KLC unable to connect if DNS is unavailable on agent side
- Agent check-in policy is configured with a DNS name as the "primary kserver" and an IP as the "secondary kserver"
- primary kserver address can no longer be resolved on the agent machine due to DNS failure
- agent continues to check in using the secondary kserver address, but Live Connect fails with the following error in the "Start KLC" procedure on the agent:
This problem is a combination of the amount of time the DNS look-up takes to fail and the wait time of the browser side. The relay attempts to connect on 3 different addresses (name/IP from System > Configure page, followed by primary and secondary kserver addresses from Agent > Check-in Control) but it tries to resolve any DNS names before attempting the connection. If the DNS lookup takes more than ~6 seconds, the connection will fail due to time-out on the browser side relay plug-in.
The issue will be addressed in a future release of Kaseya.
This workaround can be used to gain remote access to the agent and resolve any DNS issue: -
1) go to Agent > Check-in Control and temporarily change any DNS names for the affected agent(s) to the matching IP addresses - allow 1 or 2 minutes for the change to be applied to the agent
2) go to System > Configure page and temporarily change "external name / IP address of Server" from DNS name to IP address
3) try Live Connect to the agent again
4) once the DNS issue is resolved, reapply the desired configurations