These questions were raised during Configurations Training
FAQ's
In real life the remote user doesn't announce when he'll connect to the network. Can the agent be pushed automatically as soon as the remote user logs into the domain? In this situation, if you have an Acitve Directory you can ensure the agent is installed when he reaches AD. Alternatively, I many of my clients would take a maintenance routine to bring the laptop to office or have a standard time to get connected to the network so that the agent can be pushed to them.
Is a notebook considered as Mobile Device or Desktop? Notebook is basically from the desktop classification though it can be used while you are Mobile.
By opening ports to remote users coming in through the WAN and opening ports to NAT the port translation aren't we opening the door to even more attempted penetrations through the ports required considering the fewer open ports the better? We recommend you to use a component called Secure Gateway, which acts an intermediate to route all the communication between the agents and the server.You can refer this document for more details: https://www.manageengine.com/products/desktop-central/help/configuring_desktop_central/configuring_nat_settings.html
Why would you control configurations through Endpoint Central rather than Active Directory Group Policy? Status update and ease of management is better in Endpoint Central and it also supports management of workgroup computers. Hence you gain more control on configuration using Endpoint Central.
Does the distribution server need to be dedicated? Does it need to run on a server OS? No, it is not required to be a Server OS, it can be a simple desktop. Dedicated machines is also not required. The only requirement would be the availability of that machine with zero down time.
What is the difference between group management and custom group? Under Custom Group you can add all the computers managed by Endpoint Central and deploy configurations. Group management is a configuration through which you can manage the local groups in a particular computer.
Can I restore a configuration, which is moved to Trash?. How long does a configuration stay in trash? If you move any configuration to trash, it can be restored anytime. Configurations are not automatically cleaned up from trash, you will have to remove them manually.
I use both Endpoint Central and ServiceDesk Plus, should I install both the agents? Would there be any conflicts among these agents? There wont be any conflicts with the agents between Endpoint Central and ServiceDesk Plus agents. However Endpoint Central agents are more sophisticated and capable. You will not have the need to install ServiceDesk Plus agent, if you choose to install Endpoint Central and integrate it with ServiceDesk Plus.
If i move a configuration to trash, would it still execute? No it will not get executed. Once you move the configuration to trash it wont get executed. To move the configurations to trash automatically go to configurations tab -> settings -> configuration settings -> enable move configuration to trash option.
I see an issue in Endpoint Central, I cannot use two IP address, one for internal and other for external communication?. I do not want to expose my Endpoint Central IP address to the external world. You need not expose the Endpoint Central server to the external world. You can configure a component called Secure Gateway, which will route all the requests both the internal and the external request to the Endpoint Central server. Refer this article for more details
Is there a way, administrators can be automatically notified when there is change in status of the configuration? You can choose to configure the notification settings while creating the configuration, so that the administrators will be notified whenever there is a change in the status of the configuration.
Is it required to move to the distribution server to edge/ public communication? Moving a distribution to the edge is not necessary, distribution server will replicate the required data from Endpoint Central and the agents within the respective remote office will communicate with the distribution server.
Can the 90 minute refresh policy be changed? No, the refresh policy cannot be changed.
Let's say there are 5 machines on the 3rd floor and they all get the printer configuration successfully. If a 6th machine is added after the configuration has been changed to "Exectued" will the 6th machine get the printer? I think what I'm asking is if there is a way to make a perpetual configuration. Yes, if you deploy the configuration to security group/OU/Custom group then configuration is perpetual.
If you configure a set of restricted sites in the Collection wizard, but don't select a web browser that you want to be the default, does it just add the restricted sites to which ever is their default viewer or IE only?Restricted sites will be applied to Chrome and Internet Explorer.
Can we add an EXE to prohibit list, which is not been used in the network? You can block exe's using "Block Exe" feature.
When does a configuration gets deleted? Is it based on the status of the configuration?Irrespective of status, configuration is moved to trash if it is inactive for "X" number of days.
Some keyboards and monitors have embedded USB ports. Will those ports also be blocked despite having the keyboard and mouse options excluded from the block?Blocking the USB is based on device type only. Hence, it will not block the critical devices.
If using Group Policy for items such as Browser settings, Shortcuts, and Printers, will Manage Engine override the Group Policy deployed items? Group Policy Settings will not be overwritten by using Endpoint Central Configurations.
I see there is a configuration template of "Defrag Hard Disk". Is that smart enough to detect Solid State Drives and skip those? We do have a configuration to defrag the Hard Disk Drive. However, finding the type of drive is unavailable for now.
How did you get to the option to download and email the agent for remote computers? You can download the Agent from Admin-->Scope of Management-->Computers tab and download Agent.
how can Configurations be used to install fonts for users? Yes, you can install Fonts using Display Configuration for computers.
Is there any better way to get the Instance name or Vender Instance for exception besides finding it from the Registry or from Computer Management? It is available in the inventory tab, under USB audit.
If your performing drive mapping is there a recommended setup regarding Preferences on skipping drive that already exists or overwrite the existing drive? I have found when using this feature that sometimes the drive is gone the next time the user logs in. Best choice is to overwrite the existing drive and also choose apply always to make sure drive mapping gets configured during every logon
Is there a way with offsite devices that are not connected to the local office, to have them routinely receive an alert to bring back to main office for syncing with ManageEngine? Currently we do not this option, however will take it as a feature request
Can 2 domains be managed with the same management console? You can choose to add multiple domains using Endpoint Central.
We currently use group policy to manage many of these configurations. Do you have a list of recommended policies to migrate to manage engine? It is recommended is use either GPO or Endpoint Central configuration to apply the settings. Do not use both to do same task.
Do you know if a custom group based on AD OU or security group membership will automatically update based on changes in membership in the AD OU/Security Group?No. Currently we do not have this option. Will take it as a feature request
Can web site security certificates be deployed to workstations and to multiple browsers? Yes . Custom Script and File Folder operation configurations should be used to achieve this.
Could a laptop be setup with an agent if it is not part of the domain? It is in a workgroup and only onsite 1 time a weekThe product supports both Domain and Workgroup. To install Agent for machines connected to network once in a week, then configure the agent re-try to install it.
Is there a mobile app for Endpoint Central?Yes, it has a mobile app available to both android and iOS mobile devices using which critical tasks can be performed and notifications can be received about the status of the tasks.
Would i be able to run a report to see what anti virus every system is running and what day it was installed?Yes, you can identify this, by using the Inventory reports from the web console -> Reports -> Inventory Reports -> Computers with/without software.
