Kaseya Community

Credential might be invalid. Patch file downloaded but failed to execute.

This question is not answered
The subject is the problem. I've checked credentials. All test ok. Everything else works correctly. The credential is an administrator. Further information (That may be pertinent): PC is running Windows 7 (Domain workstation) System is behind a proxy. I have setup proxy on the file source. (Files download correctly.) I have not given the credential user proxy access, instead putting microsoft etc into the allowed domain (no login required). I've also added kaseya.net. I've ensured that microsoft is both 80 and 443 ports. Things I've noted in proxy logs: 1) www.msftncsi.com is being denied. Is this needed by Kaseya (Calls to it appear to occur at same time as patch scans) 2) verisign.com is being denied. Is this needed by Kaseya? ----------- Obviously, I'm trying to keep things fairly locked down and don't want to open things any more than I have to, further, I don't want to give the credential unfettered net access. Any further tests/ideas welcome. Dave
All Replies
  • resolved issue (1).  msftncsi.  This is the 'keep alive' indicator for Vista/Win 7.  It probes a text file on this site (owned by microsoft).  If it finds this file, then it puts a pretty little picture of earth on your network connection indicator.

    If you set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\EnableActiveProbing to 0, the OS will no longer probe for internet connectivity, but you also lose the pretty 'earth' graphic.

    So there you go..  Now for issue (2).  Do I need verisign for patching purposes?

  • Still ongoing issues.

    Found that the problem has 'spread'.  It's definitely occuring on several XP stations.

    Have confirmed that the user being used in the credential can login, download the patch and execute the patch with no errors.

    Have found that the kpmchk.exe file is a kpmchkbad.txt (or whatever it is exactly).  Interestingly, it's a 403 error at the top of the page pre-pended to the exe file.  If you chop of the error at the top and rename the file to .exe it executes normally.  So, why does it download the file, rename it and prepend it with a HTTP error?

  • Hello Dave.

     

    I've just exact the same problems with kpmchk.exe - do you have found any solution?

    See my post http://community.kaseya.com/xsp/f/30/t/14290.aspx

     

  • The answer to this mysterious issue lies in the KB article:

    community.kaseya.com/.../patch-test-fails.aspx

    I discovered that if you verified access with the user account in Set Credential and you can successfully download vsaupdate.kaseya.net/.../kPmChk.exe from the endpoint, just delete kPmChk.exe from the endpoint's PATCH SERVER.

    Once they get stuck, they seem to be stuck forever, but I am going through about 100 of these today and the fix works every time.

    Cheerio!