- 24 Mar 2022
- 4 Minutes to read
ManageEngine Desktop Central and Patch Manager
- Updated on 24 Mar 2022
- 4 Minutes to read
ManageEngine Desktop Central is a desktop management and mobile device management software for managing desktops in LAN and across WAN and mobile devices from a central location, including automated patch deployment for Windows, macOS and Linux endpoints.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Domain (required) - The hostname or IP address of the ManageEngine Desktop Central or Patch Manager server.
- Port (required, default: 8020) - The port Axonius will use to Axonius to communicate with the value supplied in Domain.
- User Name and Password - The credentials for a user account that has the Required Permissions to fetch assets.
When OAuth Client ID, OAuth Client Secret and OAuth Refresh Token are not supplied, User Name and Password are required.
- User Name Domain (optional, default: empty) - The AD domain. Use this option if you are using the AD authentication method. For details, see Required Permissions.
- Domain Authorization Token (optional, default: empty) - Token to access the AD domain.
- Fetch Desktop Central Data - Select this parameter to fetch desktop central data. If you do not select this option, only patch data is fetched (patch data is available from both products).
- MFA QR Code (optional, default: empty) - If MFA is enabled using Google Authenticator, save the QR code received as a PNG file and upload it.
- If supplied, the connection for this adapter will use the uploaded file to authenticate the specified User Name and Password.
- If not supplied, the connection for this adapter will not add any additional authentication to the specified User Name and Password.
- OAuth Client ID, OAuth Client Secret and OAuth Refresh Token - parameters for OAuth authentication, used in the cloud version of ManageEngine Desktop Central and Patch Manager. Refer to APIs for information on how to generate them.
- OAuth Zoho Accounts URL (default: https://accounts.zoho.com) - The account URL. Refer to Refresh Access Tokens for information on how to obtain the account URL.
When User Name and Password are not supplied, OAuth Client ID, OAuth Client Secret and OAuth Refresh Token are required.
- MSP Customer ID - Customer ID to fetch information for, when connecting to Desktop Central MSP. Only use this when connecting to Desktop Central MSP, otherwise leave empty.
- Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Desktop Central Domain. For more details, see SSL Trust & CA Settings.
- If enabled, the SSL certificate offered by the value supplied in Desktop Central Domain will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
- If disabled, the SSL certificate offered by the value supplied in Desktop Central Domain will not be verified against the CA database inside of Axonius.
- HTTP Proxy and HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Desktop Central Domain.
- If supplied, Axonius will utilize the proxy when connecting to the value supplied in Desktop Central Domain.
- If not supplied, Axonius will connect directly to the value supplied in Desktop Central Domain.
- To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Axonius uses the ManageEngine Desktop Central REST API.
Configuring OAuth Authentication
This adapter supports OAuth Authentication
Generating the OAuth Client ID, OAuth Client Secret and OAuth Refresh Token
To use OAuth Authentication you need to generate the OAuth Client ID, OAuth Client Secret and OAuth Refresh Token. To generate them:
- Go to the Zoho API Console: https://api-console.zoho.com/
- Click 'Add client', choose 'Self Client' and click 'Create' (if a popup asks you to confirm, click “OK“).
- On the API Console main page, click on the 'Self Client' application
- In the tab 'Generate Code', enter the following details, and click 'Create':
- Scope: “DesktopCentralCloud.restapi.READ, DesktopCentralCloud.restapi.UPDATE"
- Time Duration: “10 minutes”
- Scope Description: free text (could be anything)
For patch.managengine.com the URL and scopes need to be: patch.manageengine.com Scope: "patch.manageengine.com Scope: DesktopCentralCloud.restapi.READ, DesktopCentralCloud.restapi.UPDATE" for the adapter to work.
- A popup “Generated Code“ opens, click copy, and paste the code in a temporary file.
- In the tab “Client Secret“, copy “Client ID“ and “Client Secret“ to a temporary file
- Enter the values you’ve copied to the following command:
curl -X POST "https://accounts.zoho.com/oauth/v2/token?grant_type=authorization_code&redirect_uri=http://localhost/callback&code=<code>&client_id=<client_id>&client_secret=<client_secret>"
1. Execute the command on a linux machine (or windows with curl)
8. From the response of the command, copy the value of “refresh_token“ (might start with “1000.“), and save it to a temporary file.
Using OAuth Authentication
- In Axonius, add a new connection in the ManageEngine Desktop Central/Patch Manager adapter, and fill the following details:
- Domain - the domain of Desktop Central/Patch Manager (for cloud - use desktopcentral.manageengine.com).
- Port - the port of the domain (for cloud - 443)
- OAuth Client ID, OAuth Client Secret, OAuth Refresh Token - the values you copied to a temporary file
- OAuth Zoho Accounts URL - The relevant url for your Zoho account, from Refresh Access Tokens - APIs
Axonius will now fetch devices from Desktop Central/Patch Manager using OAuth.
The value supplied in User Name must have read access to devices.
To generate a password:
- From Desktop Central's web console, navigate to Admin -> API Explorer.
- On the left pane, click Authentication -> Login.
- Choose the authentication type as either Local authentication or AD authentication and furnish the user name and password.
- Upon execution, you will obtain a password along with the auth token.
This adapter was only tested with the versions marked as supported, but may work with other versions. Contact Axonius Support if you have a version that is not listed, which is not functioning as expected.
|ManageEngine Desktop Central 10.1.2121.1||Yes|
Supported From Version
Supported from Axonius version 4.4