The VSA 9.5.13 release includes enhancements and fixes described in the topics below. For minimum system and agent requirements, see these topics in the Kaseya R95 System Requirements Guide: Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.
This release requires agent version 184.108.40.206. Be sure to update your Windows, Mac, and Linux agents after installing this release. Agents updated to this version cannot be used to communicate with servers running VSA versions prior to 9.5.8.
- Scaled SaaS deployment – Tuesday, July 26th
- Full SaaS Deployment - Saturday, July 30th
- General Availability (on-prem customers) - Cancelled and replaced with 9.5.13a Maintenance Release
Important Security Updates
Any updates related to VSA security will be listed here when the release moves to General Availability (see Release Schedule above for planned dates).
Intel® vPro Integration
We are happy to share a brand-new integration to support vPro technology through a partnership with Intel. Using VSA and Intel EMA together, VSA can put all of the existing vPro features at your fingertips including PowerControl, AlarmClock, Remote Control, and more!
When configured, VSA will first collect and deploy EMA agent software to all associated VSA endpoints. Once completed, an “Intel®EMA Server” link is displayed in each Asset’s associated QuickView. This link will take you directly to the Asset’s management page within your EMA server.
NOTE: Our legacy vPro integration is planned to be disabled later this year in VSA 9.5.15. If you have questions or concerns, please have your account manager contact Ryan on the VSA Product team.
To improve API security, Personal Access Tokens (PATs) have been enhanced to allow the administrator to specify which API routes can be accessed, instead of inheriting all permissions from the User Role.
- Added a new section Rest API Access Rights to the Update Access Token dialogue, which will be displayed if REST API is selected in the Scopes Assigned section. It has a radio button selector with two options: -
- Inherit from User Role (default) - access rights for the token depend on the User Role of the user they are associated with, as they were before this release.
- Specify - if selected, an additional section called Specify Category is displayed with a list of categories to which the token can be given Read or Read and Manage permissions. Selecting this option separates the access token from the user’s role access rights. This option can only be selected by a Master or System role user.
- Please refer to the REST API User Guide for details of which API routes are available within each category.
- A token with Read access to a category can use any GET request within that category.
- A token with Read and Manage access can use PUT, POST, and DELETE requests, as well as GET.
- Specifying access rights does not affect scope. Personal Access Tokens can only access machines, groups, and organizations within the Scope of the user they are associated with.
Live Connect App
- Enhanced Live Connect to support launching Telnet sessions.
LiveView has been enhanced to include new sub-categories and features:
- *NEW* Services area introduced to review and manage all services on the target endpoint.
- The Command area has been updated to support PowerShell.
- Action Bar supports the ability to trigger user-defined Agent Procedures:
- Logging has been enriched for clarity and detail.
Remote Control - Bi-directional File Transfer
Remote Control now supports copying files in both directions between admin and endpoint machine directly in remote session.
The following scenarios are supported:
- Windows connecting to Windows
- macOS connecting to Windows
To copy a file from the endpoint to the admin machine: -
- within the remote session, select the required file and press CTRL+C to copy file to clipboard.
- on the admin machine, open File Explorer and select the required destination folder.
- press CTRL+V to paste the file.
- if the destination folder is part of the admin's user profile (e.g. Documents, Downloads), the file will be copied directly into that folder.
- if the destination folder is outside of the user profile, it will be copied to a session specific folder under Documents/KRCTransferFiles, and an Explorer window of this folder will be opened automatically so that the admin can drag and drop it into the chosen destination folder.
- if no folder is selected, the file will be copied to the desktop.
Note: this process does not support using right-click menu in Explorer to copy and paste the file. CTRL+C and CTRL+V must be used.
To copy a file from the admin machine to the endpoint: -
- from a File Explorer window on the admin machine, drag and drop the file to the Remote Control window
- a new File Explorer window will open on the remote machine containing the copied file in a session-specific folder within the agent working directory. From here, you can move it to the required destination folder.
- Enhanced the Remote Control->Control Machine page to include online/offline status for non-agent assets.
- Added a new endpoint GET /thirdpartyapps/status which returns a list of third-party (TAP) integrations installed to the authenticated user's tenant.
- Added a new endpoint GET /bmsi/config which returns the status of BMS integration on authenticated user's tenant.
- Added new endpoint GET /itglue/vsa/config to return the status of the IT Glue integration on the authenticated user's tenant.
- With this release, the Windows patches impact is calculated using both Security Bulletin classifications (Microsoft Security Response Center Priority) and Windows Update API. A patch will have a Critical impact if it has a Critical status in either Security Bulletin or Windows Update API.
- The «Machines Assigned» column in the Software Management profiles pages now respects the global filter and the scope of the current user.
- The «Installed Patches», «Approved Patches», «Rejected Patches», and «Suppressed Patches» columns on the Patch History page now respect the global filter and the scope of the current user.
- The «Patches Pending Review» column on the Patch Approval page now respects the global filter and the scope of the current user.
- With this release, the new reboot action with snooze and force reboot parameters becomes available in deployment profiles.
- The "Login with IT Complete" button will only be displayed on the login page if at least one tenant has the feature enabled.
- Fixed an issue where agent upgrade would fail on macOS and Linux machines under certain conditions.
- Fixed an issue where a SQL error was sometimes displayed when attempting to run agent procedures against multiple endpoints.
- Fixed a spelling mistake in the column header on the Agent > Manage Agents page for “Max Memory Slots”.
- Fixed an issue where the Audit > View Individual Data > Machine Summary page would fail to load data for Hewlett Packard machines where the connection gateway address is in a reserved IP range.
- Fixed an issue where MachineOffline30days AlertType caused KCB alerts to stop processing.
Database and Schema
- Fixed a database performance problem that could affect monitor alarm processing.
- Fixed an issue where Service Desk reports would fail to render with the “execution timeout expired” error under certain conditions.
- Fixed an issue where the Legacy Monitor Set report was producing blank data instead of graphs.
Live Connect App
- Updated Remote Control process to display a correct error message when attempting connection to a remote service on an asset whose manually assigned proxy is offline.
- Modified the error message returned with SSH authentication failures within Live Connect to remove meaningless error numbers.
- Resolved issue in the Live Connect application to show status icons that reflect if a user is logged in to a given agent.
- Fixed an issue where the Live Connect application would route traffic through a proxy server if one was configured in Windows and ignore the bypass list. After this fix, Live Connect will always make a direct connection to the VSA server, as it does not support use through a proxy.
- Fixed an issue where clicking on the Kaseya One icon in the header bar would direct to the Kaseya home page instead of the Kaseya One portal.
- Fixed an issue where the Disable Windows Auto Update function was not working correctly for Windows Server 2012 and Windows 8.1.
Remote Control App
- Fixed an issue where the Black-Out End-User Displays button was allowed to be clicked while a connection occurred but the functionality was not enabled.
Remote Control Module
- Fixed an issue on the Control Machine page where the machine counter was not loading, and the total count of machines was not displayed correctly.
- Fixed an issue where support for new languages is added to the software catalog.
- Fixed an issue where filtering and sorting by the “Pending Review Patches” column was not working on the Patch Approval page.
- Fixed an issue where the filter by “Online” was not working properly on some pages.
- Fixed an issue where the 3PP scan failed for machines with more than one version of the same application.
- Fixed an issue where 3PP updates failed to be retrieved if the scanned script didn’t detect language for installed software.
- Fixed an issue where the Machine Id filter was not applied to the Patches Pending Review column of the patches list on the Patches Approval page.
- Fixed an issue where customers who have users that have a limited scope and role to only one machine group had access to see other profiles under software management.
- Fixed an issue where Do not show domain on login page setting on System > Server Management > Logon Policy page was not respected.
- Fixed an issue where Require Password Change every N days setting on System > Server Management > Logon Policy page was reset to 30 days for SaaS tenants after patch install.
- Fixed an issue where the horizontal scroll bar was missing in VSA on chromium-based browsers.