

V_CHS_MS15-064_CHS.xml

V_CHT_MS15-055.xml

V_CHT_MS15-056.xml

V_CHT_MS15-057.xml

V_CHT_MS15-061.xml

V_CHT_MS15-064_CHT.xml

V_CSY_MS15-055.xml

V_CSY_MS15-056.xml

V_CSY_MS15-057.xml

V_CSY_MS15-061.xml

V_DAN_MS15-055.xml

V_DAN_MS15-056.xml

V_DAN_MS15-057.xml

V_DAN_MS15-061.xml

V_DEU_MS15-055.xml

V_DEU_MS15-056.xml

V_DEU_MS15-057.xml

V_DEU_MS15-061.xml

V_DEU_MS15-064_DEU.xml

V_ENU_MS15-055.xml

V_ENU_MS15-056.xml

V_ENU_MS15-057.xml

V_ENU_MS15-061.xml

V_ENU_MS15-064_ENU.xml

V_ESN_MS15-055.xml

V_ESN_MS15-056.xml

V_ESN_MS15-057.xml

V_ESN_MS15-061.xml

V_ESN_MS15-064_ESN.xml

V_FIN_MS15-055.xml

V_FIN_MS15-056.xml

V_FIN_MS15-057.xml

V_FIN_MS15-061.xml

V_FRA_MS15-055.xml

V_FRA_MS15-056.xml

V_FRA_MS15-057.xml

V_FRA_MS15-061.xml

V_FRA_MS15-064_FRA.xml

V_HUN_MS15-055.xml

V_HUN_MS15-056.xml

V_HUN_MS15-057.xml

V_HUN_MS15-061.xml

V_INTL_MS15-046v2_INTL.xml

V_INTL_MS15-046v2_MUI_CHS.xml

V_INTL_MS15-046v2_MUI_CHT.xml

V_INTL_MS15-046v2_MUI_CSY.xml

V_INTL_MS15-046v2_MUI_DAN.xml

V_INTL_MS15-046v2_MUI_DEU.xml

V_INTL_MS15-046v2_MUI_ENU.xml

V_INTL_MS15-046v2_MUI_ESN.xml

V_INTL_MS15-046v2_MUI_FIN.xml

V_INTL_MS15-046v2_MUI_FRA.xml

V_INTL_MS15-046v2_MUI_HUN.xml

V_INTL_MS15-046v2_MUI_ITA.xml

V_INTL_MS15-046v2_MUI_JPN.xml

V_INTL_MS15-046v2_MUI_KOR.xml

V_INTL_MS15-046v2_MUI_NLD.xml

V_INTL_MS15-046v2_MUI_NOR.xml

V_INTL_MS15-046v2_MUI_PLK.xml

V_INTL_MS15-046v2_MUI_PTB.xml

V_INTL_MS15-046v2_MUI_PTG.xml

V_INTL_MS15-046v2_MUI_RUS.xml

V_INTL_MS15-046v2_MUI_SVE.xml

V_INTL_MS15-055_MSU.xml

V_INTL_MS15-056_MSU.xml

V_INTL_MS15-057_MSU.xml

V_INTL_MS15-059_INTL.xml

V_INTL_MS15-059_MUI_CHS.xml

V_INTL_MS15-059_MUI_CHT.xml

V_INTL_MS15-059_MUI_CSY.xml

V_INTL_MS15-059_MUI_DAN.xml

V_INTL_MS15-059_MUI_DEU.xml

V_INTL_MS15-059_MUI_ENU.xml

V_INTL_MS15-059_MUI_ESN.xml

V_INTL_MS15-059_MUI_FIN.xml

V_INTL_MS15-059_MUI_FRA.xml

V_INTL_MS15-059_MUI_HUN.xml

V_INTL_MS15-059_MUI_ITA.xml

V_INTL_MS15-059_MUI_JPN.xml

V_INTL_MS15-059_MUI_KOR.xml

V_INTL_MS15-059_MUI_NLD.xml

V_INTL_MS15-059_MUI_NOR.xml

V_INTL_MS15-059_MUI_PLK.xml

V_INTL_MS15-059_MUI_PTB.xml

V_INTL_MS15-059_MUI_PTG.xml

V_INTL_MS15-059_MUI_RUS.xml

V_INTL_MS15-059_MUI_SVE.xml

V_INTL_MS15-060_MSU.xml

V_INTL_MS15-061_MSU.xml

V_INTL_MS15-062_MSU.xml

V_INTL_MS15-063_MSU.xml

V_ITA_MS15-055.xml

V_ITA_MS15-056.xml

V_ITA_MS15-057.xml

V_ITA_MS15-061.xml

V_ITA_MS15-064_ITA.xml

V_JPN_MS15-055.xml

V_JPN_MS15-056.xml

V_JPN_MS15-057.xml

V_JPN_MS15-061.xml

V_JPN_MS15-064_JPN.xml

V_KOR_MS15-055.xml

V_KOR_MS15-056.xml

V_KOR_MS15-057.xml

V_KOR_MS15-061.xml

V_KOR_MS15-064_KOR.xml

V_NLD_MS15-055.xml

V_NLD_MS15-056.xml

V_NLD_MS15-057.xml

V_NLD_MS15-061.xml

V_NOR_MS15-055.xml

V_NOR_MS15-056.xml

V_NOR_MS15-057.xml

V_NOR_MS15-061.xml

V_PLK_MS15-055.xml

V_PLK_MS15-056.xml

V_PLK_MS15-057.xml

V_PLK_MS15-061.xml

V_PTB_MS15-055.xml

V_PTB_MS15-056.xml

V_PTB_MS15-057.xml

V_PTB_MS15-061.xml

V_PTB_MS15-064_PTB.xml

V_PTG_MS15-055.xml

V_PTG_MS15-056.xml

V_PTG_MS15-057.xml

V_PTG_MS15-061.xml

V_RUS_MS15-055.xml

V_RUS_MS15-056.xml

V_RUS_MS15-057.xml

V_RUS_MS15-061.xml

V_RUS_MS15-064_RUS.xml

V_SVE_MS15-055.xml

V_SVE_MS15-056.xml

V_SVE_MS15-057.xml

V_SVE_MS15-061.xml

New Patch Downloads

• None

Where to Send Feedback

At LANDESK, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

LANDESK Product Support

Copyright © 2014 LANDESK Software.  All rights reserved. LANDESK is either a registered trademark or trademark of LANDESK Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDESK disclaims any liability with respect to this document and LANDESK has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.LANDESK.com.  

We have implemented the following template which shows all ticket/tasks in one view, and also displays the assignment history with associated notes, and notes history without opening the ticket.  One of the main gripes for many of our users was having to trawl though notes and not have a single overview of information.  This what it looks like.

STEPS:

• After Read html Notes History Calculation & Assignment History calculation, we did this on Incident/Request/Change/Change Task and Request Task.  Optional - we added an automated note when with/back from customer to show all info

Notes History

import System
static def GetAttributeValue(Incident):


SortedNotes = List(Incident.Notes as Collections.IEnumerable)
SortedNotes.Sort() do (first, last):
                    return last.CreationDate.CompareTo(first.CreationDate) // this is newest to oldest order                    // return first.CreationDate.CompareTo(last.CreationDate) // this is commented out but is oldest to newest


Value = "<p><strong><font face='verdana' size=5 color='green'>Notes History</font></strong><BR /><font face='verdana' size=2 color='black'></p>"
for Note in SortedNotes:                       Value += String.Format("\r\n<BR /><b><font face='verdana' size=3 color='green'> Created at {0} by {1}:\r</font><br><br>Summary:</b> {2} <br> <br> <b>Details:</b> <br> <br> {3}\n<BR /> ", Note.CreationDate, Note.RaiseUser.Title, Note.Title, Note.Text)                  
return Value

Assignment History

import System
static def GetAttributeValue(Incident):


SortedAssignments = List(Incident.Assignments as Collections.IEnumerable)
SortedAssignments.Sort() do (first, last):
                    return last.CreationDate.CompareTo(first.CreationDate) // this is newest to oldest order                    // return first.CreationDate.CompareTo(last.CreationDate) // this is commented out but is oldest to newest


Value = "<p><strong><font face='verdana' size=5 color='green'>Assignment History</font></strong><BR /><font face='verdana' size=2 color='black'></center></p>"
for Assignment in SortedAssignments:                       Value += String.Format("\r\n<BR /><b><font face='verdana' size=3 color='green'> Created at {0} by {1}:\r</font><br><br>Summary:</b> {2} <br> <br> <b>Details:</b> <br> <br> {3}\n<BR /> ", Assignment.CreationDate, Assignment.CreationUser.Title, Assignment.Title, Assignment._AssigmentNotes)                  
return Value

• On the process object created a report template to show the first image

<font size="2" ><table class="reportFixedWidth" width="1200px"><tr><td width = "30px"><strong></strong><br><img src='{Lifecycle/_Image}'></td><td width="40px"><strong>ID: </strong><br>{_ProcessRef}</td><td width="60px"><strong>Raised By: </strong><br>{RaiseUser/Title}</td><td width="200px"><strong>Summary: </strong><br>{Title}</td><td width="50px"><strong>Created On: </strong><br>{CreationDate:22}</td><td width="50px"><strong>Status: </strong><br>{Status/Title}</td><td width="20px"><strong></strong><br><img src="../Resource/EscalationColour.rails?colour={Colour}"></td><td width="60px"><strong>Last Updated: </strong><br>{LastUpdate:22}</td><td width="60px"><strong>Updated By: </strong><br>{LastUpdateUser/Title}</td></table>

• Then created an extended repor template to expand the notes and assignment history

<font size="2" ><table class="reportFixedWidth" width="1200px"><tr><td width = "30px"><strong></strong><br><img src='{Lifecycle/_Image}'></td><td width="40px"><strong>ID: </strong><br>{_ProcessRef}</td><td width="60px"><strong>Raised By: </strong><br>{RaiseUser/Title}</td><td width="200px"><strong>Summary: </strong><br>{Title}</td><td width="50px"><strong>Created On: </strong><br>{CreationDate:22}</td><td width="50px"><strong>Status: </strong><br>{Status/Title}</td><td width="20px"><strong></strong><br><img src="../Resource/EscalationColour.rails?colour={Colour}"></td><td width="60px"><strong>Last Updated: </strong><br>{LastUpdate:22}</td><td width="60px"><strong>Updated By: </strong><br>{LastUpdateUser/Title}</td></table><font size="2" ><table class="reportFixedWidth" width="1100px"><strong></strong><br><strong>Description:</strong><tr><strong></strong><br>{Description}<td width="150px"><strong></strong><br>{_NotesHistoryAnalyst}</td><td width="150px"><strong></strong><br>{_AssignmentHistory}</td></font>

Formatting for report template not important so just copy and paste

• Added images to lifecycle via a query
  1. Create a new query based on the Lifecycle module and the Lifecycle Description business object.  Add the Title, Name, and Class Type attributes to the query.  Under General in the Query pane, select 'Workspace' in the launch box then check the 'Launch in a new window when double clicking results checkbox.
  2. Create a new window on the Lifecycle --> Lifecycle Description object within Window Manager and add the Title and Image attributes to it.
  3. To add an image to a process you will run the query, double click on the process that you want to add/change the image for and then browse to the image file and click save on the window.

If you wish to have an action to show notes/assignment history do this:

1. Attributes already created as per above
2. Create a new window and place the attribute
3. Create a new action on process designer, eg 'Ticket History'
4. Create a new window rule to associate the 'Ticket History' action with the window created on step 2
5. Create an optional action on the statuses you wish to show 'Ticket History'

Think that's all of it.

Eg:

This has gone down really well

Issue:

How can you move the location of the SDMCACHE folder on clients in Management Suite 9.6?

Solution:

• On the Client edit C:\ProgramData\LANDESK\TMCDownload\downloadermulticastconf.xml
• Change the <CacheDirectory> value to the desired path.

Example:

Original

<CacheDirectory>C:\ProgramData\LANDesk\ManagementSuite\sdmcache</CacheDirectory>

New

<CacheDirectory>E:\LDCache</CacheDirectory>

How to Create a Software Profile

1. Log into the Avalanche 6.1 console
2. Click on the profiles option on the left
3. In the 'Available Profiles' section, click the + symbol to add a profile
4. Select Software Profile
5. Give the software profile a name (you can also enable the profile) and click Save

Environment

This should work in LDMS 9.5 and 9.6. It is assumed you are running MS SQL and have something like SQL Server Management Studio to run queries.

Problem

When trying to delete an Agent Configuration, a warning occurs indicating it is currently scheduled. The Agent Configuration is unable to be deleted.

Old LDMS Agent can't be deleted because it is currently scheduled.

Cause

The Agent Configuration exists as part of a scheduled task. While it is associated with a scheduled task, it will be locked and unable to be deleted.

Solution / Workaround

Locate the Scheduled Task and delete it.

If you are unable to locate the Scheduled Task that is associated with the Agent Configuration, the following SQL Query can be ran to get a list of Scheduled Tasks that are utilizing the Agent Configuration. Once the Scheduled Tasks are identified, they can be deleted to release the lock on the Agent Configuration.

Query to show all Scheduled Tasks that correspond with an Agent Configuration

select t.ld_task_idn, t.task_name,tc.ld_Task_config_idn,tc.cfg_name, cc.Name
from LD_TASK t    join LD_TASK_CONFIG tc        on t.LD_TASK_CONFIG_IDN = tc.LD_TASK_CONFIG_IDN    join ClientConfig cc        on tc.CFG_NAME = 'AgentConfig ' + CAST(ClientConfig_idn as nvarchar)

Query to find Scheduled Tasks for a specific Agent Configuration. In this query replace <INSERT AGENT CONFIG NAME HERE> with the name of the Agent Configuration in desired.

select t.ld_task_idn, t.task_name,tc.ld_Task_config_idn,tc.cfg_name, cc.Name
from LD_TASK t    join LD_TASK_CONFIG tc        on t.LD_TASK_CONFIG_IDN = tc.LD_TASK_CONFIG_IDN    join ClientConfig cc        on tc.CFG_NAME = 'AgentConfig ' + CAST(ClientConfig_idn as nvarchar)
where tc.cfg_name like
(    select '%' + CAST(ClientConfig_idn as varchar) + '%'    from ClientConfig    where name like '%<INSERT AGENT CONFIG NAME HERE>%'
)

Example: This example shows the query looking for any Scheduled Tasks for our 'Old LDMS Agent' configuration, and shows it is in use by the Scheduled Task called 'Deploy the 2007 Agent'.

Environment:

LDMS - All Versions

Description:

When deploying a package through a policy, some of your clients may return an Error Code 16385 (i.e: "IDS_SDCD_INSTALL_SUCCESSFUL" according to the documentation here). As you may notice on your clients concerned by this Error Code, it doesn't necessarily mean that it was indeed installed succesfully but it may also mean that.

Cause:

1- If policy was required and run once in the configuration and it's already deployed before, sdclient_task***.log (On the client,look at C:\Program Files\LANDesk\LDClient\data\)

will contain the information as below:

                         The package {Package-***} was deployed by another policy.

Then, the error 16385 may be returned because the package has already been installed on the client for some reasons, or at least something makes it believe so.

2- It may also be due to 2 tasks running at the same time and try to install it which may cause this error message.

Solution:

1- Create a new task to deploy again the package with the option in the "Schedule Task" pane; "Deploy packages in this task even if they were previously deployed" and try again

2- Restart the client(s) concerned in order to close any other task(s) which may block the deployment of the package and try again

Environment: LDMS 9.6 SP2

Date Reviewed: 15/05/2015

Description:

Attached is a PowerPoint slide that will take you through all the changes in the UI and the one change on the core to accommodate new implementations in the new UI.

Issue

Occasionally it is possible to experience a blue screen error when using the LANDESK Endpoint Security product.

A blue screen typically occurs when a virtual device driver is reporting an error to the user.  To ensure optimal security, LANDESK Endpoint security uses a Virtual Device Driver called LDSECDRV.SYS.  This virtual device driver works at the kernel level to intercept malware and malicious activity.

Cause

Occasionally conflicts with third-party drivers and/or applications can cause a conflict with LANDESK Endpoint security.  Considering the current installation base of LANDESK Endpoint Security, blue screen incidents have been limited.

This often can occur when a virtual device driver from another program is updated, or when the third party program behaves in such a way that causes an unexpected exception.  Issues reported within the last year have only been seen with the following programs:

• Symantec Endpoint Protection 11 (Install latest LANDESK AEM patch and/or install latest Symantec maintenance update)
  Symantec Endpoint Protection 12 (Install latest LANDESK AEM patch and/or install latest Symantec maintenance update)
                                      (Click here for a Symantec article detailing the latest versions of their products)
• Trend Micro Officescan
• HP Proliant Server (Disable NX in BIOS to resolve)
• Nvidia Graphics Driver (Install latest LANDESK AEM patch and/or install latest Nvidia driver)
• Windows Live Mail Installer (Install latest LANDESK patch and/or latest version of Windows Live Mail)

LANDESK has made code changes to our product to accomodate these issues, however it is always advisable to contact the software vendor causing a conflict and seek resolution.

Resolution

LANDESK Software understands the level of impact that these sort of errors have and therefore treats incidents regarding a Blue Screen at the highest priority.

It is important to follow these steps to ensure optimal support:

Prior to contacting LANDESK Support, please be sure to check the following:

1. Do you have the latest patches for LANDESK Endpoint Security installed?  (See http://community.LANDESK.com/support/docs/DOC-27264)
   These patches will start with an "AEM" prefix.  AEM stands for "Antivirus, Endpoint and Mobility". 
   Often installing the latest patch will resolve known bluescreen issues. 
   Note: It is imperative to ensure that the client has been installed and is up to date.  Often the core server is found to be up to date with the latest patch, but the clients have not been updated to the same patch level.
2. Do you have the latest version of hardware drivers installed?
3. Are third-party antivirus or other software products up to date with the latest patches or service packs?
4. Does the computer have the latest BIOS installed?
5. Gather Endpoint Security Debug Logs.
6. Gather a Kernel Memory Dump.  (A minidump is insufficient, it must be a full kernel dump)
7. Provide the following information:
   
   - Operating System the client is running.
   - Computer model affected.
   - List of LANDESK AEM patches installed.
   - STOP code for the Bluescreen error.  If possible, a picture of the blue screen is helpful.
8. Contact LANDESK Support and let them know the business impact of your issue.

Upon receipt of the support ticket, the issue will be given the highest priority, the memory dump and debug logs analyzed and contact will be made to the customer regarding what they can expect for a fix.

For more information about gathering Endpoint Security Debug Logs and a Kernel Memory dump, please see the following article under the heading "Items to gather for the LANDESK technician":

How to troubleshoot LANDESK Device Control

http://community.LANDESK.com/support/docs/DOC-9853

Last Reviewed:16/06/2015

Description

This article provide details on how to setup a simple action to test alerting functions, and how to do basic troubleshooting

Environment:

LANDESK Management Suite 9.5 and 9.6

Detailed Step

1, make sure the agent configuration include real time monitoring component as marked below

2, Create a service monitor alert is the most effective way to perform this test, you can go to Alerts--Monitor-Service Monitor, edit OS service Monitoring,

and select service Backgroun Intelligent Transfer Service to test the service.

3.You can also create a Run on client action to help verify if the alert trigged on client, if the alert trigged on the client machine, you'd find notepad.exe process running in task manager on client.

4,when you create the alert email action, make sure you enter email in the field From，even it is not required field.

5,Drag Alert, email action and always send to the Configure ruleset, you can double click the ruleset to verify if all the alerts or actions have added successfully.

6,Save and Publish alert setting, run the alert task to distribute the alert ruleset, after the task complete, you can click Inventory to verify if the alert apply to client successfully.

7,Stop service Background Intelligent Transfer Service on the client machine. Then go to console to verify if you can receive service stop as below.

8, if you have successfully get this log file, then check your email box to verify if you can receive alert email, if no any email received, please gather sendmail.log which locate at  c:\program files(X86)\landesk\managementsuite.(LDMS9.5), or c:\program files\landesk\managementsuite(LDMS9.6

Last Reviewed: 16/06/2015

Environment: LDMS 9.5 ,9.6 , 9.6 SP1

Enable debug logging for Endpoint Security

Open Endpoint Security - click on Options

Once options is open click on the link at the bottom of the window (Troubleshooting logs: Disabled)

This will change the status to (Troubleshooting logs: Enabled)

Click OK to save.

Once complete, go back into Endpoint Security - Options and click  (Troubleshooting logs: Enabled) and this will change back to Disabled. It will prompt a command window and generate the logs:

Once complete it will post logs.def and logs.cab on the desktop.

All files and logs will be saved in the logs.cab.

Setting up a preferred server for replicating LANDesk Antivirus pattern file content.

LANDesk Antivirus takes advantage of all of the software distribution technologies built in to LANDesk Management Suite, including Preferred Package Servers.

This article discusses how to configure preferred package servers to host the LANDesk Antivirus pattern file content.

Create Web Share for Preferred Package Server

Note: This must be done on a server running web sharing services (such as IIS)

1. Create a folder on the target preferred server that mimics the pattern file content directory on the core server:
   
   For our example we will create the following directory structure:
   Program Files (x86)\LANDesk\ManagementSuite\LDLogon\Antivirus8\win\Bases8
   
   
2. Open IIS Manager, expand the navigation tree, right-click on Default Web Site and select “Add virtual directory”
   
   
3. Enter “LDLOGON” for the share alias, and navigate to the Program Files (x86)\LANDesk\ManagementSuite\LDLogon directory created in Step 1.
     
   
4. After creating the directory, right-click LDLogon in the navigation tree and select “Edit Permissions”
   
   Permissions should be configured as follows:
   
   Everyone: Read & Execute, List Folder Contents, Read
   IUSR: Read & Execute, List Folder Contents, Read
   NETWORK SERVICE: Full Control
   Administrators: Full Control
   
   
5. Enable directory browsing by selecting the LDLogon folder in the navigation frame and then clicking the “Directory Browsing” icon and clicking “Enable” in the right-hand pane.

Create UNC share for LDLOGON directory

1. Navigate to the \Program Files (x86)\LANDesk\ManagementSuite directory and right-click on the LDLogon share.
2. Right-click and go to “Advanced Sharing”
3. Click “Share this folder”.
4. Click “Permissions” and give an account Full Control access to the share.   This will be necessary for the LANDesk Content replication tool to have writes to copy Antivirus pattern file content to the share.
5. Ensure that the same account is also given Full Control on the Security tab.
   
   

Configure the Preferred Server in LANDesk Management Suite

1. Within the LANDesk Management Suite Console click Configure à Preferred Server
2. Right-click “Preferred Servers” and select “New Preferred Server”
3. Enter Server Name and Credentials to the newly created LDLOGON share on the Preferred Server
4. Enter the IP address ranges for the clients subnet(s) that this preferred server will serve.

If you want to replicate the antivirus pattern file content from the Core Server to the Preferred Server using LANDesk Content Replication, use the following steps.

1. Under “Selected Replicator” in the Preferred Server Properties select a Windows-based managed node from the list of computers. For more information about configuring a replicator, please see: LANDesk Content Replication - Replicator Configuration
2. Accept Default Run options unless there is something in particular you want to change.
3. Set up a schedule for the replicator to run.   For the client to utilize the Preferred Server for Antivirus pattern files properly, replication should occur shortly after the core server updates antivirus pattern files.   Therefore, a schedule should bet set up for the core server to download pattern files on a regular basis, and a replication task should be set to closely follow the completion of that.
4. Under “Sources” click “New” to create a new content replication source.
5. Name the source “Antivirus Pattern File Content”.
6. For the UNC or HTTP Path enter http://coreservername/ldlogon/antivirus8/win/bases8
7. Enter credentials to with read access to the share.
8. Move to the “Preferred Servers (Targets)” tab and select the desired preferred server from the list.
9. Select “Mirroring” in the left hand pane and check the box next to “Enable Mirroring”.
10. Click “Save”.

Note: LDLOGON/Antivirus8/Win/Bases8 is the only directory that needs replicated.   LDLOGON/Antivirus8/Win also contains other folders: backups, dskm, loadbalancing, and temp_bases8.   The backups directory is used to backup the bases8 folder.  dskm, loadbalancing and temp_bases8 are used to download the files in bases8.