Kaseya Community

KAV: Configuration is out of compliance with profile.

This question is answered

Hello Community!

I got on several machines the red mark with means "Configuration is out of compliance with profile.".

But i see not any information, what does it mean or which components are out of compliance and how to fix it?

Any idea?

Verified Answer
  • As we go forward with the KAV module, we are finding a number of places in the xml files that are compared (flag is set when a difference in the files is found) that are not controlled by the profile.  We have been working to exclude more of these entries, and will continue to add exclusions going forward.  

    Long term, the hope is to have the flag only display on portions of the configuration that are managed via the profile, thereby eliminating false positives on the out of compliance flag.

    Travis

    Kaseya Support

All Replies
  • Kai,

    This has been hot-fixed, please download latest hot-fixes.

    Regards

  • My system has a hot-fix problem then, because I have this issue also

  • @Paul: Thanks for that information. But how it is solved? How can i prevent that customers can change settings?

  • As we go forward with the KAV module, we are finding a number of places in the xml files that are compared (flag is set when a difference in the files is found) that are not controlled by the profile.  We have been working to exclude more of these entries, and will continue to add exclusions going forward.  

    Long term, the hope is to have the flag only display on portions of the configuration that are managed via the profile, thereby eliminating false positives on the out of compliance flag.

    Travis

    Kaseya Support

  • Hello Travis.

    Sounds great. But how can i prevent that something on the client-side changes? How can i prevent that users change anything?

  • Kai,

    The option on install to specify a password was put in place to set a custom password for any changes via the Kaspersky UI on the endpoint.  With the password set, any change to the configuration via the endpoint will prompt the user for the password when attempting to apply the changes.  

    Regards,

    Travis

    Kaseya Support

  • My problems have been mostly fixed by running Verify Install on the endpoints with the compliance flag. I have had the flag come back in one or two cases. Re-verifiying always had eliminating it thought.

  • I would like to see a reason why it is out of compliance.

    Some soft of explanation would be great, right now yes the profile does not match but is a setting on, off, etc. A comparison or what has changed might be good.

  • @Travis: Please see the following screenshot:

    In that UI it is described as PASSWORD for UNINSTALL. Not as password for protect the UI. Where can i set the password for prevent changes to the configuration?

    And second i agree the others here - it would be really normal to see what is changed at the endpoint, the information that something changed only isn't helpful.

  • It protects the UI (client) also. This area is pretty rough. From my information this also covers some areas (XML) that can't be changed by the KAV console, I have endpoints that are fine for a while after verifying, but then this comes back.

  • If you go down to the endpoint and open the kav temp folder (typically c:\kworking\kav) you would find 2 xml files: status.xml and AVPSettings-last.xml

    Note the date stamp of these 2 files. the status.xml file is generated every 3 minutes from Kaspersky based on the settings in the configuration at that exact moment. AVPSettings-last.xml is generated when you assign profile to that endpoint (in the same way).

    If we find these files differ in any way - we show you the flag about profile compliance. You can go to the endpoint and compare the files to see what is different

    As Travis wrote, over time we're finding situations where even though the user didn't manually make any changes, Kaspersky is still showing something different at some point. We're trying to fix all of these cases, but in the interim you can review these files and send them to us if you see something that shouldn't be there.

    It is also possible that your user found a way to make a change if they know the password. You can change the password during installation (from the default one that was posted on these forum in the past) to make it less likely users will make changes.

    Hope this helps.

    Inbar.

  • This issue still occurs a year later

  • I must say, KAV is the worst piece software ever integrated into Kaseya. Management rarely works, when installation fails it does not tell you why; there is a checkbox to remove conflicting AVs or application and this never works. Licensing is a mess.... the list just goes on and on and on and on like the energizer bunny

  • Bump - anyone figure out how to not have to keep reapplying KAV Profiles?

  • Our solution was finally to dump the thing in the end.

    I feel pretty bitter about it - I was the guy shouting about all of the advantages. I ended up looking pretty stupid, and I can't say that it's helped my professional standing at work. Or with my clients!

    It's a good product, but the integration was a complete PoS!

    There are still some KAV installs left unfortunately. I had to remove it from a server yesterday as KAV had run up over 100GB of log files - completely toasting it.