Quest KACE Release Notes

KACE® Systems Management Appliance 11.0

Release Notes

Table of Contents

Quest® KACE® Systems Management Appliance 11.0 Release Notes................................................ 3

About KACE Systems Management Appliance 11.0...................................................................... 3

New features and enhancements....................................................................................................3

Enhancements................................................................................................................................. 5

Resolved issues...............................................................................................................................5

Known issues.................................................................................................................................10

System requirements..................................................................................................................... 11

Product licensing............................................................................................................................12

Installation instructions...................................................................................................................12

Prepare for the update...........................................................................................................12

Update the KACE Systems Management Appliance server using an advertised update...... 13

Upload and apply an update manually.................................................................................. 14

Post-update tasks.................................................................................................................. 14

Verify successful completion..........................................................................................14

Verify security settings................................................................................................... 15

More resources.............................................................................................................................. 15

Globalization...................................................................................................................................16

About us.........................................................................................................................................16

Technical support resources..................................................................................................16

Legal notices.......................................................................................................................... 16

KACE Systems Management Appliance 11.0 Release Notes

2

Quest® KACE® Systems Management

Appliance 11.0 Release Notes

This document provides information about the KACE Systems Management Appliance version 11.0.

About KACE Systems Management Appliance 11.0

KACE Systems Management Appliance is a virtual appliance designed to automate device management,
application deployment, patching, asset management, and Service Desk ticket management. For more
information about KACE Systems Management Appliance series, go to https://www.quest.com/products/kace-

systems-management-appliance/. This release contains a number of new features, resolved issues, and security

enhancements.

NOTE: This is the only document that is translated for this release, however the localized variants do not



include information about resolve issues, enhancements, and known issues. Other guides, such as the
Administrator Guide and in-product help are not localized at this time, and version 10.2 documents are
included.

New features and enhancements

This release of the KACE Systems Management Appliance includes the following features and enhancements.

Patching

• Windows On-demand Deploy for patches: The appliance supports a new patch schedule type that allows
end users to trigger a deploy action using a tray icon.

• Security Dashboard: A new Security dashboard enables a much easier understanding of the patching
state of the devices in inventory.

• Patch Schedule Wizard and Patch Results: This version includes a new workflow for creating patch
schedules, and presents patching results in a way that is easier to understand.

Device security

• Device security improvements: Security improvements are added in this release, such as agent
quarantine measures, to provide more options for securing the communication channels, including auto­assignment to organizations based on tokens.

◦ The appliance can now distinguish between the agents connecting externally (outside the firewall) and

those connecting internally. In addition to the existing behavior of listening on port 443, the appliance
also listens on port 52230 for agent connections only. Using a split DNS configuration and configuring
the firewall to forward external port 443 to port 52230 on the appliance, you can identify agents as
being internal or external.

KACE Systems Management Appliance 11.0 Release Notes

New features and enhancements

3

To allow exposing the appliance to the internet and maximize security, port 52230 does not allow
access to the appliance's web interface. If you want to have outside access to the appliance’s web
interface, then do not configure 443 to 52230 port forward on the firewall.
For more information, review this Knowledge Base article: https://go.kace.com/to/k1000-external-

agent-port.

• General server security enhancements: The appliance includes several security enhancements in this
version. Appliance user interface hardening along with agent tunneling and quarantine allow for a much
more secure deployment, inside or outside of the demilitarized zone (DMZ).

NOTE: Communication between the KACE Agent and the appliance occurs over a proprietary KACE



tunnel which is encrypted using the TLS 1.3 protocol. The agent sends and receives unencrypted data
through the TLS 1.3-encrypted KACE tunnel.

KACE GO app

• Ticket approval: You can now approve Service Desk tickets in the KACE GO app.

• HTML editor: An HTML editor is added to the Summary, Resolution, and Comments ticket fields, helping
you to improve the readability of entered contents using common formatting tags.

Administrator Console

• Embedded videos: Starting in this release, the slide-out help allows you to browse through any available
training videos associated with the current page. You can play a video on the help pane, in a smaller
window outside of the page, or on the target Knowledge Base page that hosts the video.

• Improved left-side navigation: Selecting an item in the left pane now only expands the menu, without
opening the page associated with the top item. You can also expand multiple top-level menus at once,
allowing you to better understand the product.

• Custom logos: Customer-provided appliance logos can now be defined in the Administrator Console and
the System Administration Console.

• Background color for a custom login portal: Login portal background color can now be customized for
all user interfaces.

NOTE: The color chooser is not supported in Internet Explorer 11.



• Automatic organization selection at login: Each organization-specific Administrator Console and User
Console can be accessed directly using virtual IP or host name configuration. This allows users to bypass
organization selection at login.

Service Desk

• Ticket template improvements: A new layout is added to Service Desk ticket templates, helping you
better organize the ticket contents if the template includes fields of variable height. You can also break up
ticket contents into separate sections using a separator.

• Embedded images and screen shots in ticket fields: You can now include images and screen shots in
the ticket Summary and Comments fields, allowing you to better communicate ticket-related issues.

• “Take this ticket” shortcut: The Tickets list page includes a new control that you can use to quickly assign
a ticket to yourself.

• Process ticket improvements: You can quickly create a process ticket by email for an existing process
template by specifying the process template name in the Subject field. You can also schedule ticket
processes to begin on a specified recurring schedule.

NOTE: In previous versions, ticket archival schedules allowed you to select None as the schedule option.



This option is removed in this release and if you previously had any ticket archival schedules using this
option, after the upgrade, they will be automatically updated to run every day.

KACE Systems Management Appliance 11.0 Release Notes

New features and enhancements

4

Other features

• Credential manager updates: LDAP Label configurations can now use the Credential Manager to store
and share credentials.

• Ability to add categories to scripts: Each script may be sorted or filtered by an assigned custom
category.

• New VMware widgets on the Inventory dashboard: The following widgets are added to the Inventory
Dashboard: VMware Device Counts, VMware ESXi Version Counts, VMware Device Reports, and VMware
ESXi Device By Status.

• New OS support: This release includes support for CentOS 6 to 8.

NOTE: Charlie Root emails generated by the appliance did not contain useful information and often lead to



confusion. For that reason, these emails are no longer generated and sent to the administrator. For more
information, see K1-21001 in Resolved issues.

Enhancements

The following is a list of enhancements implemented in this release.

Enhancement Issue ID

It was not possible to allow Credentials specific access through Roles. K1-20924

FTP/SFTP offboard backup improved performance and Public Key Authentication for
SFTP.

Managed OS widget in Dashboard did not display version number. ESMP-6448

Customize User Fields is now accessible through the Choose Action menu on the
Users list page.

It was not possible to reset history settings to default values. ESMP-5916

Agentless support for vSphere 7.0 is added in this release. ESMEC-3557

ESMP-7444

ESMP-6113

Resolved issues

The following is a list of issues resolved in this release.

Resolved issue Issue ID

Offline appliance could not to run patch detects with version-check failed errors. K1-21171

Workspace ONE Discovery/Inventory did not respect user domain provided in the
credentials.

K1-21145

Windows Feature Update could report that it was not applicable because user locale
is set as non-English.

KACE Systems Management Appliance 11.0 Release Notes

K1-21101

Resolved issues

5

Resolved issue Issue ID

Unknown user rejection email was not be sent in some cases. K1-21081

POP3: Failure to process one email could prevent further emails from being

K1-21077

processed.

Reset tries in the Windows Feature Update Catalog Detail page did not work as

K1-21074

expected.

Ticket load time performance was sometimes degraded with many associated child

K1-21073

tickets.

Replication Share Inventory did not run after regular agent inventory in some cases. K1-21070

When using Office 365 with OAuth, an Invalid header value detected message could

K1-21066

be seen when the display name contains Unicode characters.

Some Dell Updates did not appear in the list of available updates in the Administrator

K1-21053

Console, even though they did exist on the appliance.

Service Desk Templates: Conditional Logic involving Owner and null usage did not

K1-21050

work as expected.

Windows Feature Update could fail on lower specification systems if any of the

K1-21048
individual steps during the update itself exceeded the global agent process time out
set in the appliance.

Hyperlink to archived/merged tickets was sometimes incorrect, causing an error. K1-21043

Re-enabling appliance backups could give an incorrect error message. K1-21041

An email sent to a Service Desk queue with multiple addresses in the To line could

K1-21036
produce unexpected results.

The   character was not decoded correctly in Gmail messages when using

K1-21035
OAuth.

MSG files uploaded to Attachment type Asset Fields open in browser instead of

K1-21033
downloading.

Windows Feature Update payload files for unsubscribed locales could be incorrectly

K1-21031
downloaded.

Asset Import schedule creation or modification inserted blank/duplicate rows in

K1-21026
IM_CRON.

SFTP full path was not retained when editing an existing asset import schedule. K1-21015

With multiple NICs, using Add to SDA Boot Action on a device sometimes did not

K1-21011
work as expected.

K1000 Discovery Completed email is missing the schedule name in the body. K1-21010

KACE Systems Management Appliance 11.0 Release Notes

Resolved issues

6