|
Concerning to Kaspersky Administration Kit 6.0 MP1 If Kaspersky Administration Kit is installed in the network the administrator can organize Administration Servers installed in the network of the enterprise hierarchically. Administration Servers create “master – slave” hierarchy. And each Administration Server in the hierarchy can have several slave Servers.
To connect a Server to another Server, do the following:
1. Decide which Server will be master, and which – slave.
2. In the Administration Console on the master Server select an administration group into which a slave Server will be located. From the context menu of the Administration Servers node run the New > Add server command. During the work of the Administration server addition wizard define the necessary connection parameters.
 It is recommended to define this parameter to shorten the procedure of the slave Server connection, and you will not have to perform stage 3 of the connection procedures. To shorten the procedure, the account under which you try to connect must be added to KLAdmins group on the slave Server. If it isn’t, a dialog window is displayed suggesting entering parameters of this account with the rights. If you do not have such rights, then the administrator of the slave Server will have to perform the third stage of the connection procedure.
3. If the slave-Server address has not been defined in the wizard window (or you did not have rights of the slave Server administrator), then:
-
open the slave-Server Cosnole
-
rigth-click the Server > Properties > the General tab > and click the Servers hierarchy settings link
-
In the open window check the The Kaspersky Administration Server is a slave server in the server hierarchy checkbox
-
define the master-Server address. IP-address, Server name (NetBios-name) or fully qualified domain name of the Server (FQDN) can be used.
-
specify the path to the master-Server certificate. The certificate is used to authenticate the master Server when connecting two Servers. The certificate is not saved on the disc in an explicit form, but located in the Settings Storage.
-
define proxy-server parameters – if the Servers are separated by a proxy-server.
4. In the master-Server Console expand the administration group to which the slave-Server has been assigned to and connect to it (click it). It may take some time depending on the enterprise network parameters.
If you fail to connect, make sure parameters of the master-Server are defined correctly on the slave-Server and the The Kaspersky Administration Server is a slave server in the server hierarchy checkbox is checked.
Rights to connect a slave-Server and manage its logical network are defined by the rights on the master-Server administration group to which the slave-Server is connected/ assigned.
To connect a slave-Server user account should have permissions for Reading and Writing.
To view the logical network of the connected slave-Server user account should have permission for Reading.
To manage the logical network of the already connected slave-Server user account should have permission for Reading and Executing.
In Kaspersky Administration Kit 6.0 any task created by a master-Slave (as well as product deployment task) can be inherited by slave-Servers. For tasks to be inherited by a slave-Server > right-click a task > Properties > the General tab > click Send to slave Administration Servers.
To delete a slave-Server from the administration group, run the Delete command from its context menu. After the Server is deleted, the The Kaspersky Administration Server is a slave server in the server hierarchy checkbox is automatically unchecked and policies and tasks forced by the master Server are deleted as well.
| 
Knowledge base
Product Info
System requirements
33 
2007 Nov 15 16:10
