Kaspersky Next XDR Expert
- Kaspersky Next XDR Expert Help
- What's new
- About Kaspersky Next XDR Expert
- Architecture of Kaspersky Next XDR Expert
- OSMP Console interface
- Licensing
- About data provision
- Quick start guide
- Deployment of Kaspersky Next XDR Expert
- Hardening Guide
- Deployment scheme: Distributed deployment
- Deployment scheme: Single node deployment
- Ports used by Kaspersky Next XDR Expert
- Preparation work and deployment
- Distributed deployment: Preparing the administrator and target hosts
- Single node deployment: Preparing the administrator and target hosts
- Preparing the hosts for installation of the KUMA services
- Installing a database management system
- Configuring the PostgreSQL or Postgres Pro server for working with Open Single Management Platform
- Preparing the KUMA inventory file
- Distributed deployment: Specifying the installation parameters
- Single node deployment: Specifying the installation parameters
- Specifying the installation parameters by using the Configuration wizard
- Installing Kaspersky Next XDR Expert
- Configuring internet access for the target hosts
- Synchronizing time on machines
- Installing KUMA services
- Deployment of multiple Kubernetes clusters and Kaspersky Next XDR Expert instances
- Signing in to Kaspersky Next XDR Expert
- Kaspersky Next XDR Expert maintenance
- Updating Kaspersky Next XDR Expert components
- Versioning the configuration file
- Removing Kaspersky Next XDR Expert components and management web plug-ins
- Reinstalling Kaspersky Next XDR Expert after a failed installation
- Stopping the Kubernetes cluster nodes
- Using certificates for public Kaspersky Next XDR Expert services
- Modifying the self-signed KUMA Console certificate
- Calculation and changing of disk space for storing Administration Server data
- Rotation of secrets
- Adding hosts for installing the additional KUMA services
- Replacing a host that uses KUMA storage
- Migration to Kaspersky Next XDR Expert
- Integration with other solutions
- Threat detection
- Working with alerts
- About alerts
- Alert data model
- Viewing the alert table
- Viewing alert details
- Assigning alerts to analysts
- Changing an alert status
- Creating alerts manually
- Linking alerts to incidents
- Unlinking alerts from incidents
- Linking events to alerts
- Unlinking events from alerts
- Working with alerts on the investigation graph
- Working with incidents
- About incidents
- Incident data model
- Creating incidents
- Viewing the incident table
- Viewing incident details
- Assigning incidents to analysts
- Changing an incident status
- Changing an incident priority
- Merging incidents
- Editing incidents by using playbooks
- Investigation graph
- Segmentation rules
- Copying segmentation rules to another tenant
- Working with alerts
- Threat hunting
- Threat response
- Response actions
- Terminating processes
- Moving devices to another administration group
- Running a malware scan
- Viewing the result of the malware scan
- Updating databases
- Moving files to quarantine
- Changing authorization status of devices
- Viewing information about KASAP users and changing learning groups
- Responding through Active Directory
- Responding through KATA/KEDR
- Responding through UserGate
- Responding through Ideco NGFW
- Responding through Ideco UTM
- Responding through Redmine
- Responding through Check Point NGFW
- Responding through Sophos Firewall
- Responding through Continent 4
- Responding through SKDPU NT
- Viewing response history from alert or incident details
- Playbooks
- Viewing the playbooks table
- Creating playbooks
- Editing playbooks
- Customizing playbooks
- Viewing playbook properties
- Terminating playbooks
- Deleting playbooks
- Launching playbooks and response actions
- Configuring manual approval of response actions
- Approving playbooks or response actions
- Enrichment from playbook
- Viewing response history
- Predefined playbooks
- Playbook trigger
- Playbook algorithm
- Response actions
- REST API
- Creating a token
- Authorizing API requests
- API operations
- Viewing a list of alerts
- Viewing a list of incidents
- Viewing a list of tenants
- Closing alerts
- Closing incidents
- Viewing a list of active lists on the correlator
- Importing entries to an active list
- Searching assets
- Importing assets
- Deleting assets
- Searching events
- Viewing information about the cluster
- Resource search
- Loading resource file
- Viewing the contents of a resource file
- Importing resources
- Exporting resources
- Downloading the resource file
- Searching services
- Viewing token bearer information
- Dictionary updating in services
- Dictionary retrieval
- Viewing custom fields of the assets
- Viewing the list of context tables in the correlator
- Importing records into a context table
- Exporting records from a context table
- Viewing a list of aggregation rules
- Creating an aggregation rule
- Replacing aggregation rules
- Managing Kaspersky Unified Monitoring and Analysis Platform
- About Kaspersky Unified Monitoring and Analysis Platform
- What's new
- Program architecture
- Administrator's guide
- Logging in to the KUMA Console
- KUMA services
- Services tools
- Service resource sets
- Creating a storage
- Creating a correlator
- Creating an event router
- Creating a collector
- Creating an agent
- Configuring event sources
- Configuring receipt of Auditd events
- Configuring receipt of KATA/EDR events
- Configuring receiving Kaspersky Security Center event from MS SQL
- Creating an account in the MS SQL database
- Configuring the SQL Server Browser service
- Creating a secret in KUMA
- Configuring a connector
- Configuring the KUMA Collector for receiving Kaspersky Security Center events from an MS SQL database
- Installing the KUMA Collector for receiving Kaspersky Security Center events from the MS SQL database
- Configuring receipt of events from Windows devices using KUMA Agent (WEC)
- Configuring audit of events from Windows devices
- Configuring centralized receipt of events from Windows devices using the Windows Event Collector service
- Granting permissions to view Windows events
- Granting permissions to log on as a service
- Configuring the KUMA Collector for receiving events from Windows devices
- Installing the KUMA Collector for receiving events from Windows devices
- Configuring forwarding of events from Windows devices to KUMA using KUMA Agent (WEC)
- Configuring receipt of events from Windows devices using KUMA Agent (WMI)
- Configuring receipt of PostgreSQL events
- Configuring receipt of IVK Kolchuga-K events
- Configuring receipt of CryptoPro NGate events
- Configuring receipt of Ideco UTM events
- Configuring receipt of KWTS events
- Configuring receipt of KLMS events
- Configuring receipt of KSMG events
- Configuring receipt of PT NAD events
- Configuring receipt of events using the MariaDB Audit Plugin
- Configuring receipt of Apache Cassandra events
- Configuring receipt of FreeIPA events
- Configuring receipt of VipNet TIAS events
- Configuring receipt of Nextcloud events
- Configuring receipt of Snort events
- Configuring receipt of Suricata events
- Configuring receipt of FreeRADIUS events
- Configuring receipt of VMware vCenter events
- Configuring receipt of zVirt events
- Configuring receipt of Zeek IDS events
- Configuring DNS server event reception using the ETW connector
- Monitoring event sources
- Managing assets
- Adding an asset category
- Configuring the table of assets
- Searching assets
- Exporting asset data
- Viewing asset details
- Adding assets
- Adding asset information in the KUMA Console
- Importing asset information from Kaspersky Security Center
- Importing asset information from MaxPatrol
- Importing asset information from KICS for Networks
- Examples of asset field comparison during import
- Settings of the kuma-ptvm-config.yaml configuration file
- Assigning a category to an asset
- Editing the parameters of assets
- Archiving assets
- Deleting assets
- Updating third-party applications and fixing vulnerabilities on Kaspersky Security Center assets
- Moving assets to a selected administration group
- Asset audit
- Custom asset fields
- Critical information infrastructure assets
- Integration with other solutions
- Integration with Kaspersky Security Center
- Kaspersky Endpoint Detection and Response integration
- Integration with Kaspersky CyberTrace
- Integration with Kaspersky Threat Intelligence Portal
- Connecting over LDAP
- Enabling and disabling LDAP integration
- Adding a tenant to the LDAP server integration list
- Creating an LDAP server connection
- Creating a copy of an LDAP server connection
- Changing an LDAP server connection
- Changing the data update frequency
- Changing the data storage period
- Starting account data update tasks
- Deleting an LDAP server connection
- Kaspersky Industrial CyberSecurity for Networks integration
- Integration with Neurodat SIEM IM
- Kaspersky Automated Security Awareness Platform
- Sending notifications to Telegram
- UserGate integration
- Integration with Kaspersky Web Traffic Security
- Integration with Kaspersky Secure Mail Gateway
- Importing asset information from RedCheck
- Configuring receipt of Sendmail events
- Managing KUMA
- Working with geographic data
- User guide
- KUMA resources
- Operations with resources
- Destinations
- Normalizers
- Aggregation rules
- Enrichment rules
- Correlation rules
- Filters
- Active lists
- Viewing the table of active lists
- Adding active list
- Viewing the settings of an active list
- Changing the settings of an active list
- Duplicating the settings of an active list
- Deleting an active list
- Viewing records in the active list
- Searching for records in the active list
- Adding a record to an active list
- Duplicating records in the active list
- Changing a record in the active list
- Deleting records from the active list
- Import data to an active list
- Exporting data from the active list
- Predefined active lists
- Dictionaries
- Response rules
- Connectors
- Viewing connector settings
- Adding a connector
- Connector settings
- Secrets
- Context tables
- Viewing the list of context tables
- Adding a context table
- Viewing context table settings
- Editing context table settings
- Duplicating context table settings
- Deleting a context table
- Viewing context table records
- Searching context table records
- Adding a context table record
- Editing a context table record
- Deleting a context table record
- Importing data into a context table
- Analytics
- KUMA resources
- Working with Open Single Management Platform
- Basic concepts
- Administration Server
- Hierarchy of Administration Servers
- Virtual Administration Server
- Web Server
- Network Agent
- Administration groups
- Managed device
- Unassigned device
- Administrator's workstation
- Management web plug-in
- Policies
- Policy profiles
- Tasks
- Task scope
- How local application settings relate to policies
- Distribution point
- Connection gateway
- Configuring Administration Server
- Configuring the connection of OSMP Console to Administration Server
- Configuring internet access settings
- Certificates for work with Open Single Management Platform
- About Open Single Management Platform certificates
- Requirements for custom certificates used in Open Single Management Platform
- Reissuing the certificate for OSMP Console
- Replacing certificate for OSMP Console
- Converting a PFX certificate to the PEM format
- Scenario: Specifying the custom Administration Server certificate
- Replacing the Administration Server certificate by using the klsetsrvcert utility
- Connecting Network Agents to Administration Server by using the klmover utility
- Hierarchy of Administration Servers
- Creating a hierarchy of Administration Servers: adding a secondary Administration Server
- Viewing the list of secondary Administration Servers
- Managing virtual Administration Servers
- Configuring Administration Server connection events logging
- Setting the maximum number of events in the event repository
- Changing DBMS credentials
- Backup copying and restoration of the Administration Server data
- Deleting a hierarchy of Administration Servers
- Access to public DNS servers
- Configuring the interface
- Encrypt communication with TLS
- Discovering networked devices
- Managing client devices
- Settings of a managed device
- Creating administration groups
- Device moving rules
- Adding devices to an administration group manually
- Moving devices or clusters to an administration group manually
- About clusters and server arrays
- Properties of a cluster or server array
- Adjustment of distribution points and connection gateways
- Standard configuration of distribution points: Single office
- Standard configuration of distribution points: Multiple small remote offices
- Calculating the number and configuration of distribution points
- Assigning distribution points automatically
- Assigning distribution points manually
- Modifying the list of distribution points for an administration group
- Enabling a push server
- About device statuses
- Configuring the switching of device statuses
- Device selections
- Device tags
- Device tags
- Creating a device tag
- Renaming a device tag
- Deleting a device tag
- Viewing devices to which a tag is assigned
- Viewing tags assigned to a device
- Tagging a device manually
- Removing an assigned tag from a device
- Viewing rules for tagging devices automatically
- Editing a rule for tagging devices automatically
- Creating a rule for tagging devices automatically
- Running rules for auto-tagging devices
- Deleting a rule for tagging devices automatically
- Data encryption and protection
- Changing the Administration Server for client devices
- Viewing and configuring the actions when devices show inactivity
- Deploying Kaspersky applications
- Scenario: Kaspersky applications deployment
- Protection deployment wizard
- Starting Protection deployment wizard
- Step 1. Selecting the installation package
- Step 2. Selecting a method for distribution of key file or activation code
- Step 3. Selecting Network Agent version
- Step 4. Selecting devices
- Step 5. Specifying the remote installation task settings
- Step 6. Removing incompatible applications before installation
- Step 7. Moving devices to Managed devices
- Step 8. Selecting accounts to access devices
- Step 9. Starting installation
- Adding management plug-ins for Kaspersky applications
- Viewing the list of components integrated in Open Single Management Platform
- Viewing names, parameters, and custom actions of Kaspersky Next XDR Expert components
- Downloading and creating installation packages for Kaspersky applications
- Creating installation packages from a file
- Creating stand-alone installation packages
- Changing the limit on the size of custom installation package data
- Installing Network Agent for Linux in silent mode (with an answer file)
- Preparing a device running Astra Linux in the closed software environment mode for installation of Network Agent
- Viewing the list of stand-alone installation packages
- Distributing installation packages to secondary Administration Servers
- Preparing a Linux device and installing Network Agent on a Linux device remotely
- Installing applications using a remote installation task
- Specifying settings for remote installation on Unix devices
- Starting and stopping Kaspersky applications
- Replacing third-party security applications
- Removing applications or software updates remotely
- Preparing a device running SUSE Linux Enterprise Server 15 for installation of Network Agent
- Preparing a Windows device for remote installation. Riprep utility
- Configuring Kaspersky applications
- Scenario: Configuring network protection
- About device-centric and user-centric security management approaches
- Policy setup and propagation: Device-centric approach
- Policy setup and propagation: User-centric approach
- Policies and policy profiles
- Network Agent policy settings
- Usage of Network Agent for Windows, Linux, and macOS: Comparison
- Comparison of Network Agent settings by operating systems
- Manual setup of the Kaspersky Endpoint Security policy
- Configuring Kaspersky Security Network
- Checking the list of the networks protected by Firewall
- Disabling the scan of network devices
- Excluding software details from the Administration Server memory
- Configuring access to the Kaspersky Endpoint Security for Windows interface on workstations
- Saving important policy events in the Administration Server database
- Manual setup of the group update task for Kaspersky Endpoint Security
- Kaspersky Security Network (KSN)
- Managing tasks
- About tasks
- About task scope
- Creating a task
- Starting a task manually
- Starting a task for selected devices
- Viewing the task list
- General task settings
- Exporting a task
- Importing a task
- Starting the Change tasks password wizard
- Viewing task run results stored on the Administration Server
- Manual setup of the group task for scanning a device with Kaspersky Endpoint Security
- General task settings
- Application tags
- Granting offline access to the external device blocked by Device Control
- Registering Kaspersky Industrial CyberSecurity for Networks application in OSMP Console
- Managing users and user roles
- About user accounts
- About user roles
- Configuring access rights to application features. Role-based access control
- Adding an account of an internal user
- Creating a security group
- Editing an account of an internal user
- Editing a security group
- Assigning a role to a user or a security group
- Adding user accounts to an internal security group
- Assigning a user as a device owner
- Two-step verification
- Scenario: Configuring two-step verification for all users
- About two-step verification for an account
- Enabling two-step verification for your own account
- Enabling required two-step verification for all users
- Disabling two-step verification for a user account
- Disabling required two-step verification for all users
- Excluding accounts from two-step verification
- Configuring two-step verification for your own account
- Prohibit new users from setting up two-step verification for themselves
- Generating a new secret key
- Editing the name of a security code issuer
- Changing the number of allowed password entry attempts
- Deleting a user or a security group
- Creating a user role
- Editing a user role
- Editing the scope of a user role
- Deleting a user role
- Associating policy profiles with roles
- Updating Kaspersky databases and applications
- Scenario: Regular updating Kaspersky databases and applications
- About updating Kaspersky databases, software modules, and applications
- Creating the Download updates to the Administration Server repository task
- Viewing downloaded updates
- Verifying downloaded updates
- Creating the task for downloading updates to the repositories of distribution points
- Adding sources of updates for the Download updates to the Administration Server repository task
- About using diff files for updating Kaspersky databases and software modules
- Enabling the Downloading diff files feature
- Downloading updates by distribution points
- Updating Kaspersky databases and software modules on offline devices
- Remote diagnostics of client devices
- Opening the remote diagnostics window
- Enabling and disabling tracing for applications
- Downloading trace files of an application
- Deleting trace files
- Downloading application settings
- Downloading system information from a client device
- Downloading event logs
- Starting, stopping, restarting the application
- Running the remote diagnostics of Kaspersky Security Center Network Agent and downloading the results
- Running an application on a client device
- Generating a dump file for an application
- Running remote diagnostics on a Linux-based client device
- Managing applications and executable files on client devices
- Using Application Control to manage executable files
- Application Control modes and categories
- Obtaining and viewing a list of applications installed on client devices
- Obtaining and viewing a list of executable files stored on client devices
- Creating an application category with content added manually
- Creating an application category that includes executable files from selected devices
- Creating an application category that includes executable files from selected folder
- Viewing the list of application categories
- Configuring Application Control in the Kaspersky Endpoint Security for Windows policy
- Adding event-related executable files to the application category
- About the license
- API Reference Guide
- Basic concepts
- Monitoring, reporting, and audit
- Scenario: Monitoring and reporting
- About types of monitoring and reporting
- Triggering of rules in Smart Training mode
- Dashboard and widgets
- Reports
- Events and event selections
- About events in Open Single Management Platform
- Events of Open Single Management Platform components
- Using event selections
- Creating an event selection
- Editing an event selection
- Viewing a list of an event selection
- Exporting an event selection
- Importing an event selection
- Viewing details of an event
- Exporting events to a file
- Viewing an object history from an event
- Deleting events
- Deleting event selections
- Setting the storage term for an event
- Blocking frequent events
- Event processing and storage on the Administration Server
- Notifications and device statuses
- Kaspersky announcements
- Exporting events to SIEM systems
- Scenario: Configuring event export to SIEM systems
- Before you begin
- About event export
- About configuring event export in a SIEM system
- Marking of events for export to SIEM systems in Syslog format
- About exporting events using Syslog format
- Configuring Open Single Management Platform for export of events to a SIEM system
- Exporting events directly from the database
- Viewing export results
- Managing object revisions
- Rolling back an object to a previous revision
- Deletion of objects
- Downloading and deleting files from Quarantine and Backup
- Operation diagnostics of the Kaspersky Next XDR Expert components
- Multitenancy
- Contact Technical Support
- Known issues
- Appendices
- Commands for components manual starting and installing
- Integrity check of KUMA files
- Normalized event data model
- Configuring the data model of a normalized event from KATA EDR
- Asset data model
- User account data model
- KUMA audit events
- Event fields with general information
- User successfully signed in or failed to sign in
- User successfully logged out
- The user has successfully edited the set of fields settings to define sources
- Service was successfully created
- Service was successfully deleted
- Service was successfully started
- Service was successfully paired
- Service was successfully reloaded
- Service was successfully restarted
- Storage partition was deleted automatically due to expiration
- Storage partition was deleted by user
- Active list was successfully cleared or operation failed
- Active list item was successfully changed, or operation was unsuccessful
- Active list item was successfully deleted or operation was unsuccessful
- Active list was successfully imported or operation failed
- Active list was exported successfully
- Resource was successfully added
- Resource was successfully deleted
- Resource was successfully updated
- Asset was successfully created
- Asset was successfully deleted
- Asset category was successfully added
- Asset category was deleted successfully
- Settings were updated successfully
- The dictionary was successfully updated on the service or operation was unsuccessful
- Response in Active Directory
- Response via KICS for Networks
- Kaspersky Automated Security Awareness Platform response
- KEDR response
- Correlation rules
- Time format
- Mapping fields of predefined normalizers
- Glossary
- Administrator host
- Agent
- Alert
- Asset
- Bootstrap
- Collector
- Configuration file
- Context
- Correlation rule
- Correlator
- Custom actions
- Distribution package
- Event
- Incident
- Investigation graph
- Kaspersky Deployment Toolkit
- Kubernetes cluster
- KUMA inventory file
- KUMA services
- Multitenancy
- Node
- Normalized event
- Observables
- Playbook
- Playbook algorithm
- Registry
- Response actions
- Segmentation rules
- Storage
- Target hosts
- Tenant
- Threat development chain
- Transport archive
- Information about third-party code
- Trademark notices
Removing applications or software updates remotely
You can remove applications or software updates on managed devices that run Linux remotely only by using Network Agent.
To remove applications or software updates remotely from selected devices:
- In the main menu, go to Assets (Devices) → Tasks.
- Click Add.
The New task wizard starts. Proceed through the wizard by using the Next button.
- In the Application drop-down list, select Open Single Management Platform.
- In the Task type list, select the Uninstall application remotely task type.
- In the Task name field, specify the name of the new task.
A task name cannot be more than 100 characters long and cannot include any special characters ("*<>?\:|).
- Select the devices to which the task will be assigned.
Go to the next step of the wizard.
- Select what kind of software you want to remove, and then select specific applications, updates, or patches that you want to remove:
- Uninstall managed application
A list of Kaspersky applications is displayed. Select the application that you want to remove.
Ensure that the Use uninstallation password policy setting is disabled for the managed application.
- Uninstall application from applications registry
By default, Network Agents send the Administration Server information about the applications installed on the managed devices. The list of installed applications is stored in the applications registry.
To select an application from the applications registry:
- Click the Application to uninstall field, and then select the application that you want to remove.
If you select Kaspersky Security Center Network Agent, when you run the task, the status Completed successfully shows that the process of removing started. If Kaspersky Security Center Network Agent is removed, the status does not change. If the task fails, the status changes to Failed.
- Specify the uninstallation options:
- Uninstallation mode
Select how you want to remove the application:
- Define uninstallation command automatically
If the application has an uninstallation command defined by the application vendor, Open Single Management Platform uses this command. We recommend that you select this option.
- Specify uninstallation command
Select this option if you want to specify your own command for the application uninstallation.
We recommend that you first try to remove the application by using the Define uninstallation command automatically option. If the uninstallation through the automatically defined command fails, then use your own command.
Type an installation command into the field, and then specify the following option:
Use this command for uninstallation only if the default command was not autodetected
Open Single Management Platform checks whether or not the selected application has an uninstallation command defined by the application vendor. If the command is found, Open Single Management Platform will use it instead of the command specified in the Command for application uninstallation field.
We recommend that you enable this option.
- Define uninstallation command automatically
- Perform restart after successful application uninstallation
If the application requires the operating system to be restarted on the managed device after successful uninstallation, the operating system is restarted automatically.
- Uninstallation mode
- Click the Application to uninstall field, and then select the application that you want to remove.
- Uninstall the specified application update, patch, or third-party application
A list of updates, patches, and third-party applications is displayed. Select the item that you want to remove.
The displayed list is a general list of applications and updates, and it does not correspond to the applications and updates installed on the managed devices. Before selecting an item, we recommend that you ensure that the application or update is installed on the devices defined in the task scope. You can view the list of devices on which the application or update is installed, via the properties window.
To view the list of devices:
- Click the name of the application or update.
The properties window opens.
- Open the Devices section.
You can also view the list of installed applications and updates in the device properties window.
- Click the name of the application or update.
- Uninstall managed application
- Specify how client devices will download the Uninstallation utility:
- Using Network Agent
The files are delivered to client devices by Network Agent installed on those client devices.
If this option is disabled, the files are delivered using the Linux operating system tools.
We recommend that you enable this option if the task has been assigned to devices that have Network Agents installed.
- Using operating system resources through Administration Server
The option is obsolete. Use the Using Network Agent or Using operating system resources through distribution points option instead.
The files are transmitted to client devices by using the Administration Server operating system tools. You can enable this option if no Network Agent is installed on the client device, but the client device is on the same network as the Administration Server.
- Using operating system resources through distribution points
The files are transmitted to client devices by using operating system tools through distribution points. You can enable this option if there is at least one distribution point on the network.
If the Using Network Agent option is enabled, the files are delivered by using operating system tools only if Network Agent tools are unavailable.
- Maximum number of concurrent downloads
The maximum allowed number of client devices to which Administration Server can simultaneously transmit the files. The larger this number, the faster the application will be uninstalled, but the load on Administration Server is higher.
- Maximum number of uninstallation attempts
If, when running the Uninstall application remotely task, Open Single Management Platform fails to uninstall an application on a managed device within the number of installer runs specified by the parameter, Open Single Management Platform stops delivering the Uninstallation utility to this managed device and does not start the installer on the device anymore.
The Maximum number of uninstallation attempts parameter allows you to save the resources of the managed device, as well as reduce traffic (uninstallation, MSI file run, and error messages).
Recurring task start attempts may indicate a problem on the device and which prevents uninstallation. The administrator should resolve the problem within the specified number of uninstallation attempts and then restart the task (manually or by a schedule).
If uninstallation is not achieved eventually, the problem is considered unresolvable and any further task starts are seen as costly in terms of unnecessary consumption of resources and traffic.
When the task is created, the attempts counter is set to
0. Each run of the installer that returns an error on the device increments the counter reading.If the number of attempts specified in the parameter has been exceeded and the device is ready for application uninstallation, you can increase the value of the Maximum number of uninstallation attempts parameter and start the task to uninstall the application. Alternatively, you can create a new Uninstall application remotely task.
- Verify operating system type before downloading
Before transmitting the files to client devices, Open Single Management Platform checks if the Installation utility settings are applicable to the operating system of the client device. If the settings are not applicable, Open Single Management Platform does not transmit the files and does not attempt to install the application. For example, to install some application to devices of an administration group that includes devices running various operating systems, you can assign the installation task to the administration group, and then enable this option to skip devices that run an operating system other than the required one.
Go to the next step of the wizard.
- Using Network Agent
- Specify the operating system restart settings:
- Do not restart the device
Client devices are not restarted automatically after the operation. To complete the operation, you must restart a device (for example, manually or through a device management task). Information about the required restart is saved in the task results and in the device status. This option is suitable for tasks on servers and other devices where continuous operation is critical.
- Restart the device
Client devices are always restarted automatically if a restart is required for completion of the operation. This option is useful for tasks on devices that provide for regular pauses in their operation (shutdown or restart).
- Prompt user for action
The restart reminder is displayed on the screen of the client device, prompting the user to restart it manually. Some advanced settings can be defined for this option: text of the message for the user, the message display frequency, and the time interval after which a restart will be forced (without the user's confirmation). This option is most suitable for workstations where users must be able to select the most convenient time for a restart.
By default, this option is selected.
- Repeat prompt every (min)
- Restart after (min)
- Force closure of applications in blocked sessions
Running applications may prevent a restart of the client device. For example, if a document is being edited in a word processing application and is not saved, the application does not allow the device to restart.
If this option is enabled, such applications on a locked device are forced to close before the device restart. As a result, users may lose their unsaved changes.
If this option is disabled, a locked device is not restarted. The task status on this device states that a device restart is required. Users have to manually close all applications running on locked devices and restart these devices.
By default, this option is disabled.
Go to the next step of the wizard.
- Do not restart the device
- If necessary, add the accounts that will be used to start the remote uninstallation task:
- No account required (Network Agent installed)
If this option is selected, you do not have to specify the account under which the application installer will be run. The task will run under the account under which the Administration Server service is running.
If Network Agent has not been installed on client devices, this option is not available.
- Account required (Network Agent is not used)
Select this option if Network Agent is not installed on the devices for which you assign the Uninstall application remotely task.
Specify the user account under which the application installer will be run. Click the Add button, select Account, and then specify the user account credentials.
You can specify multiple user accounts if, for example, none of them have all the required rights on all devices for which you assign the task. In this case, all added accounts are used for running the task, in consecutive order, top-down.
- No account required (Network Agent installed)
- At the Finish task creation step of the wizard, enable the Open task details when creation is complete option to modify the default task settings.
If you do not enable this option, the task will be created with the default settings. You can modify the default settings later.
- Click the Finish button.
The wizard creates the task. If you enabled the Open task details when creation is complete option, the task properties window automatically opens. In this window, you can specify the general task settings and, if required, change the settings specified during task creation.
You can also open the task properties window by clicking the name of the created task in the list of tasks.
The task is created, configured, and displayed in the list of tasks at Assets (Devices) → Tasks.
- To run the task, select it in the task list, and then click the Start button.
You can also set a task start schedule on the Schedule tab of the task properties window.
For a detailed description of scheduled start settings, refer to the general task settings.
After the task is completed, the selected application is removed from the selected devices.
|
See also: |