EV Reach Console - Configuration - General Settings

Last modified on 2023/07/12 14:02
Contents

To open the Settings window, click the Application button in the upper left hand of EV Reach and select General Settings.

image26-4.png

Database Settings

The EV Reach Operator Console requires a database back-end. By default, a file-based database will be used. However, you can change it to an MS-SQL server of your choice.

See: Database Settings – Operator Side

Network Security

  • Validate System Name before connecting  - Enable to validate the system name reported by the machine versus the system name resolved by DNS.
    • Use this option if you have DNS resolution issues and want EV Reach to confirm that you are connected to the correct machine.
    • Do not use this option if you use DNS CNAME Aliases.
  • Always test connectivity before connecting to a machine - Enable to have EV Reach ping a device before attempting to connect to it. If the ping fails, the machine is considered unreachable.
    • Enable to avoid long connection time-out if a machine is offline.
    • Configure the latency value to take into consideration your network topology.
    • Disable if your firewall blocks ICMP requests.
  • Resolve IP addresses to NetBIOS names -  Enable to have EV Reach automatically resolve an IP address to a NetBIOS name when appropriate. Disable to prevent EV Reach from resolving IP addresses.
  • Convert computer names to DNS names -  Enable to have EV Reach automatically convert a computer name to its DNS name. This feature may use reverse name resolution. Disable this option if some machine names are resolved to incorrect DNS names.

Alternate Credentials

EV Reach can automatically prompt you for alternate credentials if you are executing an action with a user account which doesn't hold enough privileges to complete it. To enable this feature, check Automatically prompt for alternate credentials.

If Microsoft LAPS is implemented in your Active Directory, check the Enable Microsoft LAPS Support option.

You can use the Credential Manager to view, modify, add or delete alternate credentials.

For more information, see the Using Alternate Credentials in EV Reach.

EV Reach Server

The EV Reach Server settings section can be used to view the detection status of your EV Reach Server. This section displays the detected EV Reach Server and method of detection (DNS Zone or GPO).

Remember that a DNS SRV configuration takes precedence over a GPO configuration, so if both exist, you will not see the GPO configured servers, only the DNS configured server.

If neither a DNS nor GPO configuration is detected, EV Reach will allow you to enter a EV Reach Server configuration manually. This is allowed in the event you are using EV Reach outside of your primary DNS zone and wish to still connect to a EV Reach Server.

  • Refresh - Detects/Refreshes EV Reach Server Configuration/Status.
  • Manually add a server - Gives you the ability to add a EV Reach Server manually. Format: MY-GRS-SERVER.mycorp.com:PORT (Default Port is 22100). **Appears when a EV Reach Server is not detected.
  • Delete - Deletes any highlighted EV Reach Server in the list.
  • Open Server Tester - Opens the EV Reach Server Tester utility.

Reach Gateway Service

These are the settings used to point your console to the in-house EV Reach Gateway Service.

These settings are usually automatically populated by policies. However, they can be manually configured if Global Policies are not used.

  • Name of this Organization Enter the name of your organization in this field (for instance ‘Corp XYZ, Inc.’). This name will be used during On-Demand Support Sessions to brand the package for the remote client. Its also used as the default Reach container for corporate clients that are connected from outside of your private network.
  • Public Facing Reach Address Enter the Public DNS Name exposed to the public-facing side of your network(or IP address if no Public DNS name is available), as well as the port number to be used for communication. It is strongly recommended to associate an identity certificate to your Reach public-facing address. See: EV Reach Gateway Security.
  • Private Facing Reach Address Enter the FQDN or IP address of the local server, as well as the port number to be used for communication. This address will be used by EV Reach Operator Consoles and Client Agents within your network to communicate with the Reach Server.

Note: For security reasons, EV Reach Operators can only use Reach Services when connected on the same network as the Private Facing Reach Address.

Client Agents

Communication Port - Modify the TCP socket port used by EV Reach to communicate with the EV Reach Agents on a remote machine.

Agent Installation Policy / Update Policy

Configure the behavior to adopt when EV Reach establishes a connection to a remote machine which is not equipped with the EV Reach Agents or is equipped with a different version of the EV Reach Agents.

Agent Install and Update policies are in two main categories.

  • If the agent must be INSTALLED - This policy will take effect if the Reach Console does not detect an agent on the remote system.
  • If the Agent can be UPDATED - This policy will take effect if the Reach Console encounters a system with a different version of the agent.

Agent Deployment for MacOS - Enable this setting if you are managing MacOS endpoints and would like to push agents to them. For more information See EV Reach MacOS Client Agent.

Note: These settings may be controlled by a EV Reach Server policy. See EV Reach Policy Management

For more information, see EV Reach Client Agent Deployment and Management.

Intel vPro Settings

Use these settings if you have Intel vPro workstations on your network.

  • Some machines use TLS - Enable this setting if you are using TLS in your network but not all are configured to authenticate with TLS. Note: These settings are not necessary if your organization has an Enterprise Certificate Authority system in place.
  • Trusted Root Certificate Authority - Use this setting to import a certificate to the Windows Certificate Store for use with Intel vPro workstations.
  • Remote Client Certificate - Import a PEM format certificate with optional password.
  • HTTP/SOCKS Proxy Settings - If you are behind a proxy and need to connect to Intel vPro workstations, supply the credentials here.

See Configuring EV Reach for Intel vPro

Application Directories

These are the directories used by the EV Reach Application. Make sure that the configured directories are accessible and can be written into by EV Reach.

  • Application Data - Defines the directory used by EV Reach to store Application Data like Scope Actions.
  • Output Data - Defines the directory used by EV Reach to store output data files. For instance, this path is used as the default location to store Scope Action report and log files.
  • Temporary Data - Defines the directory used by EV Reach to store temporary data files.

Active Directory

  • Enable Active Directory Integration - Enable if you have one or more Active Directory forest that you wish to manage. Disable if no Active Directory is available at your site (note that disabling this option will remove Users & Groups management)
  • Sort Active Directory result sets - When you query the objects contained within an Active Directory container, they are returned in the order they were created. Enable this option to have the result set sorted before it is displayed.

Note: For some network configurations, enabling sorting will result in failed attempts when listing objects in an active directory container. In such cases, disable this option.

  • Object Query Page Size - If your Active Directory Containers contain large number of objects, increase this value to speed-up opening these containers. This value should be set to about 1/10th of the total number of objects in the largest container of your domain.
  • Open the Forest Manager - If EV Reach is installed on a stand-alone machine, or if multiple active directory forests exist, you can configure EV Reach to bind to individual AD hierarchy using the EV Reach AD Forest Selector.For more information, see Managing Multiple Domains and Forests.

Administration & Diagnostic

User Management Settings

  • Allow EV Reach to store data in user's roaming profiles
    • Enable if you do not have a EV Reach Server implemented, and if your user accounts are configured with a roaming profile.
    • Disable if you have a EV Reach Server implemented.
  • Enable DFS shares detection - Enable if your users are configured with a roaming profile path which points to a DFS share.

See: Workstation Detection with fastConnect

Computer Management Settings

  • Query and display OS information for visible machines When using the Computers view, EV Reach sends a small network call to all machines visible in the view to query its status and OS information (see Managing Computers - Overview). To prevent EV Reach from querying information on all visible computer objects, disable this option.

Note: If you disable this option, the status and OS information of remote machines are not displayed.

  • Live Machine Status If enabled, machine dynamic information (Ping status, Logged in username) is reported live, removing the need to press the Refresh List button. If disabled, the F5 button can be used to refresh the live status of the machine.
  • Automatically update the Wake On LAN cache EV Reach keeps a cache of all resolved MAC Addresses for an IP (see Power Options). In order to keep a more accurate Wake On LAN cache, EV Reach can automatically execute an IP to MAC address resolution for each computer visible in the Machines view. To disable automatic Wake On LAN Cache updates, disable this option. Note: This option is automatically disabled if the Query and display OS information option is disabled. To access and manage the Wake On LAN cache, click on the Wake On LAN Cache Manager link.
Tags:
Powered by XWiki © EasyVista 2022