Kaseya Community

Agent Not Embeding Admin Credentials

This question is not answered

So I used Kaseya agent wizard to create an agent that already has admin credentials saved into it. I then email out the link to a number of very remote staff who are suppose to be able to click the link, download the exe, and install it all with out having to be a local admin or enter admin credentials. We don't allow our staff to be local admins over their own machines so if they get prompted for an admin name and password they won't be able to install the agent. I've opened a support request but I keep getting a "we have sent it to engineering" response every few days. 

Has anyone else seen this and found a way around it? I was under the impression that adding the admin credentials during the package creation was suppose to encrypt them into the exe so that non-admin staff could install with out needing a admin level permissions. 

All Replies
  • Hello Drumpat01,

    hahah.. when I read your "We have sent it to engineering" answer you got from the Kaseya Support, I smirked (sorry).

    Unfortunately those are the only answers you get (in different forms), but I also received deceiving / wrong answers, I was asked for money, and I was asked "How did you resolve it by yourself?" but never EVER I had one of my ticket resolved.

    I don't bother making support tickets any longer, today I asked them to close the last ticket un-resolved after 28 days in the Void. It is utterly useless.

    To be honest there are 2 guys (one is Nicolas Ponce) that are actually helpful and try their best, but they can't do everything and they are only hovering in those forums.

    If they see your message they may be your only hope in my opinion.

    My personal take on your issue is that if your users are not local administrators of their own machine the UAE will block you no matter what. This is the purpose of the UAE and unless it is deactivated it will continue to block your setup. That is unless there's some magic I am not aware of.

    We have the same approach for our user access to their machines (actually we go even further and do not even allow non white listed processes :-) ) but we pre-install kaseya before we deploy a machine so we don't have your problem but here are some ideas:

    You could create via Login Script that creates a temporary Task in the Task Scheduler that would execute the Kaseya Setup running from a specific directory.

    You would then ask your users to simply copy the file in that particular place the Task expects to find the setup.

    Tasks can be created so that they bypass UAE and can run as Administrator with the provided credential.

    Check the SchTasks command for some Syntax

    I believe Programs that work to embed a password into an exe such as RunAsBob

    www.robotronic.de/runasroben.html

    Employ a similar technique.

    If you have an RRAS available where your remote user can connect to, you may ask them to connect to it and try to deploy using GPO.

    Let me know if you found a better way.

    Best Regards