Agents are Reporting Offline in Live Connect


After upgrading to or patching a 9.4 VSA server, some or all agents may report being offline.



API AppPool permissions are missing from certain folders in order for agents to authenticate successfully.



  1. On the VSA server, open command prompt as an administrator.
  2. Run the following commands:

    ICACLS C:\Kaseya\api\v1.0 /grant "IIS AppPool\APIAppPool":F
    ICACLS C:\Kaseya\EndpointDownloads /grant "IIS AppPool\APIAppPool":F
    ICACLS C:\Kaseya\EndpointUploads /grant "IIS AppPool\APIAppPool":F
    ICACLS C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys /grant "IIS AppPool\APIAppPool":F

    Note: If the Kaseya directory is located on a drive other than C, change the drive letter in the command above.

  3. Navigate to each directory through file explorer and apply full permissions for the APIAppPool user.

    Note: If the EndpointUploads folder does not exist, create it manually and re-run the relevant command and apply permissions.

    We have seen cases where C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys would contain millions of obsolete files. Applying new permissions would be taxing and not advisable. Rename the MachineKeys folder (i.e., MachineKeysOld) and recreate the MachineKeys folder and re-run the relevant command and apply permissions.

     4. Run Live Connect to the affected agent to verify that it is now online.

If you continue to have issues, please create a support ticket.




Have more questions?

Contact us

Was this article helpful?
0 out of 1 found this helpful

Provide feedback for the Documentation team!

Browse this section