LAN Cache

NAVIGATION  Agent > Configure Agents > LAN Cache

The LAN Cache page designates a machine to act as a file source for other machines on the same LAN. When a LAN cache is enabled and a machine on the same LAN requests a download from the Kaseya Server for the first time, files are downloaded to the LAN cache machine, then copied to the requesting machine. From then on the file does not need to be downloaded from the Kaseya Server. Other machines—on the same LAN and using the same LAN cache—copy the file from the LAN cache machine. Doing so speeds delivery to multiple machines throughout the same LAN and reduces network bandwidth issues. The following VSA functions can use LAN Cache:

  • agent procedure command getURL()
  • agent procedure command writeFile()
  • Patch Management > File Source
  • Policy Management > Policies > Patch File Source

IMPORTANT  LAN Cache utilizes local administrator accounts to create/manage shares, and assign machines to access the shares. Since not all VSA installations are domain joined, this design utilizes pass thru authentication which is a form of password reuse. If LAN Cache is installed on a Domain Controller, the local administrator becomes a domain administrator. Installing any software onto a Domain Controller violates Microsoft best practices and introduces security risks to your environment. Kaseya recommends carefully considering your use case(s) before accepting the risk associated with creating additional domain administrator accounts, and configuring VSA to use auto-generated administrator credentials.

Background

LAN Cache configures a file source as follows:

  • Automatically creates a local administrator or domain administrator account, or allows you to manually specify the credential for an existing domain administrator. Created accounts are given a unique name (FSAdminxxxxxxxxx where x is a digit) with an automatically generated strong password. The generated password contains 15 randomly selected characters and contains at least one the following characters:
    • uppercase letters
    • lowercase letters
    • numbers (0 - 9)
    • non-alphanumeric characters
  • Once the password is generated, it is compared against the admin name to ensure that no 2 character combinations in the password match any 2 character combination in the admin name. This logic ensures that the generated passwords will meet any Windows password complexity logic.
  • The credentials for the account are associated with this LAN cache within Kaseya and are used when necessary instead of any assigned agent credential. LAN Cache does not require nor support using the credential specified on the Manage Agents page.
  • Creation of the specified customer share directory on the specified fixed disk drive configured as a Windows administrative share. The directory and share are created for you without leaving the LAN Cache page. The directory specified for LAN cache is strictly for customer use. Kaseya never uses this customer-specified directory/share.
  • Creation of a special Kaseya directory—always VSAFileShare as a sub-directory under the customer directory—on the specified fixed disk drive configured as a Windows administrative share.

Procedure - General

  1. Select a LAN cache machine.
  2. Assign machines to the LAN cache using the Assign LAN Cache page.

Procedure - For writeFile() and getURL() Steps in Agent Procedures

These commands can download files from a LAN Cache instead of the VSA or from a URL. Files have to be larger than 4k bytes.

  1. Select a LAN cache machine.
  2. Assign machines to the LAN cache using the Assign LAN Cache page.
  3. For the writeFile() command only, upload the files you intend to download to assigned machines to the Kaseya Server using Agent Procedures > Manage Procedures > Schedule / Create > Manage Files > Shared folder. Files have to be larger than 4k bytes.
  4. Create and run an agent procedure that includes a writeFile() or getURL() step.
  • When an agent executes the writeFile() or getURL() step of an agent procedure for the first time, it downloads the file from the KServer or the URL, then updates the assigned LAN cache with the file.
  • For subsequent requests for the same file by any agent, the file is downloaded from the LAN cache instead of from its original source.
  • To take full advantage of the caching mechanism, execute the agent procedure referencing the file on one agent first. After that agent has uploaded the file to the assigned LAN cache, execute the procedure on other agents assigned to the same LAN cache.

Actions

  • Add LAN Cache - Specifies a LAN cache on a selected machine.
    • 1. LAN Cache Name - Enter a "friendly" name for the LAN cache as it will be displayed in Assign LAN Cache. It does not have to match the name of the machine. Do not specify the name of the directory or drive letter.
    • 2. Directory Name - Enter the name of the directory only, without specifying the name of the machine or the drive letter. The directory does not have to already exist. LAN Cache will create the directory and the required share settings for you.
    • 3. Select the UNC server name resolution - Use Computer Name or Use Computer IP Address. Specifies the UNC name resolution format used to access the share. Example: \\computername\sharename$ or \\10.10.10.118\sharename$.

      NOTE   The next step—selecting the type of credential—does not display if the System > Default Setting > LAN Cache - Use auto-generated administrator credentials option is set to yes.

    • 4. Select the type of LAN Cache administrator credentials to use
      • Use auto-generated administrator credentials - If selected, an administrator credential is created for you when the LAN Cache is created. A local administrator credential is created unless the machine is a domain controller. If the machine is a domain controller, a domain administrator credential is created.
      • Use an existing domain administrator credential - If selected, enter the domain, username and password of an existing domain credential. The domain credential will not be created for you.
    • 5. Select a fixed drive on which to create the LAN Cache - Select the drive to create the share on.
  • Remove LAN Cache - Removes the LAN cache from a selected machine.
  • Clear Pending - Cancels the pending creation of a LAN cache on a selected machine.
  • Test Generated Cache Credential - Click to test the credentials used by a selected machine. The result is shown in the Credential Test Status column.

Columns

  • (Check-in Icon) - These icons indicate the agent check-in status of each managed machine. Hovering the cursor over a check-in icon displays the agent Quick View window.

    Word 50% / HTML 50% Online but waiting for first audit to complete

    Word 50% / HTML 50% Agent online

    Word 50% / HTML 50% Agent online and user currently logged on.

    Word 50% / HTML 50% Agent online and user currently logged on, but user not active for 10 minutes

    Word 50% / HTML 50% Agent is currently offline

    Word 50% / HTML 50% Agent has never checked in

    Word 50% / HTML 50% Agent is online but remote control has been disabled

    Word 50% / HTML 50% The agent has been suspended

    Word 80% / HTML 80% An agent icon adorned with a red clock badge is a temporary agent.

  • Machine.Group ID - A unique machine ID / group ID / organization ID name for a machine in the VSA.
  • Cache Name - The name of the LAN cache as displayed with the VSA.
  • Cache Path - The path specified for the LAN cache.
  • Cache UNC - The UNC used to locate the LAN cache on the network.
  • Cache Created - Date/time the LAN cache was created.
  • Cache Administrator - The administrator account used to access the LAN Cache.
  • Credential Test Status - Displays the results of testing the administrator account credentials used to access the LAN Cache. Credentials can be tested using the Test Generated Cache Credential button at the top of the page.