New features in VSA - Kaseya 2 (v6.0.0.0) – 2 February 2010


The module tabs and function lists have been combined into a single expandable-collapsible explorer like navigation pane.

Selector Pane

Many Kaseya 2 VSA functions display a middle pane to select one or more records. The middle pane can be scrolled, filtered and sorted independently from any other pane. A menu bar displays just above the selector pane. Typically the menu bar can add, edit or delete a selected record in the selector pane, based on the type of data and the user's access rights.

Folder Trees

Certain functions display a folder tree in the selector pane (middle pane). The folder tree is used to navigate, select and share user defined objects. The following functions use folder trees:

  • Logon Page
  • Agent Procedures
  • Monitor Sets
  • SNMP Sets
  • Reports
  • Report Sets
  • Service Desk Procedures

Folder trees are typically organized beneath a Private cabinet and a Shared cabinet. Service Desk Procedures, Monitor Sets and SNMP Sets only have Shared cabinets.

Share Rights

If an object is defined within a folder tree, share rights are assigned by tree folder, not directly by the object within the tree folder. If you drag and drop an object to a new shared folder, the shares rights to that object are changed to the reflect the new folder the object is in.

  • Some objects exist outside of folder trees that can be assigned share rights directly.
  • Private folders or objects are normally only visible by the user who create thems. (See Preferences below for an exception to this rule.)
  • Shared folders or objects can be shared by role or user.
  • Share rights include Execute, View, Edit, Create, Delete, Rename, Share
  • Master users can take ownership of a shared folder or object. This feature provides complete access to the folder or object, regardless of assigned shared rights.

View Pane

Many Kaseya 2 VSA functions display a third pane on the right hand side of the screen. The third pane is designed as a series of tabbed views, providing quick access to each property or data view no matter how complex a function might be. A menu bar displays at the top of each tabbed view. The tab menu bar lets you perform typical actions related to the view, such as assign or remove child records or save changes to just one tabbed view. Views can have multiple regions. Each region can be expanded/collapsed independent of any other region. Additional instructions display, when appropriate, for each tabbed view.

Enhanced User Control Objects

Many of the controls in the new user interface allow you to right click and select additional options. Each control displays its own tooltip. Column headings, unless otherwise restricted, let you sort and filter row data as a standard capability as well as show and hide columns in the table. Table grids are "lively" meaning they can be stretched or narrowed by dragging the object's borders.


You can bookmark any item on the navigation pane. If you work with the same set of items each day, this can save you navigation clicks.

Color Schemes

You can change the look and feel of Kaseya 2 VSA using Color Schemes. Changing color schemes changes the colors displayed by Kaseya 2 VSA panes and dialog boxes. These color schemes are set independently of themes in the Windows operating system and are set by user preference.

Site Customization

The legacy 5.x Customization function has been redesigned and renamed Site Customization. Three tabs provide options for customizing the Kaseya 2 VSA user interface:

  • Logon Page
  • Site Header
  • Agent Icons

Application Logging

A new function called Application Logging controls the logging of application activity on the application server. This function is only visible to master users. This is mostly used by Kaseya technical support to investigate MessageSys service activity.

Outbound Email

A new System >Outbound Email page maintains settings for routing outbound email generated by the KServer to a host email server. The host email server accepts outbound email and delivers it to recipients on your behalf. If the email server host requires authentication you can include a username and password. These settings are typically set during the install process. You can modify them after the install using this page. Previous to Kaseya 2 VSA a smart host had to be configured on the KServer's IIS Default SMTP Virtual Server after the VSA was installed to perform this same function.

Legacy Integration

Existing 5.x legacy functions display inside the new user interface. These legacy functions look the same and are used in exactly the same way as they were before. This means you can easily transition into the new Kaseya 2 VSA user interface without having to learn how to use each function all over again. Kaseya is committed to migrating selected modules and functions in phases on a case by case basis.

Info Center

The Home module has been renamed the Info Center. The Info Center module serves as the business intelligence center for Kaseya 2 VSA.


The Info Center includes a new function called the Inbox. The Inbox holds messages generated by other users or by Kaseya 2 VSA. Much like email, you can use it as a method of system notification or to communicate with other VSA users.


The Reporting folder, located inside the Info Center module, replaces the previous Reports module in 5.x. All reports generated by Kaseya 2 VSA are located in this folder. All reports share a common definition and scheduling user interface. The Reporting folder comprises three functions:

  • Reports - Defines and schedules reports.
  • Report Sets – Defines and schedules sets of reports. Useful for running the same sets of reports periodically.
  • Report Scheduling – Displays and provides access to each report, based on user access rights.

Defining reports and reports sets includes enhanced output options and specialized parameters for each type of report. Scheduling reports and report sets include enhanced options for filtering and distribution. Reports are delivered to each recipient's VSA InfoCenter > Inbox and/or email address.


Organizations and organization types are being introduced in conjunction with User Security. Typically an organization is a customer, but an organization could also be a business partner.

  • Machine groups are child records of organizations.
  • Organizations have child records called departments. A department is a division within an organization.
  • Departments have child records called staff members. Staff members are independent of machine ID accounts, although the two can be associated with each other.
  • Organizations can be child records of other organizations.

Note: Upgrading to Kaseya 2 VSA from 5.x or 4.x creates organization records for you. The upgrades associates the newly created organizations with the appropriate machine groups. You are asked to carefully consider which one of two methods to use to make the associations during the install of Kaseya 2 VSA.

User Security

User access control has been enhanced by adopting a matrix of permissions called roles and scopes.

  • Users are created using a function called Users.
  • Access to machine groups and machine IDs are controlled by Scopes. Scopes also control access to several new data objects: organizations, departments, staff members and service desks.
  • Function access remains controlled by User Roles. Function access is far more granular. You can control access to each control within a function by role.
  • Roles and scopes are defined independently of each other.
  • A user must be assigned to at least one role and one scope.
  • Only one role and one scope can be active for a user at any one time. You select the active role and scope using the selector panel at the top right corner of the screen.
  • Machine Roles determines access to Live Connect functions on a per machine basis.

Note: Upgrading to Kaseya 2 VSA creates the appropriate role and scope records for you.

Live Counter

The legacy function Monitor > Live Connect has been renamed Live Counter to distinguish it from the new Live Connect function described below.

Live Connect

Live Connect is a significantly enhanced single-machine-interface that goes beyond the Machine Summary page. Double-click any check-in icon next to any machine ID in the VSA and a Live Connect window opens. The Live Connect window displays the following menu options for the selected machine ID when the agent is active:

  • Home
  • Agent Data
  • Audit Information
  • File Manager
  • Command Shell
  • Registry Editor
  • Task Manager
  • Event Viewer
  • Ticketing
  • Chat
  • Desktop Access
  • Video Chat

Machine Summary

The legacy Machine Summary single-machine-interface window is now displayed by Alt+Clicking the check-in icon next to any machine ID.

Portal Access

The User Access and Edit Profile functions have been removed from the Ticketing module. Both are still found in the Agents module. Agents > User Access has been renamed Portal Access.


Kaseya 2 VSA uses the term procedure instead of script. Both serve the same purpose of automating tasks. Here are some differences between procedures in Kaseya 2 VSA and scripts in earlier versions of the VSA.

  • Agent Procedures Module - The Scripts module in 5.x and earlier has been renamed the Agent Procedures module, making it clear that these procedures target agents.
  • Non-agent procedures - In contrast, new procedures in certain modules such as Service Desk do not necessarily target a particular agent or machine group. These non-agent procedures are run by the KServer and target other types of records.
  • Module-specific procedures are listed with each module - For example, Service Desk has six types of procedures used to automate Service Desk business processes. Since these procedures apply only to Service Desk, they are listed in the Service Desk module instead of the Agent Procedures module.
  • Procedures serve dedicated purposes - In earlier versions of the VSA you could run any script from any function that allowed you run a script. In contrast, the procedures in Kaseya 2 VSA can only be selected if they are designed from the beginning to support a particular function. For example, each procedure drop-down selection list in Service Desk configuration tables only shows procedures of the appropriate type for that drop-down list.
  • Specialized IF-ELSE options - Each type of procedure provides only the subset of IF-ELSE commands available that make sense for that type of procedure. This guides users to workable procedure solutions faster.
  • Events-based vs Scheduled - Types of procedures can be distinguished by whether they run immediately (event-based) or run a specified time after an event has occurred (scheduled).
  • Procedure Editor - The script editor has been replaced by a new procedure editor that lets you drag-and-drop IF and STEP commands in a procedure. All of the previous commands available in 5.x have been preserved.
  • Import and Export – Procedures can be exported and imported as XML files. Scripts created prior to Kaseya 2 VSA can be imported.

Agent Procedure Commands

  • Added an Update System Info command. Updates the selected System Info field with the specified value for the agent this procedure runs on.
  • Added "Begins with" and "Ends with" arguments to the following IF commands: Test File, Test File in Directory Path, and Check Variable.
  • Added a "Prompt When Procedure is Scheduled" argument to the Get Variable command. Enables a VSA user to enter a different value each time a procedure is run.
  • Added five new 64-bit only commands and one new 64-bit parameter:
  • Check 64-bit Registry Value
  • Test 64-bit Registry Key
  • Delete 64-bit Registry Value
  • Delete 64-bit Registry Key
  • Set 64-bit Registry Value
  • 64-bit Registry Value parameter in the Get Variable command

Update System Info Command

A new Update System Info command has been added to Agent Procedures. This command enables you to use an agent procedure to update any column in the vSystemInfo database view except the agentGuid, emailAddr, Machine_GroupID, machName, and groupName columns. vSystemInfo column information is used by Audit > System Info, Agent > System Status, the Filter Aggregate Table in View Definitions, and the Aggregate Table report. You can update a System Info field using any string value, including the value of any previously defined agent procedure variable.

Validation Error Feedback

Kaseya 2 VSA provides enhanced validation feedback. If a field validation error occurs, the field is highlighted with a red border. A red exclamation icon displays next to the field. Hovering the mouse over the icon displays the message describing the field validation error in detail.

Database Views

  • Added new vPatchConfiguration database view to provide access to machine patch configuration data.
  • Updated vPatchStatus for v6.0 changes
  • Added vAddRemoveList - Add/remove application list returned by the latest audit.
  • Added vUptimeHistory - Data collected for the uptime history report. Use in conjunction with the getMachUptime web service.

Multiple Agent Installation

You can now install multiple agents on a single machine from different Kaseya Servers. The new agent can update the existing old agent using the Update Agent page, or install the new agent side-by-side with existing old agents.


  • You can now set the delay used before displaying detail information when hovering over the information icon . If you find tickets are popping into the preview window too quickly for you when on the View Tickets page, extend this value. The default is 500 milliseconds.
  • A new checkbox Show shared and private folder contents from all users enables master administrators only to display all private folders and their contents.


A single, consistent Scheduler window has been implemented across the entire VSA for the scheduling all tasks. Schedule a task once or periodically. Each type of recurrence—Once, Hourly, Daily, Weekly, Monthly, Yearly—displays additional options appropriate for that type of recurrence. Periodic scheduling includes setting start and end dates for the recurrence. Execution options include:

  • Distribution Window - Reschedules the task to a randomly selected time no later than the number of periods specified, to spread network traffic and server loading.
  • Skip if offline - If checked and the machine is offline, skip and run the next scheduled period and time. If blank and the machine is offline, run the task as soon as the machine is online again.
  • Power up if offline - If checked, powers up the machine if offline. Requires Wake-On-LAN or vPro and another managed system on the same LAN.
  • Exclude the following time range - If checked, specifies a date/time range to not perform the task.

Note: Certain options may be hidden, depending on the specific task being scheduled.

Patch Management

Added the ability to load a machine's settings into the configuration options in the control frame of selected functions. This allows the user to click an icon next to the machine name to copy that machine's configuration into the input controls in the control frame of that page to make it easier to add/change machines' settings to be like a specific machine. This feature has been added to:

  • Pre/Post Procedure
  • Reboot Action
  • File Source
  • Patch Alert (if an alert is configured)

Patch Mgmt > Patch Scan

When a new agent is created, a new set of agent procedures (Initialize Patch Scan) will automatically be scheduled. These agent procedures will determine if Windows Installer 3.1 has been installed, install it if it does not exist, and then update the database for the machine to simplify the selection of the appropriate patch scan script when scheduled by an admin.

  • Beginning with this version, Windows 2000 SP3, Windows XP (RTM), and Windows XP SP1 will be able to use the WUA Patch Scan rather than the Legacy Patch Scan. The only prerequisite is that Windows Installer 3.1 has been installed on the machine. The next scheduled patch scan will determine if these machines are eligible to use the WUA Patch Scan and will automatically transition these machines as appropriate. Only the patch scan data and scan engine is changing. Microsoft no longer supports these systems, so there still will be no new patches available for these systems.
  • Beginning with this version, the Office Detection Tool (ODT) scan will only be used to identify Office 2000 updates when called from the WUA Patch Scan agent procedures. All other Office updates will be identified from the Microsoft Update Catalog via the WUA Patch Scan. The ODT Scan agent procedure will still be observed as being executed, but the actual scan will only occur if Office 2000 or any of its component applications exist on the machine. Microsoft no longer supports Office 2000, so there will be no new patches available for the Office 2000 applications.
  • There is a delay of several minutes from the time the patch scan scripts are executed on a machine until the patch scan results are actually processed and the results are visible in the application. An indicator has been added to selected patch pages to alert the user that the patch scan results are pending. On the Patch Status page, when a machine's patch scan results are pending, the patch totals will be displayed as bold, italic, dark red text on a gold background. On the Scan Machine page and on the Patch Mgmt tab of the single machine interface, the last scan date/time will be displayed as bold, italic, dark red text on a gold background. Once the scan results have been processed and these pages refreshed, these text values will return to their normal display.
  • The processing of patch scan results has been redesigned and implemented as a new background process in the new MessageSys asynchronous processing engine. This eliminates the previous method of polling for changed patch scan results that required throttling to prevent server scripts from becoming backed up. This will result in improved performance and faster response times for reporting patch scan result changes.

Patch Mgmt > Reboot Action

Added the ability to configure:

  • An optional agent procedure to be executed immediately prior to the reboot action in the Patch Reboot agent procedure.
  • An optional agent procedure to be executed following the Patch Reboot agent procedure.

Patch Mgmt > Pre/Post Procedure

Added the ability to execute an agent procedure before an Automatic Update and/or at the end of the Automatic Update similar to the existing ability to do this for Initial Update. The Auto Post-Agent Procedure, if configured, will be executed immediately after the final patch execution and BEFORE the post installation Reboot.

The Auto Pre-Agent Procedure can be used to determine whether the Automatic Update should be executed or not. After executing the Auto Pre-Agent Procedure, a registry value is checked on the machine. If this registry value exists, the Automatic Update installation scripts will be skipped; otherwise, they will be executed. To invoke this feature, the Auto Pre-Agent Procedure must include a procedure step to set the registry value below:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Kaseya\Agent\SkipAutoUpdate
    Note: Any data type and any data value may be set. The test is for existence only.

If this registry value exists, a procedure log entry will be made to document that the Automatic Update was skipped, and then this registry key will be deleted.

Patch Management – Patch Installation Procedures

In prior versions, patch installation scripts were generated at the time of scheduling for manual updates (Patch Update, Machine Update) or shortly after midnight on the scheduled day for Automatic Update and Initial Update. This prevented a change in configuration such as Reboot Action or File Source from becoming effective until the next time a patch installation script was generated. This has changed in this version with the addition of the new Scheduler engine. Now, patch installation procedures are not actually generated until the actual schedule date/time. This allows changes to installation specific configurations to be included in scheduled but not yet executed patch installation scripts. This eliminates the previous method of polling to determine if Automatic Update or Initial Update are scheduled. This not only improves performance, but makes the processing of Automatic Updates and Initial Updates more reliable.

Since the patch installation procedures are dynamically created at the scheduled date/time, the "Pending" status for patch installations will be displayed differently:

  • Automatic Update and Initial Update: "Pending" will only be observed starting when the scheduled event has started through the end of the processing of the post-installation patch scan results. This is because the approved patches are not selected for installation until the installation procedures are created at the scheduled date/time.
  • Machine Update and Patch Update: "Pending" will only be observed from the time the user manually selects the patches for installation and uses the Scheduler to schedule their installation. "Pending" will continue to be displayed through the end of the processing of the post-installation patch scan results.

To improve reliability in the patch installation process, patch installation procedures scheduled for installation while a previously scheduled patch installation is being processed will NOT be executed. An entry in the Configuration Log will document these cases. This will ensure those cases where a set of patch installation procedures that are being executed will be allowed to complete before another set of patch installation procedures can be processed.

Patch Management – Patch Installation

For various reasons, some patches are displayed as "Manual Install Only", "Windows Update Site Only", or "Product Upgrade Only". Patches that have these warnings cannot be installed using the standard patch installation methods (Automatic Update, Initial Update, Machine Update, and Patch Update).

Beginning in this version, a new warning has been added – "Internet-based Install Only". This warning is displayed for patch data obtained from the Microsoft Update Catalog (via the WUA Patch Scan) that previously was marked as "Manual Install Only" or "Windows Update Site Only" or that had a patch download location for a CAB file rather than an executable file. Patches that have the "Internet-based Install Only" warning can now be installed using the standard patch installation methods. However, the installation of these patches will not use the File Source configured for the machine. These installations are accomplished using the same Windows Update Agent API used to perform the WUA Patch Scans. Use of this API requires a direct connection to the Internet in order to perform the required download and installation. This change has been made to eliminate the additional effort required to identify and install "Manual Install Only" or "Windows Update Site Only" patches and to permit the use of the standard Kaseya patch installation methods to install these patches.

Patches that have been reported by the Legacy Patch Scan will continue to display "Manual Install Only", "Windows Update Site Only", or "Product Upgrade Only" where required. Since these machines use the Legacy Patch Scan engine, they cannot access the Microsoft Update Catalog (via the WUA Patch Scan); therefore, they cannot make use of "Internet-based Install Only" installation feature.

Beginning in this version, machines having their File Source configured for "Download from Internet" will use the Windows Update Agent API to perform the download and installation. In most cases, this will shorten the total time to install patches on a machine. This is due to the elimination of the "get" scripts used to download the "full file" patch files and the fact that use of the Windows Update Agent API uses a more efficient background download process and will usually only download exactly those components that the machine requires for the update. Since the Windows Update Agent API will control the download and installation of updates, the options for "Copy packages to temp directory on local drive with most free space" and "Delete package after install" are ignored for Download from Internet".

Patch Management – Canceling Patch Installations

With the addition of the new Scheduler engine, the patch installation procedures are not actually created until the actual scheduled date/time. So, cancelling patch installations is really just cancelling the current schedule. Therefore, to cancel scheduled patch installations:

  • Cancel Updates page will only cancel all updates for the selected machines that have been scheduled by either Machine Update or Patch Update.  Initial Update is no longer cancelled on this page!
  • To cancel a scheduled Automatic Update, users must go to the Automatic Update page.
  • To cancel a scheduled Initial Update or an Initial Update this is in process (not yet completed), users must go to the Initial Update page.
  • Cancel Updates page will display a Terminate button next to a machine to allow the termination of a currently running patch installation process.

Additionally, the Cancel Updates page has been modified. There are now two views: (1) machines with patches that can be cancelled, (2) patches that can be cancelled with the machines on which they are scheduled. In previous versions, cancelling scheduled updates was an all or nothing procedure. It is now possible to select individual patches/machines, depending on the selected view for cancellation.

Patch Management – Patch Approval Policies

In previous versions, when a patch became inactive (no longer reported by any machine), it was deleted from all patch approval policies. If it later became active because a new machine reported it, it was re-added to all patch approval policies based on the policies' default approval status. This could result in requiring an administrator to re-approve/re-deny the patch. Beginning in this version, inactive patches will no longer be deleted from patch approval policies; they will only be hidden. If the patch is re-activated, it is unhidden retaining the original approval status.

VSA API Web Service

Added 30+ API web service operations, most of them supporting the newly added features of user security and organizations.

App Version Filter in Views

The application filter in Views has always supported an optional version string check. With this release, we have added a wildcard search capability. Select the Like radio button and time in any version string with a * as a wild card character.

PCI & Disk H/W

The option to enable / disable PCI & Dsk H/W drivers that might cause conflicts with older Windows machines has been removed from Audit > Run Audit. PCI & Disk H/W audits are performed automatically on Windows XP and later operating systems.

Assign Monitoring / Assign SNMP filter

A filter feature has been added that filters the drop-down list of monitor sets and SNMP sets to select from in Assign Monitoring and Assign SNMP in the Monitor module.

SNMP Traps Alert

A new SNMP Traps Alert page triggers an alert when an SNMP Trap event log entry is created on a selected managed machine. SNMP event log entries are created in response to the managed machine receiving an SNMP trap message from an SNMP device on the same LAN as the managed machine.


Hardware Assets

  • Added agent icon to grid if the vPro machine has an agent installed
  • Modified the asset information and how it is displayed in the hierarchical grid
  • Added the ability to create a .CVS file for participating in the Intel vPro Rebate program
  • Added a link to the Intel vPro Rebate program website

Power Management

  • Scheduler has be modified
  • The grid has be changed to be hierarchical displaying the power management information
  • Each vPro machine can now have scheduled one type of power up, power down and reboot
  • Added agent Icon to grid if the vPro machine has an agent installed

New feature -> Remote ISO Boot

  • Allows a single time (not scheduled) boot of a vPro machine using an ISO image found on the network
  • Network credentials must be provided, ie UNC and network credentials (these are not the vPro credentials)
  • Has agent Icon if the vPro machine has an agent installed

Machine Filter Views

  • Added the option to create machine filter views that include machines that are suspended or not suspended.
  • Added the option to create machine filter views that include machines based on Agent Credential status (missing, not tested, failed test, passed test)
  • Updated the option to create machine filter views that include machines based on Patch Test Status (added options for test failed – credential and for test failed – non-credential)

Split Ticket

When splitting a ticket, you now get an additional option to leave the status of the original ticket unchanged. Previous releases automatically closed the original ticket.

LAN Watch

Added an independently sortable vendor column to View LAN and Install Agents function under LAN Watch. Use this column to help identify newly discovered devices.

Uptime History Report

Uptime history has been completely re-written and now provides the following:

  • Compute % uptime for each machine
  • Excludes suspended alarm times (maintenance windows) from % uptime calculation
  • Uptime chart displays when users logged on and off
  • Emailed report no longer looses scaling in Outlook 2007
  • Full integration with the Executive Summary report – summary table and network health scores for servers and workstations
  • Provides uptime data via API (views and web service)

Reset Password

Passwords generated with this function are now set to never expire.

Agent Country

The agent status function and the Aggregate table report now can display the country the agent is located in. Country location is determined by the connection gateway IP address of each agent.

Working Directory

The Agent > Temp Directory function has been renamed Agent > Working Directory. The new system default for Working Directory is "c:\kworking". The new default does not affect agents already installed using the "c:\temp" directory. Warning: Do not delete files and folders in the agent's working directory. The agent uses the data stored in the working directory to perform various tasks.

Ticketing Associations

Tickets in the Ticketing module can now be associated with machines, machine groups, organisations, departments and staff records.

Mac OS X Features

  • Added support for Mac OS X 10.6 Snow Leopard
  • LAN Watch
  • FTP
  • Remote Installation via SSH to Mac computers from the Mac OS X agent that performed the LAN Watch
  • Improved Remote Control using native Apple VNC server on Leopard (10.5) and Snow Leopard (10.6)
  • Improved application audit information

New features in Kaseya Service Desk (v1.0.0.0) – 2 February 2010

Kaseya Service Desk

This is the first release of the Kaseya Service Desk addon module. KSD is a greatly enhanced replacement module for the Ticketing module.

Service Desk Definitions

KSD tickets are controlled by a new data object called a service desk definition. The service desk definition defines the entire structure of tickets, including all of its fields and values. Associated procedures (not available in the Ticketing module) automate the behavior of the ticket throughout its life-cycle. Multiple service desk definitions and their corresponding tickets can co-exist within the same Service Desk module environment. User access to service desks definitions are controlled by roles and scopes using System > User Security. Service Desk Definitions define the following:

  • General properties, such as the name of the service desk, default values for properties and links to procedures that affect the entire ticket.
  • Values for standard ticket fields: Status, Priority, Category, Severity and Resolution.
  • Custom fields and values.
  • Stages, which describe the "life-cycle" of a ticket. Each stage can be linked to an entry, exit, escalation or goal procedure. Procedures can automate the processing of tasks and notifications for a ticket at each stage of a ticket's life-cycle.
  • Policies associated with a service desk and the criteria used to assign them to a ticket when a ticket is created.
  • Role and "user pool" access to a ticket. A pool is group of users that is independent of the roles they belong to.

Workflow Automation

Each service desk definition can define a different workflow for the set of tickets it controls using the Stage property. Stage sequences are user-defined. Entering or exiting a stage can trigger an automated procedure or start a timer to run an escalation or goal procedure at a later time. The workflow of stages you define is graphically represented by the View tab within a service desk definition. Stages enable KSD to support a wide range of business processes, including the four types of business processes recommended by ITIL for service organizations:

  • Incidents - A request for assistance from an organization/contact. Note: KSD refers to customers and users as organizations and contacts.
  • Problems - The underlying cause of—and eventually the generic response to—one or more incidents reported by customers and users.
  • Change Requests - Detailed requirements for changes or enhancements to a product or service, usually in response to a problem.
  • Service Requests - A request for a routine service call or upgrade.

Service Desk Definition Templates

When a service desk definition is created, stage sequences and standard field values are populated by the template used to create the service desk definition. Once a service desk definition is created based on a template, these default stages and field values can be modified to suit your business requirements.

Sample Service Desk Data

Sample Service Desk data is provided for the following:

  • Note templates
  • Message templates
  • Procedure variables
  • Policies (gold, silver, bronze)
  • Organization Types (gold, silver, bronze)
  • User Roles
  • Coverage Schedules
  • Holidays

Sample service desk data records are installed when service desk is installed and never updated in case you choose to make use of them. If a sample service desk record is deleted, the record is re-installed during a backup/maintenance cycle.

Service Desk Setup

Service Desk > Setup provide the following sample service desks:

  • Standard – This service desk provides basic automation with a simplified workflow. Demonstrates automation for email and message notification to users and user pools when a ticket is created, starts the next stage or is escalated. Integrates with pre-defined user pools, procedure variables, and message templates.
  • Demo – A basic service desk, with sample tickets but none of the automation provided by service desk procedures.
  • Incidents – A sample service desk based on ITIL guidelines. Demonstrates the benefits of service desk automation by integrating the ITIL service desk with stage entry procedures, escalation procedures, goal procedures, user roles, user pools, organization types, predefined procedure variables, predefined message templates, predefined polices, predefined email reader, predefined coverage schedules and predefined holidays.
  • KnowledgeBase – A sample knowledge base desk based on ITIL guidelines. Serves as repository of known errors articles.
  • Problem – A sample problem desk based on ITIL guidelines. Demonstrates the benefits of distinguishing and managing generic problems separately from immediate customer support issues. Problem tickets can be associated with multiple incidents, so that when a solution is achieved, customers with related incidents can be notified.
  • ChangeRequest – A sample change request desk based on ITIL guidelines. Demonstrates the benefits of distinguishing and managing change requests separately from immediate customer support issues. Change requests are approved or rejected. If approved, then the change request is tracked through to successful completion. Change requests can be associated with multiple incidents, so that when the request is implemented, customers with related incidents can be notified.

Ticket Maintenance

All tickets are listed in a single, multipage, scrollable ticket table. The ticket table can be filtered and sorted to suit your preferences. Column headings are selectable and provide their own filter and sort options. This same ticket table can be be used to preview, edit, group update, merge, associate, and archive tickets. Tickets are tracked as read or unread by each user. Ticket row coloring is controlled by Preferences by Role and Preferences by User. Clicking any row in the ticket table lets you edit or view a ticket in a child window. The ticket window has multiple tabs, some with expandible-collapsible regions, providing quick access to a large set of ticket properties. Editing the ticket manually lets you:

  • Modify the values of standard and custom fields
  • Add your own notes and attachments
  • Add predefined content using note templates
  • Associate tickets with organizations, machine groups or machines.
  • Associate tickets with other tickets, including tickets in other service desks such as those created as knowledge base articles.

Ticket Archives

Tickets can be archived for later reference rather than deleted altogether. Archived tickets can be displayed but not edited. They can also be unarchived so that you can continue editing them.

The layout and navigation of an archived ticket is exactly the same as an unarchived ticket.

Knowledge Base

The knowledge base serves as a repository of "known-error" solutions and workarounds. Knowledge base topics can be manually or automatically associated with newly created tickets based on the ticket settings you specify. You can create specialized knowledge base topics based on an organization, an assignee, machine group, etc. When working a ticket, the call taker can immediately see the knowledge base topic associated with a ticket.

Search All

Search All displays a table of all tickets and all knowledge base articles. This enables you to locate any text reference in either type of record, so as to avoid having to perform two separate searches.

Coverage Schedules and Holidays

The Coverage Schedules and Holidays functions define when a service desk is available for working on a ticket. Coverage Schedules enables you to define hours covered for days of the week or standard holidays. Holidays define hours covered for specific days that don't match standard holiday hours. Coverage Schedules records are linked to Policies, enabling you to configure a different set of hours covered for each policy, or reuse the same Coverage Schedules record for multiple policies across multiple service desks.


Tickets can be automatically assigned a specific policy by organization, organization type or machine group. Policies are associated with Coverage Schedules records, so selecting a policy determines the hours of coverage provided for a particular ticket using that policy. Variables associated with the policy can be used in procedures to automatically set the value for any user-selectable field in a ticket.

Note: Unlike the legacy Ticketing module, associating KSD tickets with a machine group or machine ID is optional.

Preferences by Role / Preferences by User

KSD Preferences by Role let you specify additional attributes for each role that apply specifically to Service Desk. These role preference override system default values. A role must be previously created using System > User Security. Options include:

  • Ticket table row color preferences, by due date, modification date or creation date
  • Ticket table column preferences
  • Ticket field access permissions

A separate function, Preferences by User, enables a user to set their own table row color and table column preferences. User preferences override role preferences.

Note Templates

Note templates let you define reusable snippets of text that can be inserted into ticket notes, either manually or automatically using KSD procedures.

Incoming Email Settings

Incoming Email Settings specifies a POP3 email account to periodically poll. Email messages retrieved from the POP3 server are classified using a Ticket Request Mapping procedure and converted into different types of tickets.

Message Templates

Message templates define page layouts for emails sent from a service desk to email recipients, or for messages displayed in the Info Center > Inbox of other users. These templates are selected when you specify an email be sent or message be sent within any KSD procedure.

Procedure Variables

  • Global procedure variables are defined using the Variables function. Global procedure variables and their default values can be applied either to all types of procedures or to specific types of procedures. The value of a global variable can be changed within a procedure and the changed value used in subsquent steps or passed to nested procedures. Changes to the value of a global variable are limited to the procedure that use them plus any nested procedures. Once a global variable is defined, each policy can set a different default value for that variable.
  • Procedure variables behave the same way as global procedure variables except they are defined by command within a procedure.
  • Property variables enable you to set the value of a ticket field. Property variables can be used within procedures and message templates, email subject lines and body text, message subject lines and body text.

KSD Procedures in General

KSD provides specialized procedures that are independent of agent procedures, since tickets in Service Desk are not necessarily related to specific machine groups or machines IDs. KSD procedures typically automate ticket processing, although some procedures automate the processing of inbound emails. There are two general types of KSD procedures:

  • Event Procedures run as soon as specified system events occur.
  • Scheduled Procedures run a specified time period after a system event occurs.

Stage Entry and Exit Procedures

A Stage Entry procedure runs when a ticket starts a specified stage. A Stage Exit procedure runs when a ticket exits a specified stage. Stage Entry or Exit procedures are linked to individual stages using Service Desk Definition > Standard Fields > Stage > Procedures.

Ticket Change Procedures

A Ticket Change procedure runs each time a ticket is changed. Typically ticket change procedures notify the owner, assignee or submitter that a ticket has been updated. Ticket change procedures are linked to service desk definitions using the Service Desk Definition > General > Procedures tab.

Ticket Request Mapping Procedures

A Ticket Request Mapping procedure, linked to an Incoming Email Settings, runs each time the VSA polls a POP3 server and retrieves email messages. The Ticket Request Mapping procedure determines the type of ticket created from the content of each email message and preprocesses the ticket.

Ticket De-Dup Procedures

A Ticket De-Dup procedure is linked to a reader in Incoming Email Settings. The procedure runs if the system detects that a request to create a ticket from an external source—from email or an alert—duplicates an existing ticket.

Goal Procedures

A Goal Procedure runs after a specified time period, usually to record whether or not a goal was met. The time period is measured from the time a ticket was created or from the time a ticket starts a specific stage. Goal procedures are linked to service desk definitions using Service Desk Definition > General > Procedures. Goal procedures are linked to individual stages using Service Desk Definition > Processing > Stage > Procedures.

Escalation Procedures

A Escalation Procedure runs after a specified time period, usually to escalate a ticket to another level of service. Multiple escalations can be run using escalation levels. The time period is measured from the time a ticket starts a stage or is re-escalated. Escalation procedures are linked to individual stages using Service Desk Definition > Processing > Stages > Procedures.

Sub Procedures

Sub procedures are common procedures called by other procedures using the Execute a Common Sub-Procedure command.

Mac iPhone Service Desk app

You can use a new Kaseya Service Desk app for the Mac iPhone to:

  • Securely logon to one or more Kaseya Servers
  • View Service Desk tickets, including all notes and details
  • Update Service Desk tickets, including adding notes and changing details
  • Call the ticket submitter, integrated with the iPhone Dialer
  • Email the ticket submitter, integrated with iPhone Mail
  • Get a map and directions to the submitter's location

Service Desk API Web Service

Added API web service operations for service desk.

Kaseya Desktop Policy v3.0 (v3.0.0.0) – 2 February 2010

Module Renamed and Divided

Kaseya User State Management has been divided into two separate applications: Kaseya Desktop Policy and Kaseya Desktop Migration. Each can be purchased and installed separately. When both are installed they display as a single combined module known as Kaseya Desktop Policy and Migration (KDPM).

Independent Power Audit

The independent power audit is scheduled as part of the standard audit and collects power settings from all managed machines including those without the Kaseya Desktop Policy and Migration client installed. Details of power settings and comparative cost savings for all machines are available via the Power Savings Report on the Reports page. A new checkbox, Include All Machines, displays on the Power Savings Report. If checked, it includes the independent power audit results for all Windows 2003 and Windows XP machines without KDPM installed along with the results from machines with KDPM installed. Does not include Windows 2000 or Vista machines.


New dashboard views to the Status page:

Policy Deployment at a Glance

Current State

A new function called Current State displays the following Kaseya Desktop Policy details about each machine that has the KDPM client installed.

  • For each user logon, the user groups, mapped drives and printers defined for that user
  • For each machine, the share names and local file path

Wake On LAN

The Wake on LAN feature allows a machine that is offline because it has been powered down (sleeping, hibernating or powered down with power to the network card) to be brought back online at a particular time. This is achieved by having a controller machine (auto assigned by the WOL feature) send out an industry standard packet (magic packet) on the network with a specially encoded message with unique identifiers for each machine to be woken. There are 2 prerequisites to be able to take advantage of the WOL feature:

  • Each machine to be woken must enable the Wake on LAN feature in the PC motherboard's BIOS.
  • There must be at least one machine online on a given LAN to act as the controller to send out the 'magic packets'.


Options are now available to set Alerts for operation success and failure within Kaseya Desktop Policy. Alerts are used to trigger an action or a notification:

  • Create Alarm
  • Create Ticket
  • Run a script
  • Send Email

Alerts and the action to take are configured on a new Alerts page. Alerts are available for:

  • Power Policy
  • Power Policy Apply Success/Failure
  • Mapped Drives
  • Mapped Drive Policy Apply Success/Failure
  • Printers
  • Printer Policy Apply Success/Failure
  • Desktop Standard
  • Create Desktop Standard Success/Failure
  • Apply Desktop Standard Success/Failure
  • WOL
  • Wake on LAN Succcess/Failure

Migration Readiness

The Migration Readiness page is an interactive reference page that provides a detailed summary of end point readiness for upgrades to Windows 7 or other operating systems. Using audit information visual comparisons are made against minimum system requirements for:

  • CPU
  • Hard disk
  • RAM

A cost summary is provided to estimate the total upgrade cost for systems.

Kaseya Desktop Migration v3.0 (v3.0.0.0) – 2 February 2010

Multiple Settings Backups

Support for up to 99 settings backups allowing flexible, point-in-time restore of user settings and data.


  • Dashboard views to the Status page:
  • In Process Settings Backups
  • Settings Backup Status at a Glance
  • Settings Backup Status by Machine

Current State

A new function called Current State displays the following Kaseya Desktop Migration details about each machine that has the KDPM client installed.

  • For each user logon, the user groups, mapped drives and printers defined for that user
  • For each machine, the share names and local file path

Predefined User Settings Filters

Three predefined user setting filters are provided: Full, Minimal and Typical.

Backup, Restore and Migrate Files and Directories

Backup, Restore and Migrate can now include and exclude the saving and restoring of specified files and directories. Include or exclude types of files by file extension. Exclusions override inclusions. For example: .doc .ppt .xls Enter a % character as the first character to display a list of variables you can use to specify a file or directory. Variables include:

%AppData%  			Per User	The user-specific AppData directory
%ApplicationData% 		Per User	The user-specific AppData directory
%CommonApplicationData% 	Per Machine	The All User's AppData directory
%CommonDesktop% 		Per Machine	The All User's Desktop directory
%CommonDocuments%		Per Machine	The All User's Documents directory
%CommonProgramFiles%		Per Machine	The All User's Common Files directory
%CommonStartMenu%		Per Machine	The All User's Start Menu items directory
%ComputerName%			Per Machine	The name of the computer. On domain, the qualified name
%Desktop% 			Per User	The user-specific Desktop directory
%Favorites% 			Per User	The user's favorites are stored in this directory
%History% 			Per User	Where to find the user's Internet Explorer browser history
%LocalApplicationData% 		Per User	The user-specific Local AppData directory. 
						These settings are not moved in a roaming profile.
%MyMusic% 			Per User	The user's "My Music" directory
%MyPictures% 			Per User	The user's "My Pictures" directory
%MyDocuments%			Per User	The user's "My Documents" directory
%Personal% 			Per User	The user's "My Documents" directory
%Profiles% 			Per Machine	Where the system keeps user directories
%Programs% 			Per User	The user's Start Menu programs
%ProgramFiles%			Per Machine	Where the system keeps its programs
%QuickLaunch% 			Per User	The user's Quick Launch programs
%System%			Per Machine	Where the system files are installed
%UserName% 			Per User	The user's login name (not their full name)
%UserProfile% 			Per User	The user's "Profile" or "Home" directory.
%WinDir%			Per Machine	Where Windows is installed


A new Manage page provides a single location for you to manage all tasks related to a Kaseya Desktop Migration backup, organized by machine ID and backup.

  • View the contents of the backup.
  • Show the log for this backup.
  • Rename the backup.
  • Delete the backup. Disabled if this backup is locked.
  • Restore the machine to this backup.
  • Migrate this backup to a new machine.
  • Lock this backup, so that it will not automatically be deleted.


Options are now available to set Alerts for operation success and failure within Kaseya Desktop Migration. Alerts are used to trigger an action or a notification:

  • Create Alarm
  • Create Ticket
  • Run a script
  • Send Email

Alerts and the action to take are configured on a new Alerts page. Alerts are available for:

  • Settings Backup
  • Backup Success/Failure
  • Recurring backup skipped if machine off X Times
  • Image location free space below XMb
  • Settings Restore
  • Restore Success/Failure
  • Migration
  • Migration Success/Failure
  • Manage
  • Backup Deleted
  • Backup Locked/Unlocked

Migration Readiness

The Migration Readiness page is an interactive reference page that provides a detailed summary end point readiness for upgrades to Windows 7 or other operating system. Using audit information visual comparisons are made against minimum system requirements for:

  • CPU
  • Hard disk
  • RAM

A cost summary is provided to estimate the total upgrade cost for systems.

New features in Kaseya Backup and Disaster Recovery (v3.1.0.0) – 2 Dec 2009

Local Disk Consolidation of Synthetic Full Backups

A large number of issues with synthetic full backup are caused by network locations dropping packets. BUDR 3.1 checks for sufficient space on the local disk, copies the files locally and performs the consolidation, then copies the backup back to the NAS. Consolidation using the local disk dramatically improves the reliability of synthetic full backups. Sufficient local disk space is required to implement this solution. If not enough disk space is available, then remote consolidation is performed.

Standard Installer Updates

BUDR 3.1 installer supports installing on Server 2008 when installing on Kaseya 2 and downloads the latest hotfixes during the install process.

Queued Installs

Previously, installing the BUDR client on multiple machines simultaneously slowed down the network, and in some cases, resulted in failed installs. This enhancement limits the number of simultaneous downloads to prevent this problem. If you schedule too many backup client installs at once, then some of the installs are queued up until the downloads for the prior installs finish.

Updated Build of Acronis

BUDR 3.1 now includes Acronis 9.7-8218.

Error Status of Offsite/Local Server on Status Page

The Backup Status page now includes the error status of Offsite Servers and Local Servers. This means you can immediately tell if an Offsite Server or Local Server is offline by looking at the standard BUDR landing page.

Last Backup on Backup Status Table

The Backup Status table on the Backup Status page now shows when the backup last run, instead of just informing you that it ran "sometime" in the last 24 hours.

Local Server > Status Last Checked

The Local Server page now includes the date and time the status of local server was last updated.

Other Backup Products Installed Warning

Other backup products often conflict with Acronis, causing corrupted backups or hung systems. The Backup Status page now includes a warning when machines have both Acronis and other backup products installed.

Allow Synthetic Backups when Replication Directory is Subfolder of Image Location

If your backup image location was \\nas\share\backups and you wanted to use Offsite Replication to replicate just one machine, you might consider replicating \\nas\share\backups\<agentGuid>, where <agentGuid> is the Agent Guid of the machine you wish to replicate. However, BUDR 3.0 would not recognize backups located in subfolders when performing synthetic full backups and full backups would be replicated completely. BUDR 3.1 now enables full synthetic backups to be replicated correctly when specifying a subfolder of the image location.

Verify Does Not Mark Backup as Invalid

Automatic verification can fail for numerous reasons, such as a machine rebooting during the backup or the network image location going offline. In BUDR 3.0 if this happened, the verify would fail, and then the backup would be marked as invalid, no longer allowing you to mount, restore, re-verify, or convert the image to a VM. With BUDR 3.1, the failed verify is still logged, but the backup still shows up on those pages as a possible backup choice.

New Features in Kaseya Endpoint Security v2.1 (v2.1.0.0) – 27 August 2009


New KES Dashboard function added. Provides quick views of the following:

  • Endpoint Security Statistics
  • License Status
  • Top Machines with Threats
  • Top Threats Discovered

Security Status

  • Reboot now action button added. Some security updates require a reboot to install the update.
  • Version number of latest antivirus definition installed displays in red text if older than five versions from the latest version available.
  • New columns showing whether Link Scanner and Web Shield are enabled or disabled
  • If Resident Shield protection is enabled but less than the default settings, the icon and tooltip shows Resident Shield as "partially enabled".
  • Tooltips now report the status of a particular icon.

Reboot Icon, Tool Tip and Version Number

Security protection updates sometimes require a reboot of the managed machine to complete the update. A new reboot icon has been added to the anti-virus definition version column and displays alongside the existing, pre-update version number. The corresponding tooltip says, "Reboot to complete update." Prior to the reboot, the protected machine continues to use the existing version of anti-virus definitions. After the reboot, the new version of anti-virus definitions are used and the new version number displays. This change downplays the "requirement"  for rebooting.  When a reboot is needed, it is needed only to complete the previous update.  The machine is still protected while a reboot is pending and the admin can reboot at their leisure.

Manual Update

Added Update from Internet (Override file source) option. If checked, updates are downloaded from the internet directly. If blank, updates are downloaded using the method specified in Patch Mgmt > File Source.

Change to LAN Based Update Logic

If a LAN-based File Location is specified for a managed machine, KES uses this file location to download installation files and security definitions.   The LAN-based file location is updated only when AVG labs releases a new version.  The endpoints update from this location staggered based upon the existing logic. This solves the problem of AVGINETL scripts backing up on the LAN-based server.

Enabling/Disabling Kaseya Managed Automatic Updates

You can now disable/enable Kaseya managed automatic updates to the endpoints.  In the event of needing a specific schedule (a feature planned for future versions), you can disable the Kaseya based automatic update and use the schedule on each endpoint.

Disable/Enable Resident Shield Using Scripts

You can now disable/enable Resident Shield using the following Execute Shell Commands in an script:

In the agent temp directory, run

      C:\Temp\kes>KasAVCmd -setFileMonitorEnable 0   ;disables Resident Shield

      C:\Temp\kes>KasAVCmd -setFileMonitorEnable 1   ;enables Resident Shield

Script Name: KES_Enable Resident Shield

Script Description: Enables Resident Shield temporarily (until next scan or reboot...unless it is enabled by default and is being re-enabled after being temporarily disabled)


IF True


   Get Variable

     Parameter 1 : 10

     Parameter 2 :

     Parameter 3 : agenttemp

         OS Type : 0

   Execute File

     Parameter 1 : #agenttemp#\kes\KasAVCmd.exe

     Parameter 2 : -setFileMonitorEnable 1

     Parameter 3 : 3

         OS Type : 0



Script Name: KES_Disable Resident Shield

Script Description: Disables Resident Shield temporarily (until next scan or reboot)


IF True


   Get Variable

     Parameter 1 : 10

     Parameter 2 :

     Parameter 3 : agenttemp

         OS Type : 0

   Execute File

     Parameter 1 : #agenttemp#\kes\KasAVCmd.exe

     Parameter 2 : -setFileMonitorEnable 0

     Parameter 3 : 3

         OS Type : 0



Clearing Current Threats on Each Scan

On each scan, any current threats are now cleared out and marked as being resolved.  If the threat still exists, it will be rediscovered and listed in current threats.

Virus Vault Changes

To improve KServer performance, virus vault changes are only reported to the Kserver when the KES protected machine boots up or when threats are added or deleted from the virus vault. This changes the logic of syncing up the entire contents of the virus vault each update.

All Log Entries

All log entries are now displayed on the View Log page.

Uninstall Log

When KES is uninstalled, an uninstall log is written to the managed machines temporary \kes folder found in the agent temp directory, typically c:\temp\kes.

Auto Extend Licenses

Two new action buttons have been added to the Extend/Return function. Auto Extend enables automatic allocation of a new license the day the old license expires for selected machine IDs. Partial licenses are allocated first, then full licenses. If no additional licenses exist, allocation fails and security protection expires for the endpoint. Remove Auto Extend disables auto extend for selected machine IDs. These two options only display for master administrators.

Licenses Expiring within 30 days

Licenses can now be filtered to show only licenses expiring within 30 days.

Default for Auto-Extend

By user request, Kaseya Support can now enable auto-extend by default. Auto-extend is normally disabled by default.

Install Remove – Update from KServer

Added Update from KServer (override file source) option. If checked, installs are downloaded from the KServer. If blank, installs are downloaded using the method specified in Patch Mgmt > File Source.

Conflicting Application Update

Updated the list of conflicting applications recognized by KES when installing the KES client.

Install / Remove - User Defined Application Conflicts

Kaseya maintains a list of standard applications that conflict with the KES client. You can ensure you are warned about additional applications that conflict with the KES client by listing them in a file on the KServer. The typical KServer install location is:


UserConflictExes.txt is a comma separated list of user specified KES conflicting programs, one entry per line.  Line entries should be formatted as follows:

            example.exe, description of example.exe, reason for exclusion, excluded by which tech

            example2.exe, another description, reason, who excluded example2.exe

Use // at the beginning of any line to add comments.

The warning is displayed in the Install Status column of the Install/Remove page. The warning also displays if the conflicting application is installed after the KES client is installed and a latest audit is performed. A KES application conflict log entry is generated if the KES client is installed despite the existence of a conflicting application.

Install Remove - Installation Options

The Installation Options dialog has been changed into a standard action button on the Install/Remove page. After the KES client is installed on a machine ID, the installation options applied to that machine ID can be viewed by clicking the green check mark in the Install Status column.

Identity Protection

The Identity Protection component is now an installation option. See for more information.

Firewall and Protection ID

The following new options can only be set by KES during installation.

  • Firewall
  • Protection ID

After installation, KES cannot be used to change these settings.

Disable Windows Defender Option

A new "Disable Windows Defender" has been added to the Installation Options dialog box. Running Windows Defender significantly degrades the performance of KES and should be disabled by default using this option.

Define Profiles

The following System Tray Notification settings have been added to the General tab of Define Profiles:

  • Display system tray notifications - If checked, the following system tray notifications can be optionally enabled. All notification messages display on the managed machine next to the system tray.
  • Display tray notifications about update - If checked, displays a notification message that the KES software is being updated.
  • Display tray notifications about scanning - If checked, displays a notification message that the machine is being scanned.
  • Display Resident Shield related tray notifications (automatic action) - If checked, displays a notification message that Resident Shield has taken action against a threat.
  • Display components state change notification - If checked, displays a notification message that the state of one of the KES components has changed.
  • Display E-mail Scanner related notifications - If checked, displays a notification message that email scanning has taken action against an email threat.

The Run System Scan upon KES Start Up settings have been removed.

Automatic Installation of Exchange Server Email Protection

During the install of KES on a machine, if MS Exchange is detected, the plugin for MS Exchange email protection is automatically installed. The install page for MS Exchange email protection has been changed to Exchange Status. It displays the install status of all MS Exchange servers that have KES installed.

AVG Installer and AVG Installer for Exchange

When the KES 2.1 module is first installed on the VSA:

  • The 406 version of the AVG 8.5 workstation installer is used initially, prior to uploading the latest version of the installer during its first "once per day" check. KES 2.1 may be out of date until this process runs.
  • No version of the AVG installer for Exchange is available until it is downloaded during the second "once per day" check. This is to prevent overwhelming the system with lots of downloads.  Do not install KES 2.1 on any MS Exchange server until after the second day.

AVG Removed by User Alert

A new "AVG Removed by User" alert has been added to Define Alarm Sets. The alert is triggered if the user uninstalls AVG from the managed machine.

Alert Issues Fixed

The following KES alert issues have been fixed:

  • duplicate alerts
  • missing subject
  • reboot alarms were not created
  • missing submitter information
  • alert wording on tickets & email changes
  • added missing info on tickets

New features in Kaseya Backup and Disaster Recovery (v3.0.0.0) – 3 December 2008

Synthetic full backup

Option to allow synthetic full backups which combines a base full image and incrementals to create new base full image. This option is enabled on the Schedule Volumes page and greatly reduces network bandwidth for performing local 'full' and for offsite replication.

64 Bit Support

Adds support for installing backup clients on Server 2008 and all Windows 64bit operating systems.

Offsite Status

Offsite status now reports files moved offsite, files remaining to be moved offsite and byte

Offsite Performance

In conjunction with synthetic volume backup, offsite will have significantly lower bandwidth requirements by moving only incrementals.

Offsite Ports

Offsite server ports are now restricted to between 1024 and 49151.

Restart Icons

Restart icons have been added to the Local Server and Offsite Server pages to quickly restart their respective services on a local server or offsite server.

Retry for Image Verify

Retry for data reads with image verify greatly reduces verify failures due to network latency.

Restore- Virtual Disk Conversion

Option to convert .tib files to VMWare VMDK and/or Microsoft VHD format allows for Physical to Virtual conversion or recovery to virtual machine.

Image Encryption

Additional security on disk images is provided via image encryption. This option on the Image Password page provides aes128, aes192 or aes256 encryption.

VSS Support

Improved integration with Microsoft Volume Shadow Copy Service for reliable backup of active servers.

Universal Restore

Provides a range of ISO build versions for reliable restores on a broader range of hardware configurations.

Dynamic Disk

Backup and recover dynamic volumes including recovery of dynamic volumes to basic volumes.

Backup client update

Customers are not required to install the new BU-DR client to keep using backup. BU-DR will work with a mix of BU-DR client versions 9.1 and 9.5 (the new client version). However, in order for the endpoint to take advantage of the new features including encryption, synthetic backup and image conversion, the endpoint must be updated to the new version of the BU-DR client software.

Agent Update

Customers need to update the Kaseya agent to to cancel a backup with the new 9.5 client. Kaseya recommends deploying the new agent to all systems that have the new backup client software. Use the "Force update even if agent is at" option to force the agent to update to

New features in Kaseya Endpoint Security v2.0 (v2.0.0.0) – 3 December 2008


To upgrade KServer and managed machines to KES v2.0:

  • Run the KES v2.0 installer on the Kserver.
  • Logon to VSA and run reinstalls against all v1.2 endpoints to upgrade them to v2.0 using Security > Install/Remove.

Security Install Option

The following install options have been added to KES v2.0:

  • User Name - If checked, enter a name associated with this install of KES.
  • Company Name - If checked, enter the name of the company associated with this install of KES.
  • Target Directory - if checked, enter a target directory. If blank, the default install directory is used.
  • Kill all running applications that prevent installation - If checked, stops all running applications that might prevent successful installation.
  • Reboot the computer after installation if needed - If checked, reboots the computer after installation.
  • Install AVG Toolbar - If checked, installs the AVG Toolbar to the following:
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Vista (32-bit)
  • Microsoft Internet Explorer (version 6.0 or greater)
  • Mozilla FireFox (version 1.5 or greater)

Does not install to browsers running on Windows Server O/S.

  • MS Office 2000 - 2007 Add-in – If checked, installs the AVG scanning plugin for Microsoft Office, versions 2000 though 2007.
  • Email Scanner - If checked, installation detects the default email client on a machine and automatically installs the respective email scanning plug-in.
  • Enable end user directory scans – If checked, adds a right-click option to Windows Explorer, enabling the user to scan an individual file or directory immediately.
  • Hide AVG system tray icon - If checked, hides the AVG icon in the system tray.
  • Link Scanner – If checked, blocks dangerous websites and checks links returned by the most popular search engines. Does not install to browsers running on Windows Server O/S.
  • Surf-Shield – If checked, scans a link displayed in a web page, before you click it.
  • Active Search-Shield – If checked, identifies the safety rating for a search link listed in Google, Yahoo and MSN search lists.
  • Web-Shield – If checked, scans downloaded files and files exchanged using instant messaging.
  • Script to run before install: select a script.
  • Script to run after install: select a script.

Sample Profile

  • Several predefined security protection profiles in KES 1.2 have been replaced with a single sample profile in KES v2.0.
  • Existing predefined profiles and custom profiles are not removed by upgrading to KES v2.0.
  • When reinstalling an endpoint to upgrade it from v1.2 to v2.0, you will have to reapply the profile or apply a new one.

Tracking Cookies

  • If Profile has  "Scan for Tracking Cookies" checked for Resident Shield and/or Full Scan, KES v2.0 will detect and delete them and not report it to the UI.
  • If Profile does not have the "Scan for Tracking Cookies" checked for Resident Shield and/or Full Scan, we do not scan for them.

Exclude PUPS

There are two ways to Exclude PUPs.  In both cases, all the endpoints that share the profile are updated as well as the avConfig.xml on the endpoints. The excluded PUPs are also added to the AVG8 UI PUP Exceptions list in Advanced Settings.

  • In Security > Define Profiles click the Excluded PUPs tab. Enter the full name of the file, the file's corresponding checksum value and exact file size in bytes. Online help describes how to identify the checksum value and the file size for a file.
  • Run a scan that identifies files as threats. On the View Threats page, select the file you want to classify as an excluded PUP, click the Add to PUP Exclusion List button. The threat is restored and the threat is added to the "Excluded PUPs" list.

Kaseya files are now automatically excluded and display in the PUP Exceptions list in Advanced Settings.

Security Status

The following actions buttons have been added to the Security Status page:

  • Enable Resident Shield
  • Disable Resident Shield
  • Enable Email Protection
  • Disable Email Protection
  • Empty Vault

You can now click the threat count for email threats to display them on the View Threats page.


Enable/Disable has been removed as a separate function and combined with the Security Status page.

View Threats

The View Threats page has been reorganized as follows:

  • The Historical Threats tab has been renamed Virus Vault, to match AVG 8.0 terminology.

The action buttons on the Current Threats tab have been changed to the following:

  • Heal - Attempts to heal a file without deleting it. Healed threats are removed from the Current Threats tab and display in the Virus Vault tab.
  • Delete - Attempts to delete a file. Deleted threats are deleted from the computer immediately.
  • Cancel Pending Operation - Cancels any of the other actions, if they have not yet been completed.
  • Add to PUP Exclusion List - Selected threats are added to the exclusion list for the profile assigned to the machine they were found on. Exclusion means the file is no longer scanned as a potential threat on all machines assigned this profile.

The action buttons on the Virus Vaults tab are the same as the Current Threats tab, except Restore replaces the Heal action button.

  • Restore - Restores the original file identified as a threat.

Define Profile

Several of the options have been renamed or removed to simplify configuration and to match AVG 8.0 terminology and functionality.

MS Exchange

The Edit User Prompts action button and prompt options have been removed.

Define Alarm Sets

The types of events that can trigger an alarm have been simplified.

Install Requirements

AVG8 only runs on:

  • Windows 2000 SP4 + Update Rollup 1
  • Windows XP SP2 or higher
  • Windows XP Pro x64 Edition SP1
  • Windows Vista/Vista x64 Edition or higher
  • Windows 2003 Server SP2
  • Windows 2003 Server 64 bit Edition
  • Windows 2008 Server
  • Windows 2008 Server 64 bit Edition

AVG8 provides a separate install for the following email server applications:

  • MS Exchange Server 2000/2003
  • MS Exchange Server 2007

In addition:

  • The Anti-Rootkit component does not get installed when KES v2.0 is installed to x64 endpoints.
  • Web Shield components are primarily for desktop use. It is not recommended for installation on servers.

New features in Kaseya 2008 SP1 (v5.1.0.0) – 7 September 2008

Audit - System Info

Entering data into a manually added field in System Info as http:// or https:// displays the data as a URL link. To manually add a field click the Show More button, then click the New...* button.

Audit - Documents

The Documents function, located on the Audit tab, can now be accessed as a new tab in the Machine Summary interface. The Machine Summary interface displays when you click any agent status icon.

Scripts - Mac OSX Agent

The Mac OSX agent has been improved to handle installation and log off conditions on all platforms up through OSX 10.5.4. Mac OSX agents are now able run the Execute Shell Command and Execute File script commands as either "system" or as "user" using user credentials. In the initial release of the Mac agent, these commands always ran as "system".

New Sample Reboot Scripts

New sample scripts have been added to support several reboot scenarios:

  • Reboot-Ask-No: If user is logged in, ask if it is OK to reboot; assume no after 5 min.  If user is not logged in, go ahead and reboot. This script calls Reboot-Ask-No-2 to ask the user.
  • Reboot-Ask-Yes: If user is logged in, ask if it is OK to reboot; assume yes after 5 min.  If user is not logged in, go ahead and reboot. This script calls Reboot-Ask-Yes-2 to ask the user.
  • Reboot-Nag: If user is logged in, ask to reboot every 5 minutes until the user allows the reboot. If user is not logged in, go ahead and reboot. This script calls Reboot-Nag-2 to ask the user.
  • Reboot-No-User: Reboot the machine only if a user is not logged in.
  • Reboot-Warn: If the user is logged in, warn the user that a reboot will happen in 5 min.  If the user is not logged in, go ahead and reboot. (Schedules reboot script 5 minutes from now.)

Dashboards – Alarm Count

All alarm dashboards with an alarm count now pull data from a rollup count table allowing for a more efficient query and update of the dashboard.

Event Log Collection

Prior to this release, when the VSA detected a flood of event log items, the VSA disabled collection of the entire class of events (Error, Warning, Informational, Success Audit, Failure Audit) for a log type on that machine. With this release the VSA introduces two new techniques to better manage certain events from overwhelming the system:

  • Global event log black list - A small number of event types from a handful of machines can overwhelm and cripple your VSA server with volume. Typically the offending event is of little or no value to the administrator. With this release, each agent will continue to process all events, however events listed on the black list will not be sent up to the VSA server. This should effectively cure the flood problem and prevent automatically disabling event log collection on any machine. Alarm detection and processing operates regardless of whether entries are on the collection blacklist.
  • Flood detection - Flood detection is still in place but the action taken has changed. No longer is processing permanently disabled. Instead, after 1000 events (not counting black list events) in one hour are sent to the VSA server, further collection of events of that log type are stopped for the remainder of that hour. A new event is inserted into the log to record that collection was suspended. At the end of the hour, collection automatically resumes. This technique prevents short term heavy loads from swamping your VSA server. Note that these techniques only affect collection. Alarm detection and processing operates regardless of whether collection is suspended.

Monitor Log, SNMP Log

Added start date and time to monitor log display allowing for more flexibility when searching log data.

Ticketing - View Summary

  • Changing multiple tickets - You can now change any field on multiple tickets at once. On the View Summary function, check the box for all tickets you wish to change a field value for. Then click Set Field The next screen lets you set a new value for any or all of the fields.
  • Search for phrases enclosed by double quoted strings - The search function looks in all text fields and notes returning all tickets that contain all the elements of the search string. Search string elements are delimited by spaces. Previously this prevented you from searching for phrases. Now you can include phrases as an element by enclosing multiple words in double quotes. WARNING: double quoted strings must be matched exactly. If you enter two spaces together in a double quoted string, then search only returns tickets containing the two spaces.
  • Preview Tickets - Hovering the mouse over a ticket's preview icon displays the ticket in a quick pop up window. Use the preview function to quickly go through all your tickets without having to open each ticket.
  • Auto submit checkbox - Checking this box automatically re-displays the View Summary page every time one of the field filters changes. If unchecked, change multiple field filters, then click Submit. The page now processes all the field filter changes at the same time and redisplays the page once.

Ticketing – Create/View

The View Ticket function name has been renamed to Create/View to better indicate this is the place to go to create new tickets.

Ticketing - Notify Policy

You can now format/customize additional ticket notifications. On the Notification Policy page click the Format button next to the following options to customize the notification email format:

  • Edit Summary
  • Assignee Change
  • Field Change
  • Due Date Change
  • Send auto response to emails creating new tickets

Ticketing -

Access Policy

On a per administrator role basis you can now control access to:

  • Editing submitter information
  • Changing the machine ID associated with a ticket.

Ticketing -

Assignee Policy

Assignee Policy is similar to Due Date Policy. It lets you automatically assign a ticket to an administrator based on the values from an combination of the list fields.

Ticketing - Email Reader

The sender's name is now pulled from the From address in the email header and set as the username in a newly created ticket. Tickets containing no message body and no attachments are now suppressed in place of adding a note that states "No response text provided"

Patch Mgmt -

View Definitions

Seven new filter options related to Patch Management have been added:

  • Machines having no patch scan results (unscanned)
  • Machines with Reboot Pending for patch installations
  • Machines with Patch Test Result
  • Machines with Patch Automatic Update configuration
  • Machines with Patch Reboot Action configuration
  • Machines with Patch File Source configuration
  • Machines missing a specific patch (identified by the patch's 6 digit KB Article ID)

Patch Mgmt – Scan Machine

Removed the option for master administrators to schedule a refresh of the patch database that only applies to legacy systems no longer supported by Microsoft and to download the latest Office Detection Tool (ODT).  An automatic background process now executes daily to ensure the latest ODT is downloaded to the KServer.

Patch Mgmt – Patch Scan Results Processing

  • Moved the processing of patch scan results from the general background process to its own separate background process and added process throttling. This improves overall system response and alert processing time when there are hundreds of machines with updated patch scan results.
  • When processing patch scan results, a new script is generated and executed to bring the KBxxxxxx.log and the WindowsUpdate.log up to the server for any patches that are reported as "failed".  These logs are occasionally useful in troubleshooting patch installation failures. The logs are found in the Get File function under the Scripts tab for the specific machine. The script log for each machine contains entries indicating that these log files have been pulled up to the server as appropriate.

Scripts – Patch Deploy

The patch installation script generated by the Patch Deploy Installer Wizard now schedules a patch rescan for execution right after the next reboot. This ensures the proper reporting of a patch's status without having to manually run a patch scan on the machine.

Patch Mgmt – Patch Installation Scripts

When patches are executed in a patch installation script, an entry is made in the machine's Script Log. Modified the log entry to include the patch title in addition to the KB article number/security bulletin number.

Patch Mgmt – Patch Scan Script

Added a new script ("Patch Scan") that is available in the Script Editor when either Execute Script or Schedule Script is selected. This "Patch Scan" script can be used to schedule a patch scan as part of a custom script. It will execute the appropriate patch scan script for the selected machine.


NOTE: Running the Patch Scan script executes only one of three secondary patch scan scripts. Each of the three secondary patch scan scripts is appropriate for the selected machine. When the Patch Scan script is run, you will see an entry in the script log and in the Pending Scripts tab of the Machine Summary interface for one of the following: "WUA Patch Scan 1 (x86)", "WUA Patch Scan 1 (X64)", or "Legacy Patch Scan".

Patch Mgmt – Windows Auto Update Scripts

The "Disable Windows Automatic Update" and "Reset Windows Automatic Update" system scripts are now available in any Script Search popup and the Script Editor when either Execute Script or Schedule Script is selected.  Since it is not possible to configure a template account with a specific Windows Automatic Update configuration, exposing these two scripts as system scripts now allows an administrator to schedule these scripts for any machine, including template accounts, from the Pending Scripts tab of the Machine Summary interface or to add the execution of these scripts in any other script such as a custom machine setup script.

Patch Mgmt – Initial Update

  • Removed the "Skip if machine offline" checkbox. Due to the nature of Initial Update processing, this option is not applicable.
  • Added warning for machines that are not a member of a Patch Policy so the administrator knows ALL missing patches will be installed.
  • Changed processing order to: (1) Windows Installer, (2) OS related service packs, (3) OS update rollups, (4) OS critical updates, (5) OS non-critical updates, (6) OS security updates, (7) Office service packs, (8) Office update rollups, and (9) All remaining Office updates.

Patch Mgmt –Pre/Post Script

Modified the Pre/Post Script function to include template accounts so the script assignments can be assigned via Agent Copy Settings and Agent Import/Export Settings.

Patch Mgmt – Automatic Update

  • Added warning for machines that are not a member of a Patch Policy so the administrator knows ALL missing patches will be installed.
  • Added new "Run Once" scheduling option, selected from the Daily/Weekly/Monthly drop-down list, to schedule a non-recurring one-time scheduling for automatic updates.

Patch Mgmt –Approval by Policy

Modified screen layout to support the following enhancements:

  • Added the capability to copy approval statuses from the current policy to another selected policy. This was added to support those customers who perform patch testing against a group of test machines using a test policy. Once testing has been completed and the patches have been approved/denied as desired, use the copy feature to copy only the approval statuses from the test policy to a production policy.
  • Added the capability to override the default approval status in a policy for patches that are classified as "Manual Install Only" or "Windows Update Web Site". Checking the option checkboxes at the bottom of the table sets existing updates of these types as denied in the policy and ensures future updates of these types in the policy are automatically denied.

Patch Mgmt – Reboot Action

The default value for a machine is now "Skip reboot if user logged in" rather than "Reboot immediately".

Patch Mgmt – Patch Download Location Override

An automated patch update (patch) location override service has been added. This service applies to patches that cannot be downloaded successfully using the original patch download location provided by Microsoft. This service identifies patch download locations (URLs) identified during WUA Patch Scans that are candidates for override location URLs. Candidates are those updates which the WUA Patch Scan reports as multi-file installation packages or as CAB file installation packages. When a new candidate update is identified, an email notification is sent to Kaseya with the update details. These details are used by Kaseya to identify a single executable file installation package. If one exists, an override location URL is added to an override location database (XML file). This override location database is automatically downloaded and processed by a background process every four hours.

The email notification that is sent to Kaseya contains no information other than selected update (patch) data elements from the Microsoft Update Catalog via the WUA Patch Scan.  It is possible to disable these notifications by unchecking the checkbox next to "Enable Invalid Patch Location Notifications" on the Configure page under the System tab. If blank, no notification is sent to Kaseya. You will still receive updated patch location overrides prepared in response to notifications reported by other customers, regardless of this setting.

A new patch location warning, "Patch Location Pending", might be observed on the Machine History, Machine Update, Patch Update, and the Patch Details pages. This warning indicates that the update (patch) does not yet have a valid download location URL and it cannot yet be installed. This warning is removed once an override download URL has been provided by the override location database.

K-VNC for Mac OSX

The K-VNC for Macintosh machines has been updated to RealVNC Enterprise version 4.4.2.

Note for OS X 10.5 users – After the first time install of K-VNC, the system must be rebooted before remote control sessions may be established. Remote control sessions to 10.5 requires that a local user already be logged onto the system.

K-VNC for Windows

The K-VNC for Windows machines has been updated to RealVNC Enterprise version 4.4.2.

Remote Control – Terminal Server

This release adds two enhancements to remote control using terminal server.

  • When sharing disks, you can now restrict the drive letters shared to a limited list. Set Parameters lets you list the drive letters you wish to expose to the remote machine. Use this to share D: without exposing C:
  • The window title now includes the machine ID you are remote controlling. This is helpful when you have several terminal server sessions open at once.

Remote Cntl > Send Message

You can now identify the currently logged on user of a machine before sending a message to that machine.


Backup is now a separate installable module (BUDR.exe). On install of the 5.1 update, BUDR.exe is installed if either (a) there are some backup licenses or (b) there are some installs of backup.

Backup – Schedule Folders

The schedule folder page no longer allows scheduling a folder backup if the Image Location is not configured

Backup – Image Location

When clearing the Image Location, scheduled backups for that machine are removed.

Backup Report

Separate backup counts are displayed for succeeded/failed/warning/cancelled in the header of the backup report.

Reports – Executive Summary Report

Calculations for the Network Health Score for Operating Systems have been changed.  Score thresholds were changed from Vista, 2003, XP, 2000 to Vista/2008, XP/2003, 2000, Mac OS.  This means the OS thresholds are basically for "Windows 6.x", "Windows 5.x", "Windows 4.x", and "Mac OS".

NOTE: Customers should check their currently saved executive summary reports and adjust the scores as desired for the OS Score.

Reports- User State Management Power Savings Report

Added a new report for licensees of the User State Management module to calculate actual and possible savings from managing computer power settings with the Power Policy feature of User State Management. 


Agents are now supported on Windows Server 2008.

LAN Watch - Active Directory Harvest

When performing a LAN Watch on a primary domain controller, you can now optionally enable/disable the harvesting of AD users and AD computers.

Active Directory- paging

Added paging capability to the "View AD Users" and "View AD Computers" pages.

Temp Directory

Master administrators can now set a system wide default for the agent temp directory.

Copy Settings

  • The status column now displays the machine name that settings were copied from and the time they were copied.
  • Added the ability to copy User Profile information in Copy Settings.

Update Agent

You can now schedule a script to run immediately after an agent update completes. This capability lets you reapply any customizations you have made to managed machines that are lost after an agent update. Typically agent customizations involve renaming or hiding agent identifiers to prevent users from being aware that the agent is installed.

Log Archiving new partition tables using bcp

Partition tables have been added to help manage large amounts of log data for the following tables: nteventlog, monitorCounterLog, monitorProcessLog, monitorServiceLog and monitorSnmpObjectGeLog.  A partition table is created every day for each log, for example nteventLogYYYYMMDD. Archiving the partition table uses the Bulk Copy Program (BCP) to efficiently move the data from the database to an archived text file. The archiving is based on the maximum value for that specific log found in Agent -> Log History.

NOTE: The server name is setup using the computer name during installation of SQL Server. If you change the name of the server you need to use sp_addserver and then restart SQL Server. If the computer name has been changed since the original installation then the bcp command will fail because the -S parameter is using the <servername\instancename> that was the <computername\instance> at time of installation.

Function Access - Messages and Tasks

You can now enable/disable access to both the Messages and/or Tasks panes shown in the View Dashboard page of the Home tab on a per administrator role basis. Select Function Access under the System tab to set these rights.

Function Access - Documents

You can now enable/disable access to document deleting and document uploading on an administrator role basis. Select Function Access under the System tab to set these rights. Documents are managed using the using the Audit > Documents page.

System – Configure

A new checkbox exists on the Configure function used to force an automatic redirect to use SSL when ever anyone attempts to log into your system via http. To activate, check "Automatically redirect to https at logon page".

Installer / Updater

The Kaseya Server installer and updater now pulls the latest hotfixes prior to the final step of reapplying the database schema.

Third Party Copyrights

A new Third Party Copyrights button displays in the System > Configure page, next to Release Notes and Show License. This information identifies open source and third party software licensed for use by Kaseya.

Database Views – Patch Views

An "InstallationWarning" column has been added to the following views:

  • vPatchApprovalStatus
  • vPatchPolicy
  • vPatchStatus. 

The column returns 'Manual Install Only', 'Windows Update Only', 'Product Upgrade Only', or an empty string as appropriate.

Database Views – System Status Functions

Added three new SQL user-defined functions (pseudo-parameterized views) to return the counts displayed in the operating system pie chart and the missing patch pie chart seen on the View dashboard page under the Home tab. These functions are used just like views.  Refer to the help topics under Database Views for:

  • fnOSCounts()
  • fnMissingPatchCounts_NoPolicy()
  • fnMissingPatchCounts_UsePolicy()

VSA API Web Service

  • Many new operations have been added to the API.
  • The API can now call and display any VSA page the authenticated administrator has access rights to.
  • The API can now set the value of any field displayed in the Ticketing > Edit Fields page.

Kaseya User State Management v1.0 (v1.0.0.0) – 7 September 2008

Application Settings Extensibility

Added documentation on the technical details of how to extend User State Management in order to manage additional application settings. This allows 3rd party and custom vertical applications settings to be managed seamlessly within the User State Management module. This feature was released with Kaseya 2008 (v5.1.0.0).

New features in Kaseya 2008 (v5.0.0.0) – 10 March  2008
Monitoring, Active Directory, User State Management, and more…

Agent Icon

The agent icon will always remain visible in the system tray for systems configured to show the icon. Prior to this release, Windows would hide the icon if it had not been accessed in a while.

Status Icon

Added a new status icon to represent that an agent is online and that someone is logged into that machine. If someone is logged in, then the tool tip for the icon lists the login name.

Machine ID / Group ID filter -

Machine Count

The machine ID / group ID filter area now lists the number of machines matching the current machine/group/view filter. Use this information as a quick reference to identify the number of machines potentially effected by any action.

View Definitions - Collections

Collections are now defined using the View Definition window in the machine ID / group ID filter. A new check box labeled "Only show selected machine IDs" lets you specify an arbitrary list of machine IDs seen when using this view. Collections, as with all View Definitions, can be private, shared or public.

View Definitions - Missing Patches

The View Definition window includes a new "Use Patch Policy" check box showing machines missing patches greater than or equal to a specified number to optionally apply the patch policies. If this box is checked, only missing approved patches will be counted.

View Definitions - Patch Scan Options

The View Definition window includes the following new options for patch scan scripts:

  • Patch scan scheduled / not scheduled
  • Patch scan success / failure
  • Patch scan has / has not executed in last x minutes/hours/days

All alert email functions have database access

All alert email functions now include data pulled from the database. The same format provided in the Get Variable script function may be used in any alert formatted as follows: <db-view/column>. For example, to include the computer name of the machine generating the alert use <db-vMachine/ComputerName>

SW License

The Audit > SW Licenses function highlights when duplicate licenses are found on the same group. The duplicate license count is now a link that lets you drill down and get a list of machines that share the same license code.

Machine Summary

Added the following to the Machine Info tab:

  • currently logged in user
  • domain/workgroup
  • Last check in time
  • last reboot time
  • first check in time

Added new log type Log Monitoring

Machine Summary -

New Ticket link

The Machine Summary page now includes a New Ticket link at the top of the page. Clicking the link opens a new ticket assigned to this machine id. An optional interface allows you to configure this link to access external systems as well. See the Machine Summary online user assistance topic for details.

External Link to Machine Summary

The following URL displays the Machine Summary web page for a specific machine ID: http//servername?machName=MachineID.groupID
You are first prompted to login, if you are not already.


The application Packager function used for creating custom installations now supports output packages larger than 2 GB.


The Distribution function, under the Scripts tab, histograms the recurring schedules for scripts. This function quickly highlights potential server loading by showing peaks where multiple machines are scheduled to run the same script at the same time. This release adds a drill down capability to the histogram such that you can click any peak on the histogram and get a list of machines that make up that peak.

Scripts -CheckVariable - Evaluated Expression

A new script IF EvaluateExpression command evaluates expressions consisting of script variables from a parent script and six mathematical operators +, -, *, /, (, and ) to perform the comparison to determine whether to execute the THEN or ELSE statements.  For example, you can evaluate the expression

IF (#variable1# + #variable2#) * 100 > #variable3#

where the variables contain numeric values from a parent script that obtained them using GetVariable commands.

Scripts -

OS Type

The OS type selection for script steps now includes the options for "Mac OS X" and "All Windows Operating Systems".

Scripts -


A new option sends an alert for the GetFile script command when the file is identical to the one that was retrieved the last time.

Scripts -

GetVariable - Expressions

Added the ability to specify an expression that consists of script variables and six mathematical operators +, -, *, /, (, and ) that will be evaluated and assigned to a new script variable.  For example, ((#variable1# + #variable2#) + 17.4) / (#variable3# * 4). The script variables must contain numeric values.


GetVariable - WMI Values

Added the ability to specify a WMI namespace, class, and property and assign the retrieved value from a managed machine to a script variable.  The format of the specified WMI property is NameSpace:Class.Property.  For example, root\cimv2:Win32_OperatingSystem.FreePhysicalMemory

Scripts -

Set Registry Value

Added ability to set registry values with the data type REG_MULTI_SZ. Separate each string with the two character sequence of "\0".  Use the three character escape sequence of "\\0" to include "\0" as part of a value string. This capability requires the Kaseya 2008 agent.

Dashboards and Dashlets

Added a new Dashboard List function to manage configurable monitoring windows called "Dashboards". Each administrator can create their own dashboards and add one or more custom "Dashlets" in each dashboard. Each dashlet has the following customizable attributes; position, size, machine filter, header and refresh rate. Dashlets include:

  • Alarm Summary
  • Alarm Rotator
  • Alarm Ticker
  • Network Status
  • Group Alarm Status
  • Monitoring Set Status
  • Monitor Status
  • Machines Online
  • Top N - Monitor Alarm Chart
  • KES Status
  • KES Threats

Alert -
Format Alert Email

The Alert > Agent Status > Format Alert Email window now has two new formats. One for a single machine going offline. The second when multiple machines in the same group go offline. Note that a separate alert is generated for each machine group.

Pre-Packaged Monitor Sets and Event Sets

Kaseya 2008 features a wide variety of performance and service monitor sets and event sets. These sets monitor server and workstation performance objects including SQL, Exchange and other key performance objects such as DNS, DHCP and disk drives. Event sets monitor the Windows event logs for a variety of application, security and system event entries. Events set alerts are defined using Monitor > Alert > Edit Event Sets. Sample monitor sets and events sets are loaded with the installation of Kaseya 2008 or by using the System > Configure page. Sample monitor sets and sample event sets can be identified by the naming convention. Each name begins with ZC-.

Monitor Set Naming Example:

    ZC-SV3 – DHCP Server – DHCP Services

Event Set Naming Example:

    ZC-CM1-E1 Antivirus Events

Monitoring - General

  • Alarms are now optional.
  • Alarm state (Open, Closed) and notes no longer exist for monitor alarms. This data is now a read-only log.
  • New alarm state data contains current state of monitor counters, services, process and SNMP. Alerts, system check and log monitoring data are not included in this state data.
  • Monitor view consoles are updated to use the new alarm state data appropriately.

Log Monitoring

Added new function to monitor the parsing of log files. 

  • Ability to parse log files created from specific machines and syslogs from devices.
  • Ability to pull log data into custom field parameters for reporting.
  • New log called Log Monitoring to view and report on log data returned.
  • Added to monitor alarms with the new alarming criteria; if event happens once, if number events happen over a duration, and if an event doesn't occur for a duration.
  • Alarm is not required.
  • Added Log Monitoring to Logs report.
  • Added Log Monitoring list to Machine Summary.
  • Added Log Monitoring results to Executive Summary Report sections; System Activity and Network Health Score.

Windows Event Logs

Enhancements to Windows Event Logs:

  • Added support for all Windows event logs. Update List By Scan function pulls event log types from the machine scanned.
  • Added new Windows Vista event log types of Critical and Verbose.
  • Event Alerts – alarms are optional
  • Event Alerts – added new alarming criteria, if event happens once, if number events happen over a duration, and if an event doesn't occur for a duration.
  • Event Alerts – Added re-arm time
  • Event log reports support all event logs.

Monitor Sets - Counters

In the Counter Thresholds tab of Monitor Sets enter an instance of *ALL for a monitor set object, as opposed to selecting *Total which combines the results. For example, if multiple drives are determined to exist on a machine, based on the Audit function, the monitor set with an instance of *ALL will dynamically select a counter for each drive.

Monitor Sets - Services

In the Services Check tab of Monitor Sets, select the *ALL selection to monitor all services set to automatic on a monitored machine, instead of having to address each service individually.

Monitor Sets - SNMP

In the SNMP Sets wizard in SNMP Sets select an instance of All to address each SNMP instance in an SNMP object separately. These instances are identified by the last SNMP walk perform during a LAN Watch.

SNMP Sets – Percentage Comparison

SNMP Sets now provides a percentage comparison of one SNMP Object to another, for example, if ifInErrors is greater than x% of total UcastPackets.

SNMP Quick Sets

An SNMP walk during a LAN Watch identifies all SNMP objects that apply to an SNMP device. Using Assign SNMP, you can click the link of a discovered SNMP device and create an SNMP "quick set" to monitor that device.

Monitor Sets and SNMP Sets -
Auto Learn

Monitor sets and SNMP sets can to set to automatically adjust their alarm thresholds based on real word data for a specfied time period. Once an auto-learn session has been completed, the alarm thresholds can be fine-tuned manually.

Monitor Sets and SNMP Sets -Individualized Sets

An "individualized" monitor set or "individualized" SNMP set can be created for a specific machine or SNMP device, based on a "standard" monitor set, a "standard" SNMP set or a "standard" SNMP quick set. From that point forward changes made to the individualized set apply only to the machine or device it is monitoring.

System Check - Custom Name

Added custom name to system check. The name is used in alarm and email format templates.

Email Reader

Ticketing > Email Reader can now be customized to ignore emails containing specific text strings. Use this feature to prevent ticket creation when emails are received from things like email bounces. Typical bounced emails contain the string "Undeliverable: ".

External Link to View Ticket

The following URL displays the Ticketing > View Ticket web page for a specific ticket:
You are first prompted to login, if you are not already.

Product Identification

Added a Product column to various patch screens to help identify the product category associated with the specific patch. Also added this attribute to the Patch Details screen. For those cases where a specific patch is used across multiple operating system families (i.e., Windows XP, Windows Server 2003, Vista, etc.), the product category is "Common Windows Component". Examples of the "Common Windows Component" product include Internet Explorer, .Net, Windows Media Player, MDAC, MSXML, etc. This attribute has replaced the patch name on those screens where patch name was previously displayed.

Patch Status -
Reboot Button

Added a "Reboot Now" button next to the "Reboot Pending" notification on the Patch Status page. Clicking the button schedules an immediate reboot on the machine. A confirmation dialog box is presented to prevent inadvertent reboots.

Automatic Updates

Added capability to schedule automatic updates on a monthly basis.  Automatic Updates can be scheduled daily, weekly on a specified day of the week, or monthly on a specified day of the month (1-31).

NOTE: When processing monthly automatic updates, if the current month has fewer days than the scheduled day of the month, the automatic updates is processed on the last day of the month. For example, if the current month is April and the scheduled day of the month is 31, the patches are scheduled on April 30th.

Patch Alerts

Added a new machine level patch alert. This alert, when configured, is generated when the Windows Automatic Update Policy on the machine is changed to a setting (disabled, enabled, user control) that is different from that specified in the Windows Auto Update function under the Patch Mgmt tab. The Windows Auto Update function displays the current Windows Automatic Update Policy setting on the machine. This setting is obtained during each patch scan, and the alert is generated, if necessary, during the processing of patch scan results.

Patch Update

A "Patch Group By" dropdown list has been added to allow the user to change how the displayed patches are grouped. Before this release current grouping was based on the update classification and could not be changed. Now, the user can group by either update classification or product. The screen layout was modified to include both product and update classification in the presented data. Patches are still sorted by KB article within each grouping so that patches having the same KB article number are next to each other.

Patch Policy

Changes to approval/denial of patches include:

  • The former "collections" functions on the System tab have been moved to the Patch Policy section under the Patch Mgmt tab.
  • These former collections are now called "patch policies".
  • Standard administrators can only see patch policies that contain machines they have rights to see or patch policies they create. This should allow standard administrators to now safely manage patch polices without interfering with administrators restricted to a different set of machines.
  • When a new patch policy is created, all active patches in that policy are now automatically set to pending approval rather than the previous default behavior of approved.
  • The "Patch Approval" function has been renamed "Approve by Policy" to distinguish it from the new "Approve by Patch" function.

Approval by Policy -  Group By

Modified the screen to be able to select the view of the status table based on update classifications or based on products. Both views are presenting totals from the same data source, so the total patch count for each approval status are the same, just distributed differently depending on the view selected. When a drill down is selected to the patch details page, the patches are grouped by the classification (sorted within classification by product) or by product (sorted within product by classification) based on the view selection.

Approval by Policy - Save As

Added "Save As" capability to copy the current patch approval policy as a new policy with identical settings. All patch approval/denial statuses are copied as are the default approval statuses for the policy.
NOTE: Machine membership is NOT copied to the new policy.

Approval by Policy - Default Approval Status

Default approval status can now be set for each update classification and each product within a patch policy rather than just for the policy.  This allows setting patch policies to automatically approve selected update classifications such as security updates while automatically denying other update classifications such as service packs and automatically setting the rest of the update classifications to pending approval. It alsos allows setting patch policies to automatically deny patches for selected products such as Office 2000 while automatically approving patches for products such as Office 2007 while automatically setting patches for the rest of the products to pending approval.

NOTE: If there is a conflict between the two default values, the more restrictive default value is used. For example, if one default is denied, the patch is set to denied. If one default is pending approval, the patch is set to pending approval. Both defaults must be approved for the patch to be set to approved.

Approval by Policy - Drill Down Details

  • Added the ability to add an optional short note (max 500 characters) to document why a patch was approved or denied.  This note is displayed under the patch title when the "Show Details" check box is checked. The note is added to when the Approve or Deny buttons are selected.
  • Added additional columns in the display to make the screen more informative.
  • Added ability to filter list of patches on details view.

Approval by Patch

Added a new function under Patch Mgmt > called "Approval by Patch". The data displayed on this page is the same data available in "Approval by Policy". It is just displayed from the patch perspective rather than from the policy perspective. Approving or denying patches from this page provides an "approve or deny once" capability. Includes the ability to filter the list of patches.

NOTE: This function is only available for master administrators because it affects ALL patch approval policies.

KB Override

Added a new function under Patch Mgmt called "KB Override". Using this page, you can set a default patch approval status override (Approve or Deny) for a specific Microsoft knowledge base (KB) article. This override status is used rather than the patch policies' default approval status when adding a new patch to all patch approval policies. It also resets the approval status for the specified KB article in ALL patch policies. To add the KB override, a patch must already exist in the system with the specified KB article number.

NOTE: This function is only available for master administrators because it affects ALL patch approval policies.


A new option in Remote Cntl > Chat, "Automatically close chat window when either party ends chat" lets you control how the window behaves at the end of a chat session. Uncheck this box to leave the chat session open after the other side closes the window. This gives people a chance to read the last message or copy data into another file.


ActiveX installs all remote control views for the admin and the remote control server for the user when the admin uses the Video Streaming function. This can cause problems if the user's browser blocks ActiveX controls from running. With this release, if the user's browser detects the ActiveX control could not run, then the user is presented with a link to manually download and run the remote control package manually.


K-VNC is now supported on Windows 2000, XP, and 2003 in addition to Vista.

Backup Status

Added a new Backup Status dashboard, which provides:

  • A list of backups in progress including % complete
  • A backup summary pie chart showing scheduled, skipped, failed or cancelled backups
  • Backup status by machine showing status backups scheduled, skipped, failed or cancelled for each machine

The time period over which to collect results is selectable.

Backup Sets

Enhancements to backup set management include:

  • Option to delete backup set before running backup. This reduces the amount of disk space necessary on the backup server.
  • Additional folder and volume backup set data detail. Report now includes type of backup performed (full, incremental, differential) as well as the number of disk volumes backed up for volume backups.
  • Access to full log detail from backup set detail page via hyperlink.
  • Canceling a backup in progress using an option from the backup set detail page.

Backup Alerts

Alarms are now optional for alerts. Additionally, two new alerts have been added:

  • Skip recurring backup for offline machines. An alert is generated if a recurring backup is skipped on a machine a designated (user set) number of times
  • Alert when image location hard disk used reaches user defined number of Mbytes free.

Backup Logs

Enhanced error detection and recovery.

  • If the original full backup is missing when performing an incremental or differential backup, the backup is now reported as a full backup.
  • More robust detection of errors when end-user has uninstalled the Acronis agent locally

Reports -


Backup report now offers option to include or exclude machines without data.

Reports -

Patch Management

  • Added "Manual Install Updates" to patch management report filtering to include all patches that require manual installation, including those patches that can only be installed via the Windows Update web site.
  • Added ability to filter patch reports by either the existing standard filter selections or a custom filter for a specified comma delimited list of KB Article Numbers and/or Security Bulletin Numbers.
  • Added a summary table of machines and count of installed patches to the "Patches Installed in Last x Days" report segment.

Reports -


  • Added a new checkbox to the Logs report named "Preserve plain text formatting". Check this box to display plain text logs with the formatting from plain text files preserved in the HTML page.
  • New Log Monitoring Report - Reporting on data returned from the new log monitoring feature. Allows for filtering on log text and custom fields by log parser.
  • New Event Log Frequency Report - Report gives the most occurring eventIDs for the selected event log types for each machine ID.

Reports -

Monitor Action Log

New log describing the actions that occur when a monitor alarm threshold is met. Contains information on alarm created, ticket created, scripts scheduled, and emails sent.

Reports -

Event Log Frequency

New report displaying top number (N) of windows event logs per machine ID.

Reports -

Executive Summary

Added Log Monitoring to system activity.

Added Log Monitoring Custom allowing to count, total, average, min and max of log parser custom number fields.

Report – Monitor Action Log

Added monitor action log to monitor reports section.

DNS Computer Name

The fully qualified DNS computer name is now available for any machine that is a member of a domain. Members of workgroups return the computer name only in this field. Display the DNS Computer Name in either the Agent > Agent Status function or in the Aggregate Table report.

CPU Count

The CPU Count number, returned by audit, is now available on both the Agent > Agent Status function or in the Aggregate Table report.

Log History

Added capability for the following to be aged and/or archived:

  • Agent Log
  • Configuration Changes
  • Network Statistics
  • Script Log
  • Remote Control Log
  • Alarm Log
  • Event Log
  • Monitor Log
  • SNMP Log
  • Log Monitoring

The archiving of logs places log table data into text files. These text files are stored at a specified location and categorized by log table and machine ID.

Agent Install Packages - Standard Administrators

Standard administrators are now restricted to creating agent install packages using existing group IDs.

Macintosh Agents

A Macintosh agent is now supported. The agent type is specified in the Create Package wizard in the Agent > Deploy Agents function. If an administrator password is omitted from the Macintosh installation package, the installer prompts for administrator credentials during the installation as long as the silent option is not selected.

Rename Group

The Agent > Rename Group function under the agent tab, lets you rename any machine group ID or subgroup.

Rename Agent

Agents now check in using a GUID instead of the machine ID. Old agents can still check in using the machine ID and are fully supported except for renaming capability. Renaming now just changes the display name of the agent. The agent GUID stays the same. So in order to rename agents in the new system, the agent must be upgraded to Kaseya 2008 first.

Hide Common Computer Names

Typical laptop computers may have multiple MAC addresses and LAN Watch may detect both MAC addresses for the same laptop, for example, wireless LAN vs. direct connect LAN. So an additional checkbox has been added to hide machines that have a common computer name in the same group ID. Only the MAC address used by the agent to connect to the Kserver is reported.


This release supports Intel's vPro-enabled processors.

  • vPro enabled machines can be discovered using LAN Watch.
  • LAN Watch discovery can include an audit of the hardware assets of vPro enabled machines.
  • Remote Cntl > Power Mgmt provides scheduling of power ups, power downs, and reboots of vPro-enabled machines.

Active Directory

LAN Watch has been extended to integrate with Active Directory. Running LAN Watch on a primary domain controller automatically discovers all computers and users listed in AD. Two new functions, View AD Computers and View AD Users, display Active Directory results. You may also deploy agents to Active Directory computers found by LAN Watch as well as update user information pulled from Active Directory.

AD Logon

Any user discovered by LAN Watch may be tagged as a new Administrator logon or User logon to the VSA using View AD Users. These logons are all authenticated by the domain controller the logon is attached to. So now you can use a single logon on both your network and the VSA, all controlled by Active Directory.

NOTE: You can remove both the Domain field and the Remember Me checkbox from the logon page by checking the appropriate boxes on the Logon Policy function under the System tab.

Copy Settings - Exclude Patch File Source

A new Agent > Copy Setting option, Patch File Source, lets you exclude or replace the patch file source. The patch file source is frequently a customer-specific setting and should not be overridden when copying settings.


The System > Migrate function has been replaced with a new Agent > Import/Export function. Exported accounts capture all machine settings, including script schedules, into an xml file. Use Import/Export to move settings attached to any agent. Note that Import/Export only moves settings and not data attached to a machine. Log data is not moved with Import/Export.

Suspend Agent

Suspend all agent operations (scripts, monitoring, patching, etc...) without changing the agent settings. Use Suspend to disable accounts without deleting the agent or modifying any of the agent's settings.

Admin Role Management

Administrator management has been enhanced with this release to allow non-master administrators to more securely manage other administrators. The administrator management functions under the System tab, restrict non-master administrators to only seeing other administrators that are members of the same roles. Note that master administrators rights may never be removed by standard administrators. Effected functions are:

  • Admin Roles – Create/Delete
  • Membership
  • Group Access
  • Function Access
  • Login Hours
  • Admin Accounts – Create/Delete
  • Enable/Disable
  • Set Password
  • Admin History

Function Access

A new Enable All/Disable All button gives you a quick way to turn access on or off for all functions for an admin role. Click Disable All when configuring an admin role that does not have access to many functions.

Function Access -

Summary Page

Access to the tabs on the Machine Summary page can now be granted or blocked on a per admin role basis using Function Access.

Function Access -

Lock Settings to Match

Function Access settings for an admin role may now be locked to some other admin role. Any changes to the Function Access list for one admin role are automatically applied to all roles locked to it. If you create unique admin roles in order to isolate access to machine group, but want to give each role the same list of functions, then you can use this new feature to manage all function access from a single role.

License Manager

License limits now flow down to subgroups. Subgroups now inherit the license limit applied to their parent groups if the subgroup does not have a limit specifically applied.

Login Policy

The login policy is now enforced for both user and administrator logins. Prior releases only applied login policy to administrator accounts.


The customize function now lets you further customize the logon screen. You can add additional links on the left edge of the screen. This may be a useful spot to place a link to the Video Streaming page (/getHelp.asp) for example.

Database Views -

vBackupLog view

Added a new column to the vBackupLog database view. imageSize shows the size in bytes of the backup file. If the log entry does not relate to a backup then this column returns a zero.

API Web Service

Added a web service that provides an API (application programming interface) to the VSA. Enable the web service using the System > Configure function. Once enabled, the web service may be queried from the URL http://<your-vsa-server>/vsaWs/KaseyaWS.asmx using a valid administrator credential. A test client example, access control rules, and further details may be found in the directory <kaseya-install-dir>\vsaWs.

Kaseya Endpoint Security v1.2 (v1.2.0.0) – 10 March 2008

View Status

The current available version is directly off the Grisoft RSS feed and will be updated within 15 minutes of Grisoft posting an updated

View Status

The "Threats" column nows present a link to the manage threats page filtered on that individual machine. The top machine filter is not affected.


Individual agents no longer have update schedules. The KServer now tracks updates and schedules update scripts on individual agents only as needed. This results in timelier updates with less overall activity.


Because of the new automatic update script assignment, periodic (recurring) updates are no longer allowed. This page is for "manual push" only.


KES updates now honor the "File Source" settings under Patch. So KES can now deploy updates to agents that are not internet-connected (as long as they can reach the file share and the file share can reach the Internet).


The KES Agent now goes to the VSA server for updates when the File Source is KServer or Internet

View Threats

Select All has new behavior. Now it selects all of the threats in the current filter instead of just the current page.

View Threats

Now has a "Purge" button in the action bar for "clean up". This will remove the threat from the active threat list (and put it in the history list) without triggering any script on the agent.

View Threats

There are now two tabs. The "Current Threats" tab is conceptually identical to the old page, showing threats that are current or in process of being taken care of. "Historical Threats" are threats that have been taken care of either through a clean, delete, restore, or purge.

View Threats

Additional filters: "machine", which allows narrowing by machine without affecting the top-level filter (useful for stepping back and forth from the status page). "Time" filters on the discovery date by min/max/in between. "Categories" filters on the threat type—whether antivirus or antispy. "Action" and "Status" filters by what action (if any) has been taken and what the progress of that action is (pending/failed).

View Logs

Filters added to make log more useful. "Time" filters by when the event occurred (you have a lower and an upper date, and if either is empty that end is "open", so both empty means "all"). "Categories" lets you pick events to view by category. "Message" lets you text search the message for some particular string.


KES Alarms are now assigned via sets. These sets are created on the new 'Define Alarm Sets' page, and assigned on the 'Apply Alarm Sets' page.


There are new KES alarms.

Define Profile

The profile UI has been updated to more closely reflect AVG.  A few new options have been added as well.

  • Certification text for incoming and outgoing mail.
  • Ability to add prefix text to the subject of a message that contained a virus.

Define Profile

A new tab called "Exchange" allows for configuration of the new real-time monitor for Exchange (see MS Exchange Install/Remove below)


There is a new button on the view threats page 'Add to PUP Exclusion List'.  Any threats selected when this is pressed will be added to an exclusion list for the profile assigned to the machine they were found on. If AVG decides a file by this name is a PUP on any machine with this profile, this file will be ignored (excluded).


There is now an option to choose which profile to assign to a machine at install time.

MS Exchange Install/Remove

Added support for real-time monitoring of Exchange Servers. This page allows you to install Exchange Server support on any KES endpoint that is also an Exchange Server. Different licensing applies.

Kaseya User State Management v1.0 (v1.0.0.0) – 13 March 2008

Policy Management

Functions to support definition and deployment of machine policy for power, mapped drives and printers. Support for backup, deployment and migration of user accounts, system and application settings.


Create power policies for different groups and/or machine roles. Schedule and deploy power settings to all users on targeted machines.

Mapped Drives

Create drive mappings for different groups or roles. Deploy mapped drive settings to all users on targeted machines.

Printer Mappings

Create network printer definitions, schedule and deploy printer configuration to groups of machines.

Desktop Standards

Create a desktop standards package to deploy specific system and application settings to all users on groups of machines.

User Settings Backup and Restore

Back up user account information and system and application settings from groups of machines. Restore allows selective restore of account information and settings to the same or a different machine.


Multi-machine migration of user account and system and application settings. Enables ordered migration of user account information and preservation of user settings migrations to new machines during hardware or Windows OS upgrades. 

New features in v4.8.0.0 – 5 June 2007

Exec Sum Report

  • The OS score weighting can now be customized. You can individually weight the OS score given to Vista, 2003, XP and 2000. Enter the % weights (0 to 100) in the four columns normally used for %score. Place Vista in the 100% column, 2003 in the 75% column, and so on. All legacy OSs are given a zero. If you have a large number of legacy OSs deployed, considered turning off the OS score.
  • Changed the default System Activity search filter data to only count "*Success THEN*" for Latest Audit and Patch Scan. Prior to this release, the default values counted any appearance of Latest Audit and Patch Scan, including reschedule events. Note: You must edit any saved Exec Sum Reports yourself to add these new filters in by clicking the Change Rows button.

Login Policy

The password strength section lets you specify the following:

  • Block administrators from changing their login name
  • Require password change every N days
  • Enforce minimum password length
  • Prohibit password reuse
  • Require upper and lower case alpha characters
  • Require both alpha and numeric characters
  • Require non-alphanumeric characters

Patch Mgmt

Added WARNINGS and/or NOTES to screens affected by Initial Update to better inform users of its impact on patch management functions.

Patch Mgmt – Patch Status

Enhanced the Patch Status page with the following:

  • Added a new column, "Missing Manual", to provide a count of those patches that require a manual effort to apply. These patches cannot be processed by Automatic Update or Initial Update.  The total of all missing patches is the sum of the "Missing Approved", "Missing Denied", and "Missing Manual".
  • Added the ability to display the status of Initial Update while it is being processed.  The Initial Update status message and date/time is displayed instead of the column totals when ever Initial Update is being processed.
  • Patch Test will not be performed on machines that have Initial Update being processed.  Added NOTE on screen to that effect.
  • Added the ability to display the name of machine's operating system if the OS is not supported for patching

Patch Mgmt – Rollback

Added the date, if available, that the patch was installed to the screen similar to the Patch History screen.

Patch Mgmt – Cancel Updates

Add a notation to the "Pending Update Install Status" column to indicate that the patches currently pending installation are being processed by Initial Update.  Canceling pending updates will now also cancel Initial Update.

Patch Mgmt – File Source

Enhanced the File Source page with the following:

  • Modified the "Pulled from file server using UNC path" option by adding a Machine Group Filter dropdown list to filter the list of machines on which the file share is located.  Previously, the Select Machine Group that filters the list of machines displayed on the page was used.  This prevented users from selecting a machine in another group as the file share unless they selected all machine groups for the page.
  • Added a sub-option under the "Pulled from file server using UNC path" option.  This new sub-option permits the administrator to configure a machine to obtain patches from the file server when the machine is connected to the LAN, but fallback to download the patches from the Internet if the file server is not available for any reason (cannot connect to file server or bad network credential).

Patch Mgmt – Windows Automatic Update

Added checkbox to "Force auto-reboot if user is logged on" to the "Configure - Force Windows Automatic Update configuration to the following settings" setting. We also changed the underlying default to NOT force the reboot. This is a Windows Update registry setting that only affects Windows Automatic Update.  Windows Automatic Update cannot use Kaseya's Reboot Action settings.

Patch Mgmt – Office Source

Added the ability to filter by Office products/product codes to make it easier to set multiple machines to a common Office source share.  Since the same Office product can have one of several product codes, the filter ensures that only products with the same product code are selected together.

Patch Mgmt – Command Line

Renamed the "Default" button to "Reset to Original" and modified the action from replacing all command line switches to only those for the selected patches.

Status Monitor

The status monitor pop up window no longer counts or displays template accounts (agents that have never checked in).

Script Editor

Fixed problem with file list that would not list shared files unless that admin also had rights to upload and delete shared files. All admins may see shared files.

Agent Installer

Increased Agent installer options buffer from 128 bytes to 2048 bytes. This change allows longer messages to be included in the Agent Install switches when using Deploy Agents to create the Agent install package.

Video Streaming

Added link to terminate video streaming sessions. As an admin, when you start the wait for a user to initiate a video streaming session you are listed on the getHelp.asp page. Click the terminate session link to remove yourself from that list.

Backup Scheduling

All parameters for both Schedule Volume and Schedule Folder are now independently settable. So now you can change a machines backup schedule without modifying the backup set count or recurring interval.

Backup - Differentials

You can now choose to save all differential backups made since the last full backup in addition to just the last differential backup. Choosing to only save the last differential saves the most disk space.

Backup Imaging

  • Vista is now supported. You can now backup Vista boxes
  • In previous releases if a network connection dropped, however briefly, the backup or verify failed. With 4.7.1, the system retries for up to 10 seconds before giving up. This addresses issues found with NAS storage devices.
  • This release has better VSS support.

Folder Backup

In addition to local drive paths, you can now specify UNC paths to backup. For example, you can include a folder like \\fileshare\docs into your list of directories to backup. Note that the file share must be accessible by the credential set up for this machine (Set Credential command under the agent tab).

Backup Alert

Added a separate alert for Full Backup Completed. This alert only goes out after a full backup completes, as opposed to incremental or differential backups. If you physically transfer disk images periodically, use this alert. Just after a full backup completes is a good time to transfer disk images.

Disk Info List

Show used space in addition to free and total space for all disk drive space tables and reports.

Application Changes Alert

You can now add exclude directories to the Application Changes alert. Any application added or removed to these directories will not generate an alarm. The exclude path may contain wildcards.


KServer modifications include the following:

  • Log a script execution error when processing a Set Credential script command that has an empty username.
  • Escape the ampersand character in the Send Message script command so that the character appears correctly in the dialog box shown on the Agent
  • Escape the ampersand character in the Execute Shell Command so that the character is correctly recognized when it is part of the directory path.
  • Corrected processing of script IF command "IF user response is Yes" when no user was logged in so that it takes the ELSE path

Agent – Pause Command Processing

The processing of the Pause Script command has been shifted from the KServer to the Agent to avoid the possibility of putting all process threads to sleep in the server for a prolonged period which would result in Agents going offline.


You must update your Agent to the current version in order to process any script with the Pause Script command.  The KServer will now fail at the Pause Script command when a script is run on an AgentMon.exe prior to v4.7.0.4.

Agent – Workgroup/Domain name

The Agent now reports whether the computer is joined to a workgroup or domain and the corresponding name.  This information can be used in creating a view as well as shown on the Agent status page and reports.

Agent – Response Issue

The Agent detects a connection corruption caused by security software that blocks KServer messages requesting an immediate checkin.  The corrupted connection was causing a 3 minute timeout before establishing a new connection to run the pending tasks.  When the Agent detects the symptoms of this condition, it removes the timeout so that the tasks can run at the specified checkin period.

Agent – Event log description

Resolved an issue so that the event log description is properly retrieved when the vendor provides multiple event log message DLLs.  Also fixed an issue with retrieving the description when the vendor provides only a 64-bit event log message DLL.

Agent – Event log collection

Resolved an issue with retrieving event log information on Vista when the application provides access only through the newer event log interface and omits backward compatibility through the legacy interface.

Agent – Contact Administrator Menu Item

Resolved an issue that opened the Administrator login page instead of the User login page when selecting the "Contact Administrator" agent menu item.

Deploy Agents

Modified download page , dl.asp, to not list any packages if nothing is checked on the Deploy Agents page. Previously, it would always list the default package if nothing else was found.


Error message changed to "Username or password is incorrect" when either the password or username was not correct. Prior to this release the error message said which was wrong.

Log display

You can now sort the Event Logs and Script Log by column in the Agent Logs function under either the Agent Tab or the single machine interface.

Edit Profile

Added a checkbox to the Edit Profile function called Show notes as tooltip. Checking this for any machine ID will display the notes field for that machine to display on the tooltip for the agent's status icon. Use this feature to quickly access notes for any particular machines.

Exec Summary Report

The OS score weighting has been changed to (Vista-2003:100%, XP:75%, 2000:50%, NT4:25%)

Function Access

Added ability to turn on/off access to admin notes on a per admin role basis.


Administrators can not remove their names from the list of available administrators to chat with. The list seen by administrators (in the Chat function under the Remote Cntl tab) and the list seen by users in the user login are controlled separately.

Restore Database

Fixed a problem only seen when moving your KServer to a new machine and installing on a different disk drive. The Restore Database function had a problem restoring the scheduled reports.

Set Credentials

Added a test function to verify the credentials work

System Info

System information now inserts a link to the PC manufacturer's support site when a field in the System Information table may be used to access this data. Currently supported manufacturers are:

  • Dell
  • IBM
  • Lenovo
  • HP
  • Compaq
  • Gateway
  • Sony


Added option to list machines that have never checked in. Use this filter to list template accounts.

Monitor – System Check

Enhanced the capabilities of Custom command within the System Check function.  Custom commands will now require an output file assigned by the administrator.  Alarms will be created by searching the output file for a specific value(s) by using the operator contains or does not contain. 

Added alarm Re-Arm time, to allow all system checks to ignore addition alarms for the specified duration.

License Manager

The new License Manager function under the System tab, lets a master administrator allocate maximum license usage on a per machine group basis.

Remote Control – K-VNC

Added support for K-VNC to provide remote control on Vista.  K-VNC has also been added as an option for Video Streaming.

Remote Control – RAdmin

Added support for RAdmin 3.0. RAdmin 3.0 includes full support to remote control Vista.

Remote Control RDP

Support remote control of a terminal server running on a port other than the default port 3389.

Remote Control Policy

Both the Admin Role Policy and Machine Policy now support a fourth policy type. Require permission will not allow remote control unless a user gives permission. If no one is currently logged in, then permission is denied.

Automatic SQL Script Variables

SQL view parameters are now available as automatically declared script variables.  Use the format #SqlViewName.ColumnName# in a script variable to access the dbo.SqlView.Column for the machine ID executing the script. These automatic variables allows you to skip the call to GetVariable with the option "SQL View Data" with the format of SqlViewName/ColumnName.  See the context sensitive help for the System tab -> Database Views function for a list of the SQL views and columns that are available.

GetVariable Script Command

Added a new option "SQL View Data" that will place the result of a database query to retrieve data from an SQL view for a specific machine ID or for the machine ID executing the script.  The format of the parameter for this option is SqlViewName/ColumnName/mach.groupID or SqlViewName/ColumnName. The latter format is an explicit form of the automatic SQL script variable.  See the context sensitive help for the System tab -> Database Views function for a list of the SQL views and columns that are available.

Audit – Documents

There is a new function under the Audit tab named Documents. Use the Documents function to store files associated with a machine ID. Typically, people store things like scanned copies of purchase receipts, contract information, and configuration notes here.

User Welcome page

All the text on this page can now be customize. Prior to v4.8, a Welcome to your system name was always shown at the top.

Agent on Vista x64

The Agent now runs on Vista x64.  Drivers provided with the Agent are signed.  The only known restrictions are:

  • Terminal services (RDP) is the only remote control option
  • Network access can be granted/denied and network statistics can be gathered only for 32-bit applications

Reset Password

The password is now set to never to expire when it is set using the Reset Password function under the Remote Cntl tab.  This feature requires a new Agent, version or above.

New features in v4.7.0.0 – 29 January  2007
Vista Support, Ticketing, Monitoring

Multi-Language Support

Kaseya now supports multiple languages. Currently Spanish is available with more to follow soon.

Ticketing – Adding notes via email

You can now send an email reply to any administrator ticket notification. The reply is automatically added to the ticket just as if you added the ticket through the web interface. If user notifications are enabled, then the new note is also emailed to the user. If you add ~hide to the text of the message, the new note is added as a hidden note.

Ticketing – Auto fill

Inbound tickets will auto lookup and fill in contact info based on user profiles. New inbound emails will be automatically assigned to a machine ID if that machine id has a contact email address and the auto assign ticket flag is set.

Ticketing -  View Summary

The last search filter is always used (on a per administrator basis) on the View Summary page. Now if you select a different function and come back to View Ticket, the last search filter is automatically filled in and applied. Click the Clear button to remove the filter at any time.

Ticketing – Split Ticket

Sometimes users reply to existing tickets and begin a completely different line of discussion. For better organization, you can now split these tickets in two. A new icon appears by each note in a ticket. Click the icon to split the ticket at that point. All field settings are copied from the original ticket and the original ticket is automatically closed.

Ticketing – Mobile Access

Notification emails sent to administrators contain a link to access the ticket. The system now senses when this link is clicked from your mobile device and automatically renders both the login screen and View Ticket page to fit your mobile device's browser. Use this capability to view, add notes, or change field status on any ticket.

Ticketing – Due Date Policy

In prior versions the due date policy was applied when ticket data is first received (typically from an inbound email). This did not help much when entering a ticket through the web interface. With this release we have changed this behavior to always apply due date policy to new tickets after any field change. Once ticket ID is assigned, then only a warning is displayed if the due date does not match the policy.

Ticketing Report

  • Added ability to show/hide hidden notes for tickets.
  • Bar chart showing the tickets for each admin broken down by status
  • Option to show a pie chart break down of each list field item.

Patch Mgmt – Expanded Support

Added full patch support for Exchange, Sharepoint, Vista, and Office 2007

Patch Mgmt – Patch Approval

Redesigned Patch Approval page to keep configuration data and patch approval data in different frames for ease of use.  Added the capability to configure a default Approval Status for each collection/policy to control the initial approval status of newly discovered patches.

Patch Mgmt – File Source

Added validation code to alert the admin when a LAN file source Machine ID no longer exists or if any of the required data is missing.

Patch Mgmt – Initial Update

Added support for the execution of a script before Initial Update and/or after Initial Update.  These scripts are configured on a per machine basis in the new Patch Mgmt – Pre/Post Script function.

Patch Mgmt – Alert

Added two new patch alerts:

  • Automatic addition of newly discovered patches to existing Patch Approval policies.
  • Invalid Agent credentials

Patch Mgmt – Patch Update

Removed processing of KServer.

Patch Mgmt – Command Line

In an attempt to minimize the need for installation media when patching Office 2003, we have added a new command line switch: "/MSOCACHE". The " /MSOCACHE" switch only applies to Office 2003. When the patch database is updated, this switch is automatically added to all Office 2003 patches where an administrator has never modified a particular patch's command line switches. It is not automatically added to Office 2003 service packs. When this switch is used, the system determines if the MSOCache exists on the target machine. If the MSOCache does exist and this switch is used, the system will automatically use the run silently switch ("/Q") thereby relying on the MSOCache rather than requiring the actual installation media. If the MSOCache does not exist on the target machine, the existing switch will be used. If a patch installation fails that uses the "/MSOCACHE" switch, it typically means that the MSOCache could not be used by the patch. In this case, you must clear out all command line switches for this patch. This will result in the "/INSTALL-AS-USER" switch to be automatically added. Re-running the patch installation should now succeed. Unfortunately, this will require user intervention and also probably require the Office 2003 installation media.

Patch Mgmt – Office Source

Added support for configuring a machine with Office installed to use a network share or a directory on the local hard drive as the Office installation source rather than the default CD-ROM.  This feature modifies the machine's registry so Office will look to the alternate location for the Office installation source. The provided source is validated to be sure that the source is compatible with the installed edition/version of Office.

Patch Mgmt

The explicit listing of "KServer" in various Patch Mgmt screens has been removed.  To process patches on the KServer, an Agent must be installed on the KServer.  All Patch Mgmt processing (except Initial Update – not supported on KServer) can be done with the Agent on the KServer just like any managed machine.

Copy Settings

If the source machine (the machine you are copying from) does not have a credential, then the credential is not changed on the target machines. Use this to create template accounts that do not effect the credential of target machines.


All scripts run after a machine reboots were named REBOOT-xxxx. We received several support requests asking why Kaseya reboot their server when in fact the script was run as a result of a reboot and did not cause the reboot. To end this misconception, we have changed this naming convention to START-xxxx

Backup Password

Image passwords are logged and saved forever. Master administrators may retrieve a password for any machine ID, even machines that no longer have backup installed or even have an agent, as long as the machine ID at the time the password was created is known.

Offsite Server

List all offsite servers in the Offsite Server and Local server functions. All listed because the offsite box will probably not be in the same group ID.

Audit – SW License

The product installation key (CD key) is recovered during audit when it is available.

Audit – Add/Remove Programs

Audit now returns the add/remove program list.

Remote Control Status

  • Currently logged in user for each machine ID, if any, is displayed on the Control Machine function.
  • If any admin is currently remote controlling a box, the admin name is listed also.

Remote Control Notification Policy

define policy on a per admin role basis. Also allow policy to be defined on a per machine basis. If a machine policy exists, it over-rides the admin role policy.

  • Silent
  • Notify if logged in (now with customizable message)
  • Ask if logged in (else deny) (now with customizable message)
  • Added option to pop up alert when remote session completes (with customizable message).
  • Option to (or required if policy set) add a note to the admin notes log prior to allowing remote control session to start.

Remote Control Log

You can now report on remote control activity. The system now maintains a separate remote control log for each machine ID. You can view (Agent Tab – Agent Logs) or report (Reports Tab – Logs) on the Remote Control Log just like any other log.

Disable Remote Control on Install

Adding the /x option to the agent install package (Agent Tab – Deploy Agents) automatically disables remote control from the client side after a successful agent installation.

Remote Control User Mode

End users may now use Terminal Server to remote control their own machine.

Remote Control Verbose Mode

The Enable verbose relay flag is now remembered on a per admin basis. If you enable the verbose relay in a remote control of FTP session, that flag is automatically set the next time you remote control of FTP. The verbose relay flag is typically left off and is not needed for normal operation.

System Check

System Check verifies a remote machine, such as a web server, is functioning by connecting to it on a recurring basis. You can prevent temporary outages from sending alarms by specifying the length of time a check must fail before issuing an alarm.

Deploy Agents

Master administrators now have a checkbox to let them view all install packages created. Check this box to clean out and/or remove old agent packages.

Agent Status

Time Zone is now available for display in the Agent Status table.

Monitor – Agent Status Alert

The system now detects when a batch of agents go offline at the same time (usually resulting from an internet outage). The system will now send only a single email listing all machines that went offline at the same time. Prior to this release, an email was sent for each machine ID.

Monitor - SNMP

Shortened time between SNMP monitor requests. In older versions, the interval between SNMP monitor request could have become prohibitively long if the SNMP Probe (Agent) was monitoring hundreds of SNMP Devices. The polling and connections are now multithreaded; creating narrow data sample intervals.

Monitor – SNMP

When Kaseya first discovers an SNMP device, a deeper initial request of SNMP data is now being performed. The initial SNMP Discovery will now include a 'deep dive' return of SNMP data. The SNMP branches currently being queried are: and

Monitor – SNMP

Added link to Assign SNMP Monitor page to view list of auto discovered SNMP data.

Monitor – SNMP

Added new function allowing the user to customize SNMP Device names and Types.

Monitor – SNMP

Added filters to the SNMP Log function to allow the user to filter log entries that contain certain text or values.

Monitor – SNMP

If the user removes the SNMP Community name, all associated SNMP Devices will be removed and logs cleared.

Monitor – SNMP

The SNMP Probe will attempt to find SNMP Table descriptions where possible and automatically insert the results into the monitor item description. (Example: If asking for the ifEntry.ifInOctets for interface #2, Kaseya will identify, if available, that interface #2 is the 'external firewall connection' and add it to the description)

Monitor - General

Pop-up warning on log-in will inform the user that Alarms are currently disabled.

Monitor - General

If the update of a monitor set is not 'contextual' (does not significantly change the monitor item), the logs will not be cleared.

Monitor - General

All monitor sets will continue collecting data even if the administrator changes the Kaseya temp directory.

Monitor - General

When a SNMP Community Name reference is removed, all related SNMP Agents will be removed also.

Monitor - General

Added more descriptive information within monitor set expanded information to the following web pages; Log Summary, Alarm Summary, Alarm Status, Monitor Set Status, Monitor Summary, Live Connect.

Monitor – System Check

Added Duration to all system checks for alarms.

Monitor - Alarms

History of note entries can now be kept on all Alarms.

Monitor - Alarms

If a monitor set generates an alarm email, an additional email notification can be sent if the Alarm value transitions back 'out of' its alarm state.

Monitor - Reports

Allows the user the ability to select a monitor counter and calculate the 95th percentile (or 5th) for each counter. Also added was a comparison feature; allowing two machines to be reported (trended) upon side-by-side.

Monitor - Reports

Added trending reports with 'number of days' filter and comparison features.

Monitor - Reports

Added trending reports for all SNMP Objects (again with comparison feature).

Monitor - Reports

Added Monitor Configuration Report listing the monitor set configuration for the machines selected.

Monitor - Copy Settings

'Copy Settings' will now include all monitor sets information when copying machines with the same operating system.  Monitor sets will not be copied if the operating systems isn't supported by monitoring and/or copying from Windows 2000 to Windows XP/2003.

Monitor – Assign Monitor/SNMP Sets

New edit icon, when clicked will allow the editing of existing monitor set deployment parameters on the specific machine/device.

Monitor Sets and Logs

All monitor sets will stay collecting data even if the administrator moves or renames the Kaseya temp directory.

Monitor – Log Summary

Added icon indicator and action to refresh specific monitor object on the machine or device.

Monitor – Log Summary

Added Filters to log and chart data.

Monitor – Log Charts

Added more description info and X/Y titles to charts.

Monitor Console – Machines Online

Added Customized zones Red/Yellow/Green

Monitor Console – Popup Windows

Fixed positioning of console windows alignment.

Monitor Console – Group Alarm

Removed View drop down list.  Group alarm status page will now use the main view filter.

Agent Changes

  • Now supports Windows Vista on i386
  • Now supports Windows XP on x64
  • Now supports Windows 2003 on x64
  • Enhanced processing for various system monitoring changes
  • processing a duration prior to reporting an alarm for the System Check
  • support for foreign language notation in performance counter data that utilizes commas instead of decimal points
  • fixed access rights required to query the status of some services that grant only read-only privileges
  • Agent now detects hibernate & suspend. Upon a resume event, the Agent generates entries into the agent log file so that the uptime history report will show the Agent as being powered down over the period. Prior to this, the uptime history report showed the Agent as being continuously online.


There is now only a single installer rather than the separate versions for with and without the database. The installer asks if you are using your own SQL server or need the database at install time. If you need the database, the installer downloads it and installs it at that time.

Known Issues

Deploy Agents

Agents can not be deployed over the network (using Install Agents function) to Vista machines unless UAC is disabled.


Backup is not supported on Vista yet

Agent Installer

The agent is not compatible with Vista-64

New features in v4.6.3.0 – 21 August  2006
Folder Backup Fix, Minor Maintenance Release


Fixed minor display related problems

Folder Backup

Fixed Acronis bug in the folder backup system.

VSS Support

Volume Shadow Copy Service is now automatically used on systems that have VSS enabled on a drive being backed up. The checkbox to enable/disable VSS support has been removed since it is fully automatic now.

Backup Image Size

Collect backup image size after each backup. Backup Status, Logs, and Reports all now list image size.

Backup Post Script

The Pre/Post Script function under the Backup tab runs a script before or after backup completes. You can now conditionally run the post script depending on the status of the backup that completed.

Backup Schedule

You can now disable incremental/differential backups and only run full backups, by entering a zero for the incremental backup period.

Patch Approval

The "Filter patches by Approval Status" dropdown list will now retain the last selected approval status between page refreshes.  For example, this will permit the selection of all "Pending Approval" patches and mark some as approved and some as denied without having to re-select the "Pending Approval" status after applying the approval.

System Tab Web Pages

Improved performance of web pages under the system tab. Some these pages took an long time to render on systems with a large number of machine groups and a large number of administrators. These pages now response considerably faster.

Monitor - Edit

Changed 'alarm duration' logic. The system will now look back in the log table to see if there any records that were under the alarm threshold. If there are none, instead of going into 'alarm' (old behavior), it will continue to look to the next oldest log value. If that value is over the alarm threshold, the system will only then go into 'alarm'.

Monitor - Reports

Added trending reports with 'number of days' filter and comparison features.

Monitor - Copy Settings

'Copy Settings' will now include monitor sets.

Monitor - General

When a SNMP Community reference is removed, all related SNMP Agents will be removed also.

Monitor - Edit

When a monitor set is edited, the logs will not be reset unless the counter, service or process specific information is changed.

Monitor - Logs

Logs now have icons that indicate that there are log entries for the corresponding monitor item..

Monitor - Logs

Added 'character match' filters to log tables. Allowing for searches of the log table entries (i.e. " ... show all service log entries like 'stop'")

Monitor - Logs

Added 'day range' filter to counter graphs (similar to SNMP logs).

New features in v4.6.2.0 - 19 July 2006
Minor Maintenance Release


Fixed minor display related problems

Remote Control

Added ability to independently set the screen width and height in terminal server sessions. See the Set Parameters function


  • Support installation on Windows 98 and ME
  • Added check box to not reboot after backup installation
  • Backup log now has separate entry for each verification
  • Fixed a problem with the Offsite Replication scheduler that failed to reschedule the local server restart after one day.
  • Added support for Virtual Shadow Copy Service (VSS) to both folder and volume backup
  • Added new Compression Function allowing you to set the compression level used by backup.

LAN Watch

IP scanning range is now restricted to 11 bits (2048 addresses)

Patch Mgmt - Initial Update

Modified the Initial Update screen to include update status from "scheduled" through the various "processing steps" to "completion".

Patch Mgmt - Patch Approval

Modified the Patch Approval screen to include the ability to filter on the approval status.

Patch Mgmt - File Source

Modified the File Source screen to improve the clarity of the source for the patch files and the patch file's destination on the target machine.

Monitor - Edit

Modified 'Update Lists by Scan' function to return all Counters and Instances.

Monitor - Edit

Modified 'Add SNMP Object' function to consume the newer MIB file formats.

Monitor - Edit

Added 'Group Alarm Column' selection as a step in the Add function for Monitor Sets and SNMP Sets.

Monitor – Assign Monitoring

Modified PerfMon commands to start counters after an agent machine has been re-booted.

Scripts (support of Monitor)

A script named ExecuteSNMPWalk.has been included in the Sample Scripts/Config Changes area. This script is very valuable if the user is new to the SNMP device.

System Alerts

Added a new system alert to report when the Email Reader in ticketing failed for any reason.

Reports - Patch Management

The Patch Status section of the Patch Management Report has been modified to display the same patch status as displayed on the Patch Mgmt - Machine Update page. Previously, the only statuses presented were "installed" or "missing". Now, more detailed status information is displayed when applicable.

New features in v4.6.1.0 - 30 May 2006
Advanced Monitoring, Backup, Ticketing, and more…

Function Access

You can now customize the Master group in addition to any other groups. Any function can be enabled/disabled except the System tab and all master admin only functions. We added an Enable All button to re-enable all functions for the selected role in one click.

User Remote Control Options

Users logging in to remote control their machine are now presented with the standard remote control options prior to starting remote control.

Event Set alerts

You can now set independent email addresses for different event sets on the same machine ID. This lets you send alerts generated by different application events to different administrators.

KServer Agent

An agent may now be placed on the KServer itself. You can manage your KServer just like any other system without restriction.

Machine Group Creation

Added option to allow standard administrators to create root groups. Only master administrators may grant this permission. To allow standard administrators to create/delete root machine groups, log in as a master administrator and click the Create/Delete Machine Groups function under the System tab. Check the "Allow standard administrators to create root groups" check box. Note: only empty machine groups may be deleted.

Event Sets

Added the ability to import and export event sets.

Manual Hotfix Install

Hotfix controls have been moved from Refresh Patch Database in the Scan Machine function (Patch Mgmt) to the Configure function under the System tab. The system now supports downloading and applying hotfixes out of band when the KServer is not connected to the internet. Hotfixes are automatically checked for and applied by the KServer every 8 hours. If your system can not connect to or you would like to for a check for hotfixes, then click this link.

SQL Server 2005

This version fully supports Microsoft SQL Server 2005.

Agent Menu

Due to popular demand, we have returned to calling the agent the "Agent". All references to Client have been changed back to Agent.

Script Directory

Added ability to import and export entire script directories (all scripts and sub-directories in any script directory).

Script Commands

  • Added ability to temporarily disable a script step. Select Disable Step from the drop down control used to only run a script step for a particular operating system.

  • Managed Files directories now support sub directories.
  • Write Directory – Script command writes an entire directory structure to the remote machine
  • Get URL – Copy a URL from an FTP or Web site to the remote machine
  • Schedule Script – Allows a script to trigger scheduling of a script on another machine ID
  • IF check to determine if Service is Running
  • IF check to determine if Application is Running
  • IF Test File support Contains and Not Contains

Agent Status

Added a Reset Filter button to quickly remove any advanced filter settings on the Agent Status function. The advanced filter may reduces the number of machine IDs displayed. Click Reset Filter to quickly display all machine IDs.

Email Reader

Added support for POP3 servers requiring SSL connections


You can now share views with other administrators or administrator roles. Click the Share button on the edit views page to set up share permissions. This release also adds significant filtering capability to views. You can now:

  • Show machines that have or have not been rebooted in the last N days/Hrs/Mins
  • Show machine that either contain a particular application or are missing a particular application. You can further refine this filter based on the application's version number. For instance, you can display only machine containing acrobat.exe v6.0.0.0 and up.
  • Advanced agent Data filter lets you display machines with parameters collected via audit. You can also apply Boolean logic to the filter using the same advanced filter capability found in the Agent Status function and the Aggregate Table report.

License Count

The system no longer counts agents that have never checked in (red status icon) against your license. This lets you freely create and configure an unlimited number of machine IDs for use as template accounts (to copy settings from when deploying new agents) or as a place to store tickets assigned to devices or people not associated with an active machine ID.

Run Audit schedules System Info

You can now schedule System Info data collection in conjunction with Run Audit (under the Audit tab). System Info may cause high CPU utilization on the client and normally runs once after the first audit. Use the new checkbox option to schedule System Info collection to run again or run recurring for any checked machine. The System Info scheduler has been removed from the System Info data display.

Reset Password

Added a new option allowing you to specify whether to create a new account in the administrators group or not.

Editable Sample Data

The sample scripts, sample event sets, sample monitor sets, and sample administrator roles are now fully editable. You have to option to prevent sample data from reloading each time a update or database maintenance runs on your system using the Configure function under the System tab.

LAN Watch Alert

In previous versions, LAN Watch generated an alert when a new device was found on the LAN that had not previously been on the LAN for the last 7 days. That time period is now fully programmable. If you have a network where devices may be turned off for extended periods, increasing this value beyond the longest time a device remains off prevents that device from generating an alert when it turns back on.

Agent Status

Added clickable column headers so you can sort this table by any column displayed. Clicking a header the second time sorts in reverse alphabetical order.

Status Monitor

Added a paging control to the status monitor. Previously you were limited to at most 100 machines. Now you can monitor all machines using the standard paging control.


With the introduction of advanced monitoring, Alert functionality takes advantage of advanced monitoring by incorporating options beyond just simple email alerts. Alerts now support: alarms, email, tickets, script execution. The alert summary list on the Home page has been replaced with the alert status list on the monitoring console. Here you can Open/Close alerts


  • Tickets assigned to a machine ID are no longer deleted when a machine ID is deleted. Tickets remain in the system forever until deleted or archived.
  • Replaced the drop down selector control in View Ticket with a text box letting you directly enter a ticket id to go to. This method is quicker and simpler when working with a large number of tickets.
  • Added control in View Ticket to set the size of the note input window. Clicking the Note Size link lets you set the number of text rows to display in then notes edit box.
  • A warning pops up allowing you to return to the View Ticket function without loosing any data, if you inadvertently click off the View Ticket function while editing a note.
  • Master administrators can now set the next ticket ID number in the Email Reader function

System Alert

Added new system alert to report when the database backup failed for any reason.

Remote Control Session List

The Statistics function under the System tab used to list the number of active remote control sessions. Now it produces a table of sessions listing admin name and machine ID of each active session.

System Log Age

You can now set the time limit entries in the Admin Log and System Log, under the System Tab, remain in the database.


  • Full Backup Cycles - you can now save N full backup cycles. A full backup cycle includes the full backup and all incremental backups until the next full backup runs.
  • Image Password - Stronger passwords are now automatically generated for all new backup installations. In addition, the password may be changed to any string you like using the Image Password function under the Backup tab.
  • Dedicated Offsite Replication Server - FTP has been dropped in favor of a secure, dedicated, fully managed, integrated server component.  The Offsite Replication Server may be placed on any machine running an agent. Backup data is transmitted directly from the image location (if that machine has an agent) or from the agent that performed the backup to the ORS using the same secure, fault tolerant, auto recovery system used by agent/kserver communications.
  • Added Unrestricted setting for offsite replication schedule time. 
  • Changing the image password forces the next backup to be a full backup (because previous backups my not be mounted with the old password)
  • You can now mount backups to machines other than the one the backup was made for. This allows you to more easily retrieve critical files.
  • Remote Restore - Ability to perform an unattended full volume restore from backup. Lets you remotes restore any image without any user interaction.
  • Folder backup has been integrated into the same sector level backup \system used by volume backup (replacing zip). This allow for both full and incremental folder backups. Additionally, locked files will now also successfully backup.
  • Secure Zone support
  • Support for full disk backup (including hidden partitions) in addition to individual drive letters.
  • Added function
  • Fixed mounting problem that occurred when some of the incremental backups had failed.
  • You can now save the backup image to a drive that has volume backup scheduled. You will be warned that this configuration has the potential for storing old backup images inside new backup images and hence waste disk space.

Patch Installation Issue

An issue that prevented patches from being scheduled for installation by either Machine Update or by Automatic Update when the number of uninstalled patches for the specific machine was large (about 70) has been resolved.

Patch Report

Added flag to include patches that are denied by the Patch Approval Policy; Default is to excluded patches denied by the Patch Approval Policy.

Patch Mgmt - Patch Approval

  • Changes to any patch approval policy are now tracked by administrator. Next to each policy setting, the name of the administrator that made the change, along with the timestamp the policy was set, is displayed.
  • The Patch Approval screen has been modified to group patches according to: (1) OS related service packs; (2) OS related patches; (3) Office related service packs; and (4) Office related patches.

Patch Mgmt - Command Line

The Command Line function and the Patch Location function have been modified to both have a patch filtering dropdown list to restrict the amount of displayed data to a reasonable amount.

Patch Mgmt - Windows Automatic Update Configuration

A new Patch Mgmt function, Windows Auto Update, has been added under the Configure section. This function will report the machine's current Windows Auto Update settings for Windows 2000 (SP3 & SP4), Windows XP and Windows Server 2003. Additionally, an administrator may override the user's setting, including disabling it, and prevent the user from making changes.

Patch Mgmt - Initial Update

A new Patch Mgmt function, Initial Update, has been added under the Setup section. This function allows an administrator to schedule a machine to be fully updated with all approved service packs and patches. This function is typically used after a new machine is initially scanned for missing service packs and patches and basically performs a 'patch-until-done' process.

Patch Mgmt - Exclude Machines

This function has been removed. Use the Patch Approval Policy and manual scheduling (Machine Update and Patch Update) to control what machines get which patches.

Patch Mgmt - Patch Update

The capability to ignore a machine for a particular patch has been removed. Use the Patch Approval Policy and manual scheduling (Machine Update and Patch Update) to control what machines get which patches.

Patch Mgmt - File Source

Added option to copy the downloaded patch files to the temp directory on local drive having the most free space (default), or to copy them to the temp directory on the same drive where the Agent is installed.

Agent Status Alerts

Mass agent offline alerts are no longer sent when the KServer service stops. When ever the KServer service stops, the system suspends all agent online/offline alerts. If the KServer stops for more than 30 seconds, then agent online/offline alerts are suspended for one hour after the KServer starts up again. Rather than continuously try to connect to the KServer when the KServer is down, agents go to sleep for one hour after timing out after a couple of connection attempts. The one hour alert suspension prevents false agent offline alerts when the KServer starts back up.

New features in v4.5.0.1 - 18 October 2005
Updater change.

Updater change

Corrected a problem that failed to update correctly in rare situations. This data dependent problem only occurs in certain combinations of Microsoft SQL 2000 and IIS. This release handles any configuration and will safely update to v4.5.0.1

New features in v4.5.0.0 - 17 October 2005
Backup and Disaster Recovery, Enhanced Patch Management, and more....

Backup and Disaster Recovery

New optional add-on module providing complete volume and folder backup facilities. Scheduled offsite replication transfers all image backups to a remote FTP site at scheduled times.

Office Patch Installation

The Patch Mgmt system now supports Microsoft Office updates for Office 2000, Office XP, and Office 2003 on the Windows 2000, Windows XP, or Wondows 2003 operating systems.

Because virtually all Office 2000 service packs and patches require the user to provide the Office installation CD(s), the user must be logged in and must respond affirmatively to a dialog in order for the Office 2000 patches to be installed. If the user responds negatively or does not respond within five minutes or is not logged in, the patches will not be installed. On the Machine Update and Patch Update screens, those patches will display the following status: User not ready to install. Because of the requirement for the installation CD(s), these patches are excluded from installation when the machine is configured for Automatic Update under the Patch Mgmt tab.

All service packs and a few patches for Office XP and Office 2003 require the user to provide the Office installation CD(s). In these cases, the command line switch has been set to /INSTALL-AS-USER /DELAY-AFTER=60. This enforces the requirement that the user must be logged in and must respond affirmatively to a dialog in order for the Office service packs or patches to be installed. If the user responds negatively or does not respond within five minutes or is not logged in, the patches will not be installed. On the Machine Update andPatch Update screens, those patches will display the following status: User not ready to install. Because of the requirement for the installation CD(s), these patches are excluded from installation when the machine is configured for Automatic Update under the Patch Mgmt tab.

Those patches that do not require the Office installation CD(s) will be processed as any other patch, and will be installed when the machine is configured for Automatic Update under the Patch Mgmt tab.

Windows Messenger and MSN Messenger Patch Installation

The Patch Mgmt system now supports Windows Messenger (versions 4.7 and 5.x) and MSN Messenger (versions 6.x and 7.x) patch detection and where available patch installation. In some cases, actual patches are not provided by Microsoft because the fix has been provided in the latest version. On the Machine Update and Patch Update screens, those patches will display the following status: Product upgrade only. When this is shown, the user must go to the appropriate Microsoft web site and download/install the current version.

Patch Policy

Patch policy logic has been changed. From this release forward, if a patch is denied for a collection, then that patch will be denied for any machine belonging to that collection, even if that machine belongs to another collection that approves the same patch. This logic is the reverse of previous releases. The unassigned policy has been eliminated since it is no longer necessary with this type of logic. The system now approves all patches for deployment to any machine that belongs to no collections.

Windows Installer Patch Behavior

Patches for the Windows Installer are now automatically installed any time any other patch is installed. This was done to be consistent with Microsoft's Windows Update processing and because of patch dependencies on the current version of Windows Installer. Since the Windows Installer patches are automatically applied, they are no longer available under the Patch Approval function under the Patch Mgmt tab.

Patch Status

A new Patch Status function, under the Patch Mgmt tab, provides a quick summary of which machines are missing patches, have failed installations attempts, or have installations pending. There is also a new Test function on this page. Test will validate that the entire patch distribution and installation system functions properly with the selected machine's current settings. Use Test to verify a machine's setup if patch installs fail.

Patch File Source

Two new buttons, "Reload System Server" and "Reload File Server", have been added to the File Source function under the Patch Mgmt tab. The "Reload System Server" button will delete all exisitng patches on the KServer so that they will automatically get refreshed. The "Reload File Server" button does the same for the file server that is setup to be a source of patches.

Patch Report

  • Modified to pull patch history from both the script log and the patch status tables to form the patches installed last N days
  • Added a report category to show missing patches by machine
  • Added flag to exclude machines without data from any tabular sections of the report.

Exec Summary Report

Added extensive customization to this report . You can now add additional fields and completely control the network health score calculation.

Terminology Changes

A few minor terminology changes appear in this release to clarify system components better.

  • The Agent has been renamed the Client
  • The server component is now universally referred to as the KServer.
  • Administrator Roles - Changed administrator groups to be administrator roles

Time zone detection

Time zone detectionThe system now automatically detects the time zone of your browser and converts all displayed times from server time to your local timeTime zone detection. Furthermore, the time zone of each client is reported up. You can view the current time at a client by hovering the mouse over the status icon and viewing the tool tip (client update required). You can also view the local time at the client on the Single Machine Interface, under the Machine Info tab, by clicking the client status icon.

Delete Accounts

Deleting an account only removes the machine ID from the system. The all data associated with that account will not be removed until off hours. A new button has been added to the Delete function under that Client table to remove all data from the database not associated with a machine ID immediately.

Force Admin Password Change

You can now force any administrator to change their password at the next login. Both the Set Password and Create/Delete functions in the Admin Accounts section of the System tab support this. On the Set Password function just check the box in the far right hand column to flag an account as requiring a password change at the next login. Create/Delete support setting this flag at admin account creation time.

Login Hours

The new Login Hours function under the System tab lets you specify hours of the day and days of the week administrators may log into the system. Policy is enforced on a per administrator role basis.


  • The 1500 character input limit on tickets has been removed. Now you may enter as long a ticket note as you need.
  • Added ability to open a ticket in a new window. Clicking the icon to the left of the subject line, in View Summary, opens a new window at View Ticket for the selected ticket ID.
  • Added Archive/Delete function to delete or archive tickets en masse

Machine Changes Report

The Machine Changes report lets you compare all hardware and software differences between all selected machine's latest audit and either their own baseline audit or an audit from a single selected machine. Use this report to identify differences between a reference machine and all other machines on your network.

System Info

Changed this function to display data for one machine at a time, like Installed Apps and SW Licenses.

Alerts Tab

This release has renamed the tab formerly known as Monitor to Alerts. The functions under the Alerts tab focus exclusively on the alerting functions built into the standard system.

  • LAN Watch has moved to the Client tab.
  • Task Manager has moved to the Remote Cntl tab.

Admin Email Address

Master administrators can now set the email address of any administrator on the Create/Delete function in the Admin Accounts section under the System tab. Click the edit icon next to any email address to change it.


Modified Windows Firewall on XP to temporarily approve the FTP process during the FTP session. This prevents the Windows Block/Unblock dialog from popping up on remote user's screens.

Patch Deploy Wizard

Added ability to download a patch from a URL in the script built by this wizard.

Client Temp Directory

This release adds a new function named Temp Directory under the Client tab. This function lets you specify the directory used by the client to store temporary files.

Get Variable Script Command

This release adds the following options to the GetVariable script command: Client Temp Directory, file size, and file last modified date.

Run Now

A Run Now button has been added to scheduled scripts and tasks. Use this button to run the task immediately without modifying any existing recurring schedules applied for that task.

Bandwidth Throttle

You can now set a maximum bandwidth consumed by the client. Set the Bandwidth Throttle value in the Check-in Control function, under the Client tab, to the desired maximum rate. The default value is disabled to let the client use all available bandwidth.

File downloading

File extensions used for ticket attachments and Get File items had their file extensions changed to force some browser versions to download them correctly. IIS 6 (used by Windows Server 2003) blocks unknown file extensions by default. With this release, any files requiring new extensions have a .bin added to the end of the existing filename. IIS 6 recognizes the .bin extension by default.


Fixed a bug in the Migrate function that prevented public scripts and reports from importing properly.

Script Error Logging

Checking the "Continue script if step fails" check box, found on each script line, continues executing the script if that step fails. You can now optionally enable/disable logging of messages to the script log when a step fails but the script continues executing. To enable logging check the "Enable logging of script errors marked" found on the Configure function under the System tab.

First function after logon

You can now specify the first function displayed after logging into the system. Select the desired function from the drop down control in the Preferences function, under the System tab.

Client Menu Customization

You can now specify the tool tip appearing when the mouse hovers over the client icon. You can also customize the Contact Administrator label.

Client Installer Customization

You can now use a command line option to specify the title in the progress and dialog box windows shown to the user during installation of the Client. The Client installer also supports a new command line option to install with remote control disabled. To remote control the machine after installing with this new option, a user must first select the Enable Remote Control menu item from the client icon.

Task Manager

As mentioned above, Task Manager has been moved to the Remote Cntl tab. In addition, the Task Manager results window now provides a link to get more information about the reported process. Clicking the process name opens a new window describing any available information about what the process is used for and which company provides that process.

Reset Machine Filter

There is a new Reset button at the top where you can filter down the machines displayed with each function. Clicking the Reset button removes any filtering. Use this function when administrators can not find a machine and you feel they have a filter set up that restricts their view.

MSDE 2000 Service Pack 4

The Kaseya server installation with database engine now installs Service Pack 4 of the Microsoft SQL Server 2000 Desktop Engine (MSDE).

New features in v4.4.1.0 - 8 April 2005
Change Group function and several maintenance updates.

Change Group

A new function under the Agent tab named Change Group lets you move several machines into a new machine group at once. Use this command to re-organize machines by group.

Advanced Filter Notification

The advanced filter option, used in several reports and the Installed Apps function, now display Filter Active when the advanced filter is set, to limit the application list display. The system provides this notification as a quick visual aid to help determine why expected results do not appear in a report.

Manage Files

The Manage Files tool, accessed through the script editor, has expanded capability in this release. All files, both private and shared, are displayed as links allowing you to directly download any managed file directly through web interface. Click new icon on the Scripts toolbar to get direct access to the Manage Files screen.

Patch Reboot Option

The Do not reboot after update option, on the Reboot Action function under the Patch Mgmt tab, has an additional parameter to send out an email when the patch install completes. Set this option when you have a server, or some other unattended machine, being patched that you do not want to reboot after a patch install. Instead, the system sends you an email reminding you that a new patch has been installed and may not take effect until you reboot the server.

Database Clock Synchronization

v4.4 introduced the ability to separate the database from the rest of the Kaseya server. If you ran your database on a separate server, v4.4 required the clocks on the two servers to be roughly in sync with each other. This update removes that restriction. Server time now uses only the time on the database server as a reference.

Audit Update

Fixed an Agent bug that would occasionally not update the application audit list when applications were removed from a managed machine. This fix requires an Agent update.

Remote Control Encrypt

Encryption is now always on for both Control Machine and FTP. Prior to this release, encryption could be turned on or off as an option. Now the same encryption used to protect all other agent to server communications, protects remote control.

Edit Profile

Edit Profile under the Agent tab has been re-written to all multiple machines to be assigned the same contact information at once. Prior released used the Contact Name as a possible login credential, recuiring each contact name to be unique. User Acess provides the unique user login so Edit Profile no longer has this restriction.

Script Special Character

Scripts use the # character to identify named script variables (eg. #scriptVar#). Now the script editor lets you enter a # character in any parameter (if needed) without interpreting that as a script variable. Scripts interpret ## as a single # in any parameter field.

New features in v4.4.0.0 - 11 March 2005
Scripts Tab, Ticketing, Patch Management, Machine Summary, and more..

Database Separation

Kaseya now supports separating the SQL 2000 database to a different machine than the server running IIS. There is now a Change DB... button in the Configure function under the System Tab. For detailed instructions to separate your database server, see the online help for the Configure function.

Patch Management File Source

A new option has been added to the Pulled from file server option. The agent on the LAN server can now be configured to pull each patch file from the Internet or directly from the system server. Use the second option if your LAN does not have direct access to the Internet.

Patch Management Reboot Action

Reboot Action under the Patch Mgmt tab has been enhanced as follows:

  • A new option named If user logged in ask to reboot every N minutes until the reboot occurs. Use this option to nag users into rebooting without requiring then to reboot after a new patch installation. You may set N to be any number of minutes you choose.
  • All other 5 minute warnings are now programmable. You can choose any number of minutes you need.
  • Skip update if user logged in, has been changed to Skip reboot if user logged in to conform to the rest of the reboot options.


  • The system now prevents notifications being sent to the same email address used to process new tickets (defined in Email Reader).
  • A new drop down control remembers the last 10 ticket searches made by each administrator in the View Summary function.
  • The View Ticket function has a new button named Last Search. Clicking this button returns to View Summary and displays the results of your last search.
  • Displaying a ticket from the search results now displays all the ticket notes with the search key words highlighted so you can quickly find the section of interest in the notes.

Machine Summary

Clicking the status icon for any machine ID opens the Machine Summary interface. This release greatly expands functionality and enhances the user interface. Independent windows for each machine ID may be open simultaneously. The system divides functions into tabs, providing more screen space for each function, as follows:

  • Machine Info - Lists computer and network information collected by audit.
  • Installed Applications - Lists all applications found by audit.
  • System Info - Displays system info for this machine ID.
  • Disk Volumes - Lists disk information collected by audit.
  • PCI & Disk Hardware - Lists PCI information collected by audit.
  • Printers - Lists printer information collected by audit.
  • Pending Scripts - Lists all pending scripts plus a summary of recent script history. You may also end script schedules as well as schedule new scripts to run here.
  • Agent Logs - View all logs, of any type, for this machine ID.
  • Alerts - View and modify alert setup for this machine ID.
  • Patch Status - Displays patch configuration setup. Also displaysPatch History or Machine Update for this machine ID
  • Remote Control - Initiate remote control, ftp, or chat for this machine ID. Can also change remote control package type, preinstall or uninstall remote control package, and reset the password for this machine ID.
  • Agent Settings - Display or modify agent configuration information forCheck-In Control, Log Settings, and Edit Profile.

Scripts Tab

The Install tab has been renamed to Scripts. Two new functions have been added to this tab. Script Status moved from the Agent tab to the Scripts tab. The new Distribution function is also under the Scripts tab.


The Distribution under the Scripts tab displays a graphical view showing the time of day each recurring script executes for a group of machines. Some scripts heavily load both the network and the server. This tool provides a quick and easy way to evenly distribute that load across any time interval you choose.

Script Organization

Scripts are now grouped into three categories: My Scripts contains all private scripts for the currently logged in administrator. Public Script groups all the scripts available to all administrators together. Sample Scripts contain samples delivered with the system. You can also approve or deny access to each script category with Function Access under the System Tab.

Copy Settings

The Copy Settings under the Agent tab lets you copy all configuration data from one machine ID to any number of other machine IDs. Effected settings include pending script scheduled, alert setup, check-in control, log settings, audit configuration, patch configuration, and remote control configuration.

Set Credential

Set a login credential for the agent to use in Patch Management and the Use Credential script command. If a credential is present, then patch management installs all new patches using this credential. Therefore, Set Credential should always be an administrator credential.

Script Command Updates

  • The Script IF command now supports Contains and Not Contain comparisons for Check Variable and Check Registry Value. This comparison functions allows you to check whether a substring is contained within any script variable or registry value.
  • The IF Check Registry Value command has been fixed so that it can obtain the unnamed (Default) value from a registry key. Add a backslash as the last character in the path to the registry value to indicate to the script that the Agent should return the (Default) value. e.g. A scirpt IF Check Registry Value command with the name 'HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionApp PathsWORDPAD.EXE' will cause the Agent to return the content of the (Default) value '%ProgramFiles%Windows NTAccessoriesWORDPAD.EXE' for the script IF command to check.
  • The Impersonate User script command has been updated to now operate on Windows XP with Service Pack 2 and Windows Server 2003, in addition to Windows 2000, XP Gold, and XP with Service Pack 1. This script command allows the use of specific user credentials to execute a file or shell command. This feature requires an Agent update.
  • Added script environment variable expansion to Script IF User response is Yes and to Execute Script commands.
  • Added Use Credential script command that uses the login credential assigned to each machine to run script steps that Executes as user. You may set a login credential for each machine using the Set Credential command under the Agent tab. Use Use Credential to execute a script with different login credentials on each machine. Use Impersonate User to execute a script with the same credential on each machine.

Event Log Alerts

You can now set multiple independent event sets for each event log alert. This lets you define event sets to detect specific application behavior. Then you can alert on many different sets without having to combine all the events into a single set.
A link to has been embedded into each event log alert email and the event log displays. Click the link to get more details and discussions of the particular event.

Install MSIExec Sample Script

A new sample script in the Sample ScriptsInstalls script folder under the Scripts Tab (formerly the Install Tab) installs MSIExec.exe on operatings systems that do not come with MSIExec by default. Win9x, NT4, and Win2000 do not automatically come with MSIExec. Some patches are distributed as MSI files and require MSIExec to install. Use this script when you need to deploy MSI packages to older machines without MSIExec already installed.

Function Access

Function Access under the System Tab can now give report group access to any administrator group.

Contact Administrator Link

Double clicking the agent icon selects the default item from the agent menu, Contact Administrator.... By default, this logs into the user access page with the access rights for that machine ID. You can now change that URL to anything you like. Optionally, you can also pass in the machine ID and/or group ID used by that agent in your custom URL.

Agent RAM audit

The Agent now correctly reports the amount of RAM on a machine that has more than 2 GBytes installed. This feature requires an Agent update.

Event Log Compression

The Agent now compresses repeated event log entries into a single entry to reduce the volume and processing load. The Agent adds the number of compressed events to the description of the single event log entry reported to the KServer. This feature requires an Agent update.

TCP/IP Connection Keep-Alive

A TCP/IP connection between an Agent and KServer may be dropped by router devices due to an idle timeout. For example, a NAT router may remove from its internal tables any connection that has not transmitted data in 15 minutes, which may be exceeded by an Agent auditing a machine with large disk drives or executing a large patch update. The result is a dropped connection that prevents the Agent from reporting that it completed the task, and so the KServer requests that the Agent perform the same task again at the next checkin. The Agent now keeps the connection open by periodically sending a keep-alive message during long running tasks. This feature requires an Agent update.

Check-in Policy

A global policy control has been added to the Check-in Policy function under the System Tab. A new checkbox labeled Allow automatic account creation for groups without a policy lets master administrators determine if new accounts may be automatically created when an agent first checks in for group IDs that do not have any check-in policy set. The default value allows automatic account creation.

Admin History

The Admin History function under the System Tab records the functions visited by each administrator. The system stores the last 30 days worth of activity, including all logins.

System Log

The System Log function under the System Tab records the last 60 days of system related activity not associated with any particular machine ID. Some examples include:

  • Deleting machine IDs
  • Failed and successful login attempts
  • Video streaming sessions
  • Starting/stopping of the KServer
  • Deleting trouble tickets assigned to a group (not a machine)
  • Scheduling reports

Alert Summary

A new Summary setting in the Alerts function under the Monitor tab displays a quick view summary showing what alerts are active on each machine. The email recipients list for each alert type appears if the alert is active on that machine ID. Active alert labels become links to the details for that alert. Clicking the link automatically selects the specific alert type and populates the form with the settings active in that alert.

Date format

The date format displayed has been changed to 9:55:50 pm 9-Jan-05 or 21:55:50 9-Jan-05. These formats are directly supported by Microsoft Excel and will support direct exporting of date fields in reports.

View Filter

Two new OS Type selection options have been added to views. All Servers lists only machine IDs with a server operating system loaded (2003, Server 2000, or NT Server). All Workstations lists non-server operating systems. Use this new view to quickly display only one class of machine.

Alert Email Management

Alerts, under the Monitor tab, has an enhanced editing feature allowing you to more easily manage the notification email addresses. Below the Email Recipients edit box, two new radio controls and a Remove button has been added. Selecting Add to current list (the default) will add the email address to the existing notification list. This prevents someone from inadvertantly over-writing the email list with just their email address. Select Resplace list to over-write the current list with a new list. Click the Remove button to quickly remove an email address for the list without alerting any other alert setting.

Skip if offline

Run Audit and System Info, under the Audit tab, now support the Skip if Offline flag. This lets you control exactly when a recurring audit runs. If the machine if offline at the scheduled time, audit gets rescheduled to run at the next scheduled time rather than at the very next checkin.

Logs Report

The Logs Report function under the Reports tab has been modified to run Event Log reports for any event log type, in addition to individual reports for the Application, Security, and System event logs.

Powered By Kaseya

Formerly the Powered By Kaseya logo that appeared in the top right corner of the web page when you replaced the Kaseya logo. The Powered By Kaseya logo no longer appears in the upper right corner of the web page. Instead, a smaller less obvious logo is displayed with the copyright notice at the bottom of each web page.

New features in v4.3.0.0 - 12 December 2004
Ticketing, Protection Functions, and more..

Email Created Tickets

With this release, the system may be configured to automatically create new tickets from an email. The ticketing system polls a POP email account and creates new tickets or add notes to existing tickets using the data from received emails. This feature lets you reply to an email and automatically add that data to a new or existing ticket. The Email Mapping function under the Ticketing Tab allows a set of defaults to be set-up to fill in the needed fields based on the email address or domain of the email address. Special tags can be put in an email to set field values specifically for an email. The special tags can affect the machine id, category, status, assignee, or priority. This special tag facility is how an existing ticket can have additional notes added.

Automatic Response

As an option in Notify Policy you can specify to send an automatic response email to the originator of an email created ticket. Master administrators can specify the canned message sent in reply to these emails. Use this message to let your users know their request has been received and is in process.

Assign Tickets to Groups

The ticketing system now allows tickets to be entered and associated with a machine group or a specific machine id. This facility allows issues that are not specific to a machine to be entered. An example of a specific tag would be ~ticid=532. A full list of these tags is provided in the help information .

Ticket Search

Search, part of the View Summary function under the Ticketing tab, restricts the list of tickets to only tickets containing any of the words in the search string. Search examines the ticket summary line, submitter name, submitter email, submitter phone, or any of the notes. Use the * character as a wildcard in the search string.

Ticket Merge

Merge lets you combine two tickets into one. Use Merge to combine related tickets. The resulting merged ticket contains all the notes and attachments from both tickets. Merge asks you which field values you wish to use in the ticket for all field values that are different between the two tickets. Merge is part of the View Summary function under the Ticketing tab.

Custom Fields

The Edit Fields function under the Ticketing Tab allow master administrators to create any number of new fields shown in tickets. New fields may be stings, drop down lists, or numbers. You can limit who sees or can modify each ticket field with the Access Policy function. Master administrators set each ticket field to Full Access, View Only, or Hidden on a per administrator group basis. You can also set access for users. Any change to a field setting automatically enters a new note for that ticket to log the change (this may be disabled in the Access Policy function).

Hidden Notes

Administrators can now add hidden notes to tickets that can only be viewed by administrators granted access to hidden notes in the Access Policy function. Use hidden notes to add comments or details you want to record and share with other administrators but not users or restricted administrators. Hidden notes are never included in email notifications.

Due Date Policy

Set the due date for each new ticket based on field values. Any combination of list fields may be defined to set a due date. This allows you to set a ticket due date based on the urgency of the ticket and a guaranteed level of service. You can manually override the due date policy on any ticket (if that administrator or user is given rights to edit the due date). Due dates that violate a policy are clearly highlighted.

Multiple Notify Policies per Group

You can now add multiple policies to each group ID in the Notify Policy function under the Ticketing Tab. This allows you do set separate email lists for each policy. For instance, you can set one email list for normal notifications, and a different email list for past due notification. When the assignee changes on any ticket, that administrator is always send a notification even if he is not on the notification list.

Ticket Read Flag

The system now flags when a ticket has been viewed by an administrator. Once viewed, each ticket is marked as read in the View Summary function under the Ticketing Tab. If any user or other administrator adds a note to that ticket, the original administrators View Summary displays shows the ticket as unread. Use this function to quickly identify tickets that have new information.

Submitter Information Fields

New fields have been provided for collecting the ticket's submitter, contact name, contact email and contact phone. These fields will default to user information of the user associated with a machine. These fields can be updated by an administrator where appropriate.

Agent Status Display

The Agent Status function under the Agent Tab is now fully customizable. You can add/more/delete any column of data from this page. Available columns include all the same columns available in the Aggregate Table report. Customize this page to give you an at a glance view of all your managed machines.

Application Audit

Audit now reports all instances of every application (.exe file). Prior to this release audit reported only one copy of an application if multiple were found.

Agent Network Monitor

A recent hotfix to the IPSEC portion of the TCP/IP stack introduced a conflict with the Network Monitoring driver (primarily on Windows Server 2003). The agent update with this release corrects that conflict. The Network Monitoring driver may be safely re-enabled. The new driver loads on the client machine the next time the system restarts.

Protection Functions

The Application Blocker and File Access can now block an application or protect a file located in any directory as well as in a specific directory. That means that you can block access to a file without worrying about the path. For example, if you block access to notepad.exe then the agent blocks all copies of notepad.exe on that machine. Protected/blocked files can not be renamed, moved, or deleted. This feature requires an Agent update on the managed machines.

Impersonate User Script Command

The Execute File and Execute Shell Command script commands may now be executed as a specific user. The new Impersonate User script command enables an administrator to specify the login credentials when a file or shell command is executed as the user. Using this command overrides executing as the user currently logged on. This feature requires an Agent update on the managed machines.

Get File Version

The option to get a the version number of a file has been added to the Get Variable script command. After retrieving the version number, then script variable may be used in subsequent IF script command statements for comparison against a specified value. This feature requires an Agent update on the managed machines.

Executive Summary Report

You can now customize the scoring algorithm for the Network Health Score on the Executive Summary Report. You can add more or less weight (or disable) to any of the five components that make up the score. The report now also has a fully customizable How to read this report section at the end of the report.

Aggregate Table Report

Group ID has been added to the Aggregate Table Report. By placing Group ID at the top of the item list, you can generate a report sorted by group ID.

Patch Management Report

The pie charts and summary tables now exclude all missing patches if they are marked as ignore in a Patch Approval policy.

Dashboard Tasks

The Tasks function on the Dashboard has been enhanced with this release. A reminder pops up when any task becomes past due. In the reminder dialog, you can ask the system to remind you again in a selectable period of time or simply dismiss the reminder. The main display now lets you edit existing tasks on your list and change the due date or text description.

Agent Download Page

You can now specify which packages are listed on the agent download page (dl.asp) when no id value is passed in. Check which packages appear in the list on the Deploy Agents function under the Agent tab. Only Master administrators can edit this list.

Default theme

You can now change the logo on the default theme to your own logo. Click on the Customize function under the System tab. Then click the last customize link labeled 'Customize the graphical user interface'. The customization page pops up. Scroll to the bottom and enter a new graphic image in the section labeled Corporate Logo.

Long Machine ID Display

You can now select different display rules when displaying long machine IDs. Each administrator specifies a display format in Preferences under the System Tab. You can select the normal format (that restricts the name length in order to preserve web page formatting) or a new selection that displays the entire machine name and allows it to wrap to new lines where needed.

Kaseya Hotfix reload

The Kaseya server can pull down and apply available hotfixes to itself when it runs Refresh patch database. At the same time, the server checks for any available hotfixes. If it finds new hotfixes that have not already been applied then the server downloads the hotfix and installs them. Click the Reload button to reload all hotfixes for your current Kaseya version number. Click the Scan Machine function under the Patch Mgmt tab to schedule Refresh patch database.

Event Log Alert Processing

The system now automatically compensates when any managed machine floods they system with event log entries. If more than 400 event logs are received in any 3 minute period, the system disables event log collection for that log on that machine.

New features in v4.2.0.0 - 30 September 2004
Dashboard, Collections, Improved Patch Management, and more.


The first function on the home page, View Dashboard, displays a quick summary of machine activity and highlights actions that need attention. The Layout function lets you customize the display of the dashboard. Dashboard items are:

  • System Status - Quick view listing status of system accounts and the database
  • Alerts - Lists recently generated alerts on all machines matching the current Machine ID / Group ID filter. This table displays alerts generated in the last 1 day in red, and in the last 7 days in yellow, highlighting recent events. You can adjust these thresholds.
  • Agent Status - Quick view showing the total number of machine online, offline, where a user is currently logged on, total under management, and a summary of all gateway addresses reported.
  • Patch Status - Pie chart showing machines missing patches.
  • Operating Systems - Pie chart showing operating system types for all machines.
  • Tickets - List all non-closed tickets assigned to you or are unassigned.
  • Messages - Send and receive messages between administrators. New messages displayed in popup window when the dashboard is viewed next.
  • Tasks - Create and assign tasks to yourself and/or other administrators. New tasks displayed in popup window when the dashboard is viewed next.

Machine Collections

The Machine Collections section under the Agent tab lets you create an arbitrary group of machines. Combine machines from multiple group IDs into a single collection and set up a View to work with just those machines. Collections are a powerful tool that works in conjunction with patch management, reports, and all the other features of the system.

Patch Management

The patch management system has been significantly improved as follows:

  • Now supports automatic detection and distribution of language specific patches. This release now detects the language your OS is loaded as, and deploys the patch corresponding needed by that language where applicable.
  • Detects if a reboot is needed after applying a patch. If the machine did not reboot, then a status Awaiting Reboot is displayed.
  • Automatic update can now be scheduled to run on a specific day of the week in addition to the time of day.
  • Reboot can be scheduled for a different time of day and day of week following a patch install.
  • Patch Approval for automatic update. Patches can now be approved/denied before going out as part of automatic update. With this you can set machines for automatic update and still have control over what patches push out or not. Patch approval lists can be independently set up on a per collection basis
  • Machine Update - You can now view and schedule patches on an individual machine basis. The Patch Update, formerly Apply Update, provides an easy way to push out a patch to all the machines in a group. Machine Update provides the complement to this function by drilling down to a single machine.
  • Patch Management Report - Two new fields are available in this report.
    Show patches installed in the last N days - Adds a new set of tables, one per machine, and list all patches installed by the system in the last N days.
    Bulletin ID Filter - Only display patches whose bulletin ID match pass the filter.
  • Command Line Switches - Two special command line switches are now processed for any patch. These are Kaseya system directives and are not passed to the installer program.
    /INSTALL-AS-USER - Forces the package to be installed as a user. If the user is not currently logged on then the install attempt is aborted.
    /DELAY-AFTER=xxx - After the install completes delay xxx seconds before proceeding. Use this switch to delay before the reboot occurs if required by the patch.
  • Silent patch download - the patch downloader has been rewritten to no longer show a command shell window in the task bar.

Database Views

A set of database views has been provided to allow clients to directly access data within the Kaseya repository. These views can be used by to bring data into a spreadsheet for analysis or to prepare reports. The online help provides a description detailing how the master administrator provides view access to users within their organization. Basic walkthroughs and two example applications, Crystal Reporting and Microsoft Excel.

Deploy Agents Wizard

You can now add any agent installer command line switches to an Agent Install Package. Step 3 of the wizard shows all the command line switches being used and lets you add in more. With this, you can create standard silent installs that install into any directory.


  • Executive Summary Report - This new report summarizes the status and health of all selected machines in one quick view. The report computes an overall score projecting the over all health of the managed group of machines.
  • Defining a collection in a view enables all reports to run using the list of machines defined in a collection.
  • The report logo has been enhanced to let you provide the entire report header of each report. Your own HTML can now appear across the full width of the top of each report.
  • Next to each report's Export is a checkbox labeled Remove header from the exported report page textis now customizable. Check to remove the header information and logo from the exported report to send just the data to Excel or Word.
  • The Aggregate Table report now has an additional column labeled Last Reboot listing the last known reboot time for each machine.
  • The Disk Utilization report has a new chart available. You can now generate a bar chart as a function of percent of disk full in addition to the two original report types (disk size bar chart and table of raw data).


  • A master administrator can set the default report logo seen by other administrators under the Report Logo function. Enter your default HTML in the section of the Customize function labeled Header HTML shown on all reports.
  • Download agent page text is now customizable. Enter your default HTML in the section of the Customize function labeled HTML displayed on agent download page. to insert link to package.
  • We have been informed that the copyright notice must state Kaseya in order to protect our rights to this product. As such, the copyright notice is no longer modifiable.

Last Reboot

The Agent Status function under the Agent tab now lists the last known reboot of each machine. The reset time is determined by the agent so reboot time is only determined after the agent is in place.

Install Wizards

Both the Patch Deploy and Application Deploy wizards now explicitly support distribution of MSI installation packages using the Microsoft Windows Installer.

Event Log Sets

Event Log Sets let you refine the matching filters used by event log monitoring nd event log reporting. With an event log set you can define complete filter parameters for individual events, and group them together into a set. For example, you can set up an event log set entry to only alert on event ID 1000 when the source is Internet Explorer. Each set may contain any number of event log definition filters.

Script Import

A new Script Import icon is displayed on the scripts toolbar. Clicking this (or the Import Script link in the script editor, opens the script import window. In addition to a button to upload a script file, there is now a place to paste in script text directly. There is also a link to a public forum where scripts can be shared with other users. The Export Script link in the script editor may also be used to submit scripts to this forum.

Send Email Script Command

The new Send Email script command allows any script to send an email. Input parameters are to address, email subject line, and email body. In support of this new command, the Get Variable command has been enhanced to let the script dynamically determine the machine ID the script is executing on. Combine this with Send Email to include the relevant machine ID in each email.

Ticketing Notification

Every email notification generated by the ticketing system, now includes a URL link referencing the ticket. Clicking the link to opens the corresponding ticket in a browser. If you are not already logged into the system, you will be prompted to log in first, and then automatically redirected to the ticket.

Tickets are now color coded in to highlight tickets that have been recently modified. Tickets that have had notes added or modified in the last 1 day show in red. Tickets modified in the last 7 days show in yellow. You can adjust these thresholds with the Dashboard Layout function.

Log Management

You can now set the maximum age limit for log entries independently for each log type. The Log Settings function under the Agent tab now provides a unique setting for alert log, agent log, configuration changes log, network statistics log, and script log. Event logs (application, security, and system) are limited to the 500 most recent entries each.

LAN Watch

The IP address range used by LAN Watch is configurable now. You can scan any IP range you want rather than only scanning the subnet set for that particular machine. The maximum allowable range is 65,536 contiguous addresses.

Preinstall Remote Control

The new Preinstall RC function under the Remote Cntl tab, lets you pre-load either WinVNC or RAdmin on any machine. Use this function to eliminate the extra wait for remote control install the first time you try to remote control a machine. A pending remote control install will be copied from a template account when a new machine ID is created, so you can combine the preinstall with new agent deployment.

Status Monitor

The Status monitor pop up window now supports Views just like the main machine filter control.

New features in v4.1.1.0 - 30 July 2004
Subgroups, Views, Patch Alerts, and more.

Machine Selection Control

The machine selection controls, located in area below the tab bar header and above all data displays, has been greatly enhanced with this release.

  • The Machine ID filter no longer requires a wildcard character (*). There is always an implied wildcard at the end of the string. You can still use the wildcard (*) anywhere in a string.
  • The page selector control has moved from the bottom of each data page to its new more convenient location below Machine ID. Now you always change pages from the same spot using a control that is always visible no matter where the data display is scrolled to.
  • The Select Machine Group control now supports machine subgroups. To maintain simple alphabetical ordering, machine groups are ordered from left to right with parent groups appearing first. eg.
  • A new Select View control sort machines on a wide variety of parameters, not just machine ID. eg. OS type.


Views allow you to display only the machines you are currently interested in. Define as many unique views as you need then quickly switch from view to view using the Select View control. Click the Edit button to create and/or modify views. Views in this release support:

  • Force a machine ID filter. This overrides a machine ID filter selection with the filter you set in this view.
  • Force group ID. Automatically change the group ID selected when this view is selected.
  • Show machine that have/have not been on line for a period of time. Quickly find only the machines that are currently online and available or identify machines that have not connected in weeks.
  • Connection gateway filter. Only list machines that are connecting to the server though the specified connection gateway IP address. You may use wildcards (*) in this field.
  • IP address filter. Only display machines whose IP address matches this filter. You may use wildcards (*) in this field.
  • OS Type. Only display machines running the specified operating system.
  • OS version filter. Only display machines matching the version string (see Name/OS Info function under the Audit tab). You may use wildcards (*) in this field.
  • Script schedule status. You may display machines based on how a specified script has run in last n days, has not run in last n days, passed, failed, is currently scheduled to run or not.

Machine Subgroups

Machine groups can now be divided into subgroups giving you significantly more ability to organize your machines to easily map into any organization structure. Subgroups may be created by either master or standard administrators. (Only master administrators may create top level machine groups.) Define subgroups using Machine Groups Create/Delete function under the System tab.

Admin Group
Function Access

Master administrators can now restrict any admin group to a sub set of the total system functions. For each admin group, you can turn on/off any of the VSA's functions and tabs. For example, you can prevent a class of administrators from accessing remote control and scripts, but still allow them to see audit and ticketing.

Alert triggered scripts

Task an alert to trigger any script you define with the Alerts function under the Monitor tab. You can run the script on the machine that triggered the alert or on any other machine you specify. The same data reported in the alert, is also passed to the script through temporary variables so your scripts may be highly customized. See online help for Alerts for details.

Patch Management –

Alerts are now part of the patch management system. The system sends the selected administrator an email alert when ever Scan Machine discovers one of the three different patch alert cases:

  • A new patch is available for the selected Machine ID.
  • A patch installation failed on the selected Machine ID.
  • The patch location for a new patch available for any machine is missing. See Patch Location for details.

Patch Management –
Reboot Action

Reboot Action options have doubled. You get significantly more control to better fit your user's work habits. The three new settings are:

  • Warn user that machine will reboot in 5 minutes (without asking permission).
  • Skip update if user logged in.
  • If user logged in ask permission. Reboot if no response in 5 minutes. Reboot if user not logged in.
  • If user logged in ask permission. Do nothing if no response in 5 minutes. Reboot if user not logged in.

Patch Management –

  • Bulletin IDs are now linked to Microsoft's TechNet web site. TechNet provides detailed information about the bulletin in addition to the knowledge base Q references.
  • Patch deployment deletes the patch install package from the client machine after installation. You can now direct the system to leave the package in place by unchecking Delete package after install in the File Source function.

New Agent

  • Fixed problem in the network protection driver that conflicted with Active Directory. The network protection driver needs to be present prior to system logon. The prior version loaded dynamically when the agent loaded. Now, the driver loads at boot time so it only loads (or unloads) after a reboot. This approach also eliminates having to close and reopen browser windows when network protection activates.
  • The Agent now caches the last known server connection information. The last known connection data allows an Agent to reconnect even if the primary and secondary KServer addresses are set to invalid addresses on the Check-In Control page.
  • Execute File tasks will time out automatically after 2 hours to avoid hanging the Agent checkin process, for example waiting for user input to an unattended patch update executable that is running with incorrect command line parameters.
  • Supports a new KServer request to postpone a checkin if the server is experiencing high utilization. This allows the Agent to check in without adding significant processing to the server load. When the server load drops, the Agent will then be able to check in and perform the postponed tasks.
  • Missing sub-directories in file paths are now automatically created for files sent to the Agent with the Distribute File function.

Printers –
Full column width

Printers, under the Audit tab, will now display the full path names of all items. Check or uncheck the Full column width box to toggle between normal display and full column width display.

Reset Password

You can now create new local accounts on any managed machine using the Reset Password function under the Remote Cntl tab. If an account name does not already exist, then check the 'Create new account' checkbox and enter the new account name and password.

License Summary Report

This release contains a new Software Report titled License Summary. This report provides an at a glance view summarizing the number of machines running each operating system type, Microsoft Office type, and all other licensed applications discovered during the recurring audit.

Aggregate Table Report

Several new fields have been added with this release.

  • First Checkin Time - Timestamp when this agent first connected to the server.
  • Agent Version - Version number of the agent.
  • User Access Logon - Logon name for a user granted logon access under the User Access function.
  • User Access Remote Cntl - Shows whether remote control access has been granted to a user for this machine.
  • User Access Ticketing - Shows whether users can enter tickets for this machine.
  • User Access Chat - Shows whether chat is allowed for a user of this machine.
  • Primary KServer - Primary KServer address and port this agent is set to.
  • Secondary KServer - Secondary KServer address and port this agent is set to.
  • Quick Checkin Period - Quick checkin period for this agent.

Remote Control

This release supports upgraded versions of WinVNC (v4.0) and Remote Administrator (v2.2).

Run Windows Script

A new sample script titled Run Windows Script as been added to Sample ScriptsConfig Changes folder in the scripts area under the Install tab. This script shows how to deploy and run a Windows Script Host (WSH) script on any machine. Typically run either VBS or JScript scripts. This example JScript file writes a test error message to the Application Event Log.

System Info Scheduler

You can now schedule System Info collection to automatically run on a recurring basis.

New features in v4.0.3.0 - 30 March 2004
Windows 2003 server support.

Windows 2003 Server with IIS 6 Install

The Kaseya server may now be installed on Windows 2003 running IIS 6. The agent has supported Windows 2003 since version 3 of Kaseya.

Patch Management Report

Added graphical charts to the patch management report. These charts give an at a glance view of the patch status of all your machines.

View Ticket

Added a link to the machine interface popup window on each ticket. Clicking the machine ID link opens the machine summary window for the machine the ticket was issued against. Now you can have all information for the problem machine with one click, including the ability to launch remote control.

LAN Watch

Allow maximum address range scanned to be set from 8-bit to 15-bit address space. In previous versions the address range was limited to 8-bit (255 addresses).

Naming Policy

You can now add multiple name policies per machine group ID. This lets you rename machines in different IP ranges into the same group ID.

New features in v4.0.2.1 - 5 March 2004
Maintenance Release.

Patch Management

Improved detection and distribution of older patches, particularly for Windows NT4. Added ability to manually apply patches for machines set for Automatic Update. Added support for MDAC.

New GUI Theme

Added a new theme to the web GUI customization (Enterprise Edition only). Select Login Policy, under the System Tab, and click the bottom Customize link. Then select 'Banner' from the theme drop down control. There is now a Home link in the top tab area that brings you back to the start page seen immediately after login.

Agent Dialup Connection Fix

Fixed a problem introduced in version in which the Agent never detected the presence of a dialup connection, and therefore never connected back to the VSA server.

Custom Agent Icon

In addition to displaying your own icon for the Agent in the system tray with the Enterprise Edition, the Agent now also displays your custom icon in the dialog boxes that the Agent presents to the user.

User Login

A separate user login value is now saved for each user. Login Name is set in the User Access function under the Agent tab and is securely bound to the password. Contact Name is no longer used for this function and is free to be used for its original function of holding the computer user's name. Existing users will not be able to log in with the Contact Name. They must log in with the machine ID and the reset their login name (or the administrator may reset their password and set a new login name for them).

Database Maintenance Time

The Configure function under the System Tab now lets you set the time of day maintenance will be scheduled instead of always running at 02:00.

LAN Watch/Install Agents

Fixed a bug that prevented more than one agent from being installed at a time.

New features in v4.0.1.0 - 30 January 2004
Patch Management, New GUI, Script Manager, and more.

Graphical User Interface

The VSA user interface has been reworked to better organize functions and modernize the look and feel. The login pages, for both users and administrators, can be completely customized by a Master administrator using the Login Policy function under the system tab. The Enterprise Edition supports full customization of the entire web site and lets you replace the agent system tray icon with your own icon. See the Customize functions on the Login Policy function under the System tab.

Patch Management

Automated patch management has been added. The VSA will automatically detect when new patches need to be applied to each managed machine and install them. You can configure each machine to automatically install all patches or decide on a patch by patch basis for all machines in a group.

Deploy Agents

Added Deploy Agents and Agent Status (replacing Machine Accounts). This allows each administrator to define their own default agent package. Multiple install packages can also be created and deployed. You can now also share install packages with other administrators by clicking the Share button next to each install package definition. Install Agents now lets you select an install package to deploy (rather than use the default agent).

Admin Groups

You can now create groups of administrators and assign rights to those groups. Adding a new administrator to a group automatically gives that administrator all the rights and privileges assigned to that group. Each administrator group defines which machine group IDs they get access to, who they can share scripts and agent install packages with. Administrators may belong to multiple administrator groups.

Script Management

All scripts now live under the install tab and may be nested into folders. Share rights may, like Deploy Agents, also may be applied to scripts. This lets you share scripts with just any number of selected administrators without making the script public to all administrators.

Script Scheduler

Modified script scheduler to allow scripts to be scheduled to run on a recurring day of the month. Also there is not a checkbox to tell a script to not run if the agent is offline at the appointed time.

Page Control

There is a new control for selecting different pages of data on each screen. The page numbers have been replaced with a drop down control listing the first machine ID of each page in alphabetical order. This new tool allows you to quickly locate the page with any specific machine ID.

Get File Fix

Fixed a bug in the Get File script command that caused large file transfers to take exceptionally long.

Pending Scripts

Added a delete function to the Pending Scripts table in the single machine interface. This will let you remove any pending script from a machine if you need to.

New Sample Scripts

Added new sample scripts to backup My Doc and to initiate Startup Task. Use Startup Task on XP boxes that do not reconnect to the network after a reboot. XP will not connect to the network until an application first needs the network. The agent does not use the network unless a connection exists. The Startup Task script causes the selected PC to use the network one time immediately after startup. This lets the agent connect back to the VSA right away after a reboot. Do not use this script on machines with a dial-up connection to the internet.

App Deploy / Patch Deploy

Modify scripts generated through the wizard for App Deploy and Patch Deploy when the File Share option is selected. Instead of executing from the file share, which may not exist for the Agent when executing as the system, set up the script to do the following:
IF user is logged in
   GetVariable Drive to C:
   GetVariable Drive as the Agent's install drive
   Shell Cmd to mkdir #Drive#Temp
   Shell Cmd as user to copy "\filesharedir ile" "#Drive#TempFile&"
   ExecuteFile as system "#Drive#TempFile"
   DeleteFile "#Drive#TempFile"
   Reschedule script in 1 hour

Hide VNC Icon

VNC icon can now be hidden if the administrator desires it. Also, if a pre-existing password exists then the VSA will not alter it. This lets you set a password and use VNC directly without the VSA. Note: This release updates VNC to add the hidden icon capability. Old passwords are not saved when updating VNC. You will have to reload any passwords you want to use outside of the VSA.

Set Parameters

Separated out the RAdmin and VNC parameters into their own function, Set Parameters, under the Remote Control Tab. Also, now when you set User Notification to either Notify or Ask User, the admin name making the request is displayed to the user in the dialog box.

Uninstall RC

Uninstall RC function added to the Remote Cntl tab. Use this function to remove either WinVNC or RAdmin from the remote machine. If remote control fails with either of these packages, run Uninstall RC and then try Control Machine again.

Video Streaming

Video Streaming replaces Manual Control and is automated with ActiveX. Users no longer need to download and run the manual control package.

Report Changes

  • Agent report changed to Machine Summary. With that single report you can now include applications for each machine (installed and hidden). You can also show application changes since the baseline with this report. All applications now splits the applications into two groups: installed and hidden. Install applications are those that show up in Add/Remove programs.
  • Software report has been completely re-written and is significantly faster. There is also an advance search capability letting you locate software based on a Boolean search. eg. (("* adobe " OR *a*) AND *c*) OR NOT *d* AND < m
  • Logs report - the event log report now accepts a string of event IDs. Before it accepted either a single ID or all IDs.
  • The Aggregate Table report contains more items and also supports the advanced search capability.
  • New Patch Management report supporting the patch management tab.

Agent Status Alert

Added a minutes category for the Agent Status alert Agent has not checked in for. Use minutes to monitor servers you need quick notification for when they go offline.

Scheduled Reports

Added edit icon to Scheduled Reports. Click to edit existing scheduled reports parameters.

HW Audit - Net Protection

Removed Enable HW Audit and Enable Net Protection checkboxes from Agent Tab - Create and Audit Tab - Run Audit. There is now an Enable/Disable button on the Run Audit function to turn on/off the PCI audit driver. Enable Net Protection is now controlled from the Monitor Tab - Network Access function. This lets you easily toggle the state of multiple machines at once instead of having to do each individually.

Audit Schedule

Allow audit to be scheduled to run at a time of day

Protection Functions

File Access and Network Access have been re-written to simplify the user interface. Application Blocker function has been added to prevent selected applications from ever running on a machine.

Administrator Logon Name

Administrators can now change their logon name by selecting the Admin Profile function under the system tab.

Administrator Log Off

Master administrators can now log off any other administrator on the system. See the Enable / Disable function under the System Tab.

System Tab Restructured

System Tab functions have been completely restructured into function groups: Admin Accounts, Admin Groups, Machine Groups, and VSA Server Management.

Configure VSA and Statistics

Server Info has been renamed to Configure VSA. There is also a new function below it named Statistics. All VSA server stats have been moved from the Configure VSA page to the Statistics pages. There are also several more statistical parameters reported such as number of agents currently online (also now reported on the Status Monitor).

Copyright © 2000-2013 Kaseya International Limited. All rights reserved.

Terms of Use                        Privacy Statement                         Legal