1 of 1 people found this helpful
It sounds like you have the proactive protection turned on with the setting at prompt. This isn't really a landesk issue since Kaspersky is doing what you told it to do and warn you of applications that are trying to make changes to the system.
Either disable these settings temporarily or configure the exclusions so that it doesn't alert on the installation of the landesk agents.
It's the same thing as firewalls etc, if you proactively defend against things that you don't know about, then you will need to proactively exclude things you do know about and actually want to install.
first, i uninstall the client on the PC,
and , Stop all protective functions of the kaspersky v6.0 by its menu, and quit it. On task manager, i could see the avp process disappeared.
Then reinstall the client, the installation running OK.
And restart the Windows, the hardware and software inventory could see on the core server.
But the custom form (*.frm) didnot install on the client, if running the custom form on the client, it would pop up the warning message of "error path or not found the custom form".
And another error was found, when i try to remote control the client from core server, it couldnot connect, just warning the TCP connection failed and try UDP, need username and password. but from the client running remote desktop to login core server on port 3389, everything is OK. so the problem still was in the landesk client.
Any solution for these?
First, for your custom data forms issue, verify that the following executable can be found on the client:
If it isn't there, it could be that it wasn't included in the agent configuration or maybe the installation files were corrupted. Try to create a brand new agent configuration and deploy it to your client(s). If the executable is there, could it be a problem with your shortcut?
Second, LANDesk does not use port 3389 for remote control. That is the port for Microsoft's RDP. Before trying to establish a remote control session, the core will do a CBA ping (port 9595) to confirm the client is up and that the remote control components were installed on the remote agent. From the core, open a browser and try to get to http://RemoteClientIP:9595. If you see a "LANDesk Management Agent" banner, then it probably means that your remote control components are not installed properly. This could also have been caused by a corrupt installation, so (similarly to the CDF issue above) you will need to create a new agent configuration and re-deploy it to your client(s).
Refer to this article for a complete list of ports used by LANDesk.
maybe you misunderstand my question.
1. the custon form
LDCSTM32.EXE is in the folder, but *.frm not here. so it canbe running, but popup warning message for path error.
I try to run LDCSTM32 by LDCSTM32 /fe /I="[file://server/.frm]" , then the warning message became to "c:\program files\landesk\LDClient\//server/.frm" not found. and when i copy the form files from server to the folder c:\program files\landesk\LDClient, LDCSTM32 runs OK, the custom form opened.
so I guess maybe LDCSTM32 only check folder c:\program files\landesk\LDClient, if there are form files (*.frm) , it will take it, if there is no one, it popups warning.
2. the remote control
because i can run the inventory scan successfully on the client or from the server, so the client maybe some ok. but i cannot run the remote control from server, and the server warning the TCP remote connect is failed, try UDP connection, then it popup a window need username, password & domain name.
so it seems the ISSUER.exe on the client not running normally, but i am not sure.
And i am very confused for these situations.
When you create your client, you decide if it will automatically update forms or if the update (sending of forms) will be manual. It sounds like you have manual. Therefore, every form you create you must schedule out as a scheduled task to distribute it to the machines you will want to complete the form. This is the way it makes it into the LDClient directory.
Lets make certain you have remote control installed, make sure there is a LANDesk Remote Control service installed. If there is then you are probably seeing one of the following issues:
The console cannot see the client
Is the client physically on your network with a valid IP address or is it hidden behind NAT?
Do you have a firewall running that may be blocking Remoe Control traffic?
The console cannot locate the client's IP address
Is name resolution for that device name working correctly? If you ping from the console to the client do you see it successfully ping the device on the correct IP address?
If name resolution is not accurate, then tell your console to use IP address to connect and it will use the last IP address for that device recorded in the inventory (as long as it is correct)
You don't have the correct Remote Control configuration
What settings for remote control security do you have in your client configuration? What is the security model and have you been granted remote control rights?
As i redo my steps carefully, i found the problems was still there.
1. on the core server, i created the client configuration with custom form packed in it, and set the custom form update-state at manual. Then, i created the self-extract exe file by the client configuration.
2. copy the exe file of detail-status client to the PC, and run it to install the client, and check the detail installation information.
3. when i install the client on the PC with only WIN2000, i found custom form(*.frm) was in the landesk client folder (C:\Program Files\LANDesk\LDClient) . so the form has installed with the client, it does not relate to the update-state setting (autoupdate or manual).
But on the PC with kaspersky v6.0, the result is not like this. The form (*.frm) does not be installed with the client, although the installation seems OK with no warning popup and all the protective functions of kaspersky are closed .
So, the kaspersky maybe block the form installation and also the remote client units. This is a not good thing to deploy landesk to PCs with kaspersky v6.0.
Landesk should give a better way to avoid such antivirus software blocking.
The remote control issue could be different things. If you have integrated security the domain, username, and password dialog will pop up when you are logged into your machine as one user and into the console as a different user. Integrated security is the default for remote control. When you try to remote control it will use the username and password of the user who is logged into the machine, not the console. So if you are logged into your computer as a different user than the user you logged into the console with, it will fail like you're seeing now. That is, if the user you've logged into the computer with does not have ldms rights for remote control.
Thanks basay for your answer about remote control.
But my problem is, i took the remote control operation from the server directly, so i used the administrator account to logon the server, also the same account to logon LDMS. But cannot access some special client PCs, not every PC.
So i guess the client on these PCs donot run normally, especially the process ISSUER.exe maybe not run well.
And i check these PCs compared with othe good PCs, could not find any difference except the kaspersky 6.0 on these PCs.
So maybe it blocks some components of LDMS client to be not installed correctly.
The same will happen to a client staion with a LANDesk agent already installed when Kaspersky is installed. To correct this you must alter Kaspersky firewall settings on the client station. Create a rule for each LANDesk component you intend to utilize and use the Allow All template rule. It only takes a few moments and works perfectly.