FAQs Part 1
What software can be patched using 3PP?
A full list of software that can be patched using NinjaOne's 3PP is available in this documentation: Policies: 3rd Party Software Patch Management.
How can I install a patch if it is not available in NinjaOne?
A: If the Windows Update service on the device does not see the patch as available from Microsoft yet, this has to be done manually. If you do not want to wait for the device to be told by Microsoft it is available for that device, there are a couple of options:Run Windows update manually on the device(s) in an effort to catch the patch as soon as it is available—this may have to be done several times if the patch is still not available for that device.Download the patch from the Microsoft Update catalog and manually install it via command line or a custom script.
Can we add a survey form at the end of a ticketing workflow?
A: NinjaOne Ticketing does not have satisfaction surveys at this time; however, you can use a third-party company to generate links to surveys and send those via an automation. Alternatively, you can use ticketing forms to create a questionnaire that will display in the ticket. The question can be entered into the Title field, and the user or technician can enter the answer into the Description field. Make the field required to ensure user engagement.
Why does my Antivirus report show no information?
A: The following is some helpful information relating to the Antivirus reporting section under the Regular Report
Can reports be copied or duplicated?
A: Yes—existing reports can be copied and/or duplicated. Here are instructions.
Who has access to Custom Fields?
Access to Custom Fields can be granted to technicians/roles (including non-admin roles) using the new User Permissions feature.
How will Windows classify the patch/upgrade to Windows 11?
According to the Windows 11 overview article from Microsoft, the Windows 11 upgrade will be classified as a feature update:
When are scripts being queued?
Ad hoc (technician run) scripts triggered from the NinjaOne dashboard waiting for an offline device.
If I create a scheduled task with an end date, will the task automatically be deleted following the specified end date?
After the end date, the task will still be listed under Administration > Tasks, but it will be in a dormant state (it will no longer run on the specified devices).
How can I track changes that have been made to my AD users from within the NinjaOne console?
All Active Directory changes are logged in the Activity Feed. You can view these activities from the Activity Dashboard — Active Directory activities in particular may be filtered for using the Type(s) > Device > Active Directory filter.
How can I track changes that have been made to Custom Fields?
All Custom Fields changes are logged in the Activity Feed. You can view these activities from the Activity Dashboard. Custom Fields activities in particular may be filtered for using the Type(s) > Device > Custom Fields filter
How can I track changes that have been made to Documentation?
All Documentation changes are logged in the Activity Feed. You can view these activities from the Activity Dashboard > Documentation activities in particular may be filtered for using the Type(s) > Configuration > Documentation filter.
Can I force other users in my NinjaOne environment to set up MFA for their accounts?
All NinjaOne users are required to set up and use MFA by default.
What permission level is required in order to add or edit end users?
All system administrators have the ability to configure and edit end users. Custom users can also be granted access to add or edit an organization's end users under the Permissions settings in the user editor. A user with custom permissions will also need to have a minimum permission level of "View and Update" for Organizations.
What level of permission is required to configure maintenance mode?
All system administrators have the ability to configure maintenance mode. Custom users can be granted the ability to view, create, update, and delete maintenance mode configurations under the Permissions settings in the user editor. All custom users will be able to at least view maintenance windows that have already been configured on a device.
If I edit one of the custom scripts that I have used in a scheduled task, will the edits be applied to the script in the task? Or do I have to delete and re-add the script for the changes to be applied?
Any edits made to a custom script will be automatically applied to scheduled tasks that reference the script.
What levels of access are being granted when you approve a device?
Approving a device will enable NinjaOne to monitor and manage said device, install any integrated components, and grant access to the credential store.
What size and/or types of attachments can be uploaded to the Attachment field?
Attachment files currently have a 20-megabyte file size restriction. Additionally, attachment files can be any of the following file types: xml, html, pdf, log, csv, txt, zip, rar, tar, cab, jpeg, jpg, png, dot, wbk, doc, docx, rtf, xls, xlsx, ods, ppt, pptx, pps, ppsx, sldx, vsd, vsdx.
What is the difference between a basic template and full permissions template?
Basic templates have permissions set by default so that users have limited access whereas full permission templates by default are set to full access
Is BitLocker available on home editions of Windows?
BitLocker is not available on Windows 7 Home edition or Windows 10 Home edition.
What is the difference between full permissions and system administrator roles?
Branding (Website and Systray Icon), the Threats dashboard, and user administration can currently only be managed by system administrators. System events can also only be viewed by system administrators.
Who has access to Documentation?
By default, system administrators have access. Access to Documentation can be granted to technicians/roles using User Permissions.
Can I create an end user that has access to devices to multiple organizations?
Creating a global end user allows you to grant the end user access to devices across any of your organizations. While you cannot select specific organizations to grant a global end user access to, you can select to grant them access to only the devices under specified organizations.
Can I share credentials across organizations?
Credentials are stored per organization. If you have the same credentials across multiple organizations, these credentials will need to be added to each organization separately.
How are credentials transmitted to a node and stored securely?
Credentials are transmitted to a node in an encrypted fashion. When the NinjaOne Agent needs to use the credentials, they will be decrypted, used, and then thrown away (leaving only the encrypted version).
Can I configure different health statuses for different Ninja organizations?
Currently, health statuses are configured at the account level and will be universal across all organizations.
Who has access to Active Directory User Management?
Currently, only NinjaOne system administrators have access to Active Directory User Management.
Which NinjaOne users are able to configure, view, and manage NinjaOne Backup?
Currently, only NinjaOne system administrators have the ability to enable or disable NinjaOne Backup. However, custom users can be granted different levels of NinjaOne Backup permissions—check out our NinjaOne Backup: Setup Guide for more information about granting these permissions.
Can I choose the file format in which the report is exported?
Currently, reports can only be generated and exported into a .pdf format. That said, you can generate CSV exports with information about your devices from the Search tab - for more information about this, please see Search and Grouping.
What are the requirements for a machine to be selected as the delegate for Hyper-V monitoring?
Delegate machines must have the NinjaOne agent installed, be online and connected to the NinjaOne console, belong to the organization you are attempting to add a host to, and have Hyper-V installed. Hyper-V can be installed/enabled on Windows servers, or on Windows 10 machines.
Is there a session time out for end users?
End user sessions will have a 48-hour session time out. If the end user does not select the 'Remember me' option upon logging in, their session will also be terminated whenever they close their browser.
Is the mobile app available for end users?
End users cannot currently use the NinjaOne mobile app. The mobile app is available for technician users only.
Can users create their own boards?
End users cannot make their own boards, but technicians with the proper permissions can; click here for instructions.
How often do end users need to validate their session with MFA?
End users need to enter an MFA code upon each log in.
How can I reset an end user's password or MFA?
Find the user whose password or MFA you'd like reset (either under the organization editor for an organization-specific end user, or under Configuration > Accounts > End Users), click 'Reset', and choose either 'Password' or 'MFA' from the drop down menu.
What is the timeout duration for MFA codes?
For app-based MFA, the timeout is dependent upon the specific authenticator app that you use. For SMS-based MFA, the timeout is between 3 and 6 minutes.
Who can configure health statuses?
For legacy permissions, only system administrators have the ability to configure health statuses. For new User Permissions, the ability to set health statuses is a permission that can be assigned to particular roles/technicians.
Does MFA still need to be configured if SAML/SSO is enabled and configured for an account?
For security purposes, MFA is still required with accounts using SSO for high-risk transactions and initial sign-in. The first sign-in with MFA sets your session cookie.
How can I see how many devices have installed or failed to install a specific patch?
From the organization or system dashboard, hover over the Software tab at the top of the page. Here you will see a dropdown with a list of the different statuses of software (Pending, Approved, Rejected, Installed and Failed). Clicking on any of these options will open a list of software patches in the respective status. The number listed under the Devices column is a hyperlink — clicking this link will route you to a list of the respective devices.
Will the BitLocker key be displayed for flash drives or other removable drives?
If a flash drive or other removable drive is plugged in, NinjaOne will display the BitLocker key. However, if the flash drive or other removable drive is removed, NinjaOne will no longer be able to display the key.
Does responding to a ticket change the status?
If a public comment is added to a ticket in a "Waiting" status, it will update to "Open". Otherwise, the status must be updated manually.
How can I change the Organization my end user belongs to?
If a user has been configured to only have access to a single Organization, their account will need to be deleted and reconfigured to make this change. Alternatively, you can create a Global End User by giving access to All Organizations which will allows you to add/remove device access for devices in any Organization in your environment at any time.
How does NinjaOne determine access level when multiple roles are assigned which conflict?
If multiple roles are assigned to a technician, the most permissive role wins. For example, if one role grants "view" permissions, and another role grants "update" permissions, that technician will gain "update" permissions.
I cannot see my key anywhere in NinjaOne. Why is this the case?
If the BitLocker key is stored in TPM we will not be able to display in NinjaOne at this time.
If an organization for a ticket changes due to an automation, what happens to the assigned user/requestor?
If the assignee does not have access to the organization to which the ticket was moved, then the assignee will be removed, and a new assignee must be manually added.
What happens if I delete a credential that is referenced as a default for an organization or device?
If you delete a credential that is referenced as a default for an organization, the default for that category will change to 'Disabled' until another credential is assigned as a default in its place. If you delete a credential that is referenced as a default for a particular device (as an override), the default for that category will revert back to the organization default.
What will happen to the devices under a location if I delete a location?
If you delete a location, the devices will be reassigned to the default location for the organization.
If I disable the Allow Groups option in the Details tab, what target options will be available?
If you disable the Allow Groups option, you will only see the Organization or Devices options for the target.
I use Authenticator App (time-based) MFA only, and I no longer have access to the device I use to authenticate. There are also no other system administrators in my NinjaOne environment. How can I get back into my account?
If you saved the numerical key listed below the barcode when you originally set up time-based MFA, you may use this key to set up MFA using a new device. If you do not have access to this key, please contact NinjaOne Support.
Are backups from pre-NinjaOne Backup accessible?
If you were using a different backup solution, such as Cloudberry, then NinjaOne will not be able to access that backup/data/information after NinjaOne Backup is enabled.
What happens if my credentials are invalid?
If your credentials are invalid, the action you are attempting to run using those credentials (running a patch management application cycle, running a script, initiating an RDP session, etc.) will fail.
How do device down conditions work for Hyper-V monitoring?
In situations where just the host goes down, the device down condition from the Hyper-V Host policy will trigger (if configured). In situations where the delegate goes down (and in turn the host goes down), the device down condition from the Windows Server/Workstation policy will trigger (if configured). Therefore, we recommend configuring device down conditions both for the delegate (under the Windows Server/Workstation policy) and for the host (under the Hyper-V Host policy).
Is there an audit feature in each ticket? In the ticketing system?
In the ticket, you can filter to view "System Activity".
What happens when a user who previously had explicit permissions is added to a role?
In this case, the role permissions overwrite the previous explicit user permissions.
When using YubiKey with the mobile app, device does not require MFA. Is this a security issue?
It is likely that you have a valid session with a registered device, in which case this is expected behavior. When you log out on the device and it disassociates from your account, you will be prompted for MFA the next time you log in.
Is it possible to restore a deleted script?
It is not possible to restore deleted scripts. Deleted scripts need to be recreated.
What is the recommended time to allow between scan and apply cycles when setting up my 3PP policy settings?
It is recommended to separate the scan and update schedules by at least an hour (or more) to allow enough time for the one action to complete before the other starts.
Can I have a Windows patch scan and update cycle scheduled to run at the same time?
It is recommended to separate the scan and update schedules by at least an hour (or more) to allow enough time for the one action to complete before the other starts. However, if you do schedule your scan and update cycles to run at the same time, or if an apply cycle starts before the scan cycle has had the chance to complete, the scan is skipped or terminated, and the update cycle will take priority.
Can I access mapped drives from File Explorer?
Mapped drives are not accessible and will not show up in File Explorer.
Why are locations mapped differently for NMS devices than for workstations?
NMS uses a different entry for devices, so you could have an NMS entry for a workstation and a regular agent for workstation. Each of these is separate and agnostic of each other.
Does NinjaOne always save the permissions for a file/folder or is this optional?
NTFS permission backup is optional and can be activated at the policy level under Backups > Folders.
What permissions does a new technician have by default?
New technicians have no permissions by default—they must either have permissions explicitly configured or be assigned to a role in order to access anything in the NinjaOne platform.
Can Ninja monitor SANs for RAID health status?
Ninja supports Dell and Hewlett Packard (HP) RAID controllers for monitoring purposes. See Policies: Condition Types Breakdown for more information.
Whose technology do you use to power NinjaOne Backup?
NinjaOne Backup is a proprietary backup solution built in-house by NinjaOne engineers.
Which versions of Windows does NinjaOne Backup support?
NinjaOne Backup supports Windows 8 and newer, and Windows Server 2012R2 and newer.
What type of backups does NinjaOne Backup run?
NinjaOne Backup uses incremental block-level backup technology, which copies only modified parts of the files or backup.
Are NinjaOne Backups immutable?
NinjaOne Cloud Backups can only be trimmed by our retention tool and customer delete requests. With the 5.4 release, multi-factor authentication is required to delete as well as hold data for 3 days.
How can I export ticket information to a CSV?
NinjaOne Ticketing information can be exported either from a board or at the Org or Device-level Ticketing dashboards. Clicking Export provides the options to Export Tickets Only, Export Tickets With Public Comments, or Export Tickets With All Comments.
Can I create a "parent" ticket to add tasks to?
NinjaOne Ticketing is not designed for product management at this time; however, "incident" tickets can be attached to a ticket labeled as a "problem" for a workaround. Click here for instructions.
How do I update Microsoft .NET Desktop Runtime?
NinjaOne does not currently patch .NET Runtime via WPM or 3PP. However, you can find alternatives here.
How long does NinjaOne keep the BitLocker key if a device has not been connected for an extended period of time (e.g., one year)?
NinjaOne does not delay any data unless specifically requested, so if the device still exists in NinjaOne and BitLocker is enabled then the associated data will be available until the device is removed.
Does NinjaOne test Ivanti updates before making them available? If so, what and how exactly do they test? Are the updates perfectly safe when installed?
NinjaOne does not test individual updates. We validate the signature on the file as well as the publisher, but we do not test the functionality of the software.
Does NinjaOne officially support bash scripts?
NinjaOne does support bash scripts; however, it is not part of the scope of the Support team to troubleshoot customer scripts (i.e., if the root of the problem is the script itself).
Where are the ticket file attachments stored, and are they encrypted?
NinjaOne encrypts all data in transit and at rest and stores its data with AWS (Amazon Web Services).
How is data for the Secure field option stored?
NinjaOne implements the encryption technology of a cluster of Hardware Security Modules (HSM) in each of our environments. These HSM clusters are used to generate unique data encryption keys (DK) for each account, which are then used to encrypt and decrypt all secure notes, secure fields, and credentials. Additionally, system administrators are required to re-authenticate with MFA in order to access data from Secure fields.
Does the system automatically free up disk space following a backup?
NinjaOne retains enough information to ensure that all revisions can be restored. There may be "phantom" revisions retained until the revisions that depend on them are phased out. For more information, please refer to Ninja Backup: Image Backup Plans.
How often is device information updated in the NinjaOne application?
NinjaOne sends payloads every 60 seconds to request updated information from the device. You will see these payloads in the Agent logs.
What configuration within NinjaOne is required in order for my AD domain controller to be recognized as such in my console?
NinjaOne will automatically detect if a device is an AD domain controller (either primary or backup) — no further configuration is required.
I recently enabled BitLocker on a machine, but it is still showing as disabled in NinjaOne. Why is this the case?
NinjaOne will not display BitLocker as having been enabled until the encryption process has fully completed on a device, which can take some time. Once the device is fully encrypted, NinjaOne will display BitLocker as enabled for the machine.
Does 3PP through NinjaOne support Mac and Linux devices?
NinjaOne's 3PP currently only supports Windows devices. However, we do have native scripts that can be used to update both Mac and Linux devices.
Can NinjaOne back up a machine running Microsoft SQL Server?
NinjaOne's Image Backup type can integrate directly with Microsoft SQL and its VSS Writers that are installed when the SQL server is installed. NinjaOne takes an Image Backup of a machine running SQL server.
Is the NinjaRMM agent compatible with Windows 11?
NinjaOne's QA team has performed testing with the NinjaRMM agent and its integrated components on both new and upgraded installations of Windows 11, and it has been added as a supported OS to our System Requirements and OS Support documentation. Please reach out to Support if you encounter any issues.
Will scripts be queued which couldn't run during scheduled tasks?
No - They're cancelled before a script/automation is run and an activity is logged in the feed against the device.
Is there a limit to how many locations you can create under an organization?
No Limit under org
How long will these scripts be in the queue?
No time limit/indefinite.
If I reject a software patch, will this prevent newer patches for that software from being approved in the future?
No — each patch has a specific ID. By rejecting one patch, you are only rejecting that specific patch ID.
Do end users have access to NinjaOne via the mobile app?
No — end users are unable to login to NinjaOne via the mobile app and must access NinjaOne via a web browser.
If I select a group and an organization as a target for a scheduled task, and there are devices that belong to both the group and the organization in question, will the task be run twice on these devices?
No — even if a device appears more than once in the target list, the scheduled task will only be run once.
Can I add a user to my AD domain controller from within the NinjaOne console?
No — users must be added from locally within the domain controller.
Will an entry appear under a device's Health dashboard if a maintenance window has been configured for the device, but not yet started?
No — you will not see an entry regarding maintenance mode in a device's Health dashboard until the maintenance window has started.
Can I install and use more than one agent on a single device at the same time?
No —You can only install one agent on a single device.
Does NinjaOne Backup support Linux?
No, NinjaOne Backup does not support Linux at this time.
I have wiped devices out and I want to re-add them to my NinjaOne Dashboard afterwards. Should I reject them?
No, in this case you will need to delete the NinjaOne agent from the Device Overview > Settings > Delete button on the top right. The method used by NinjaOne to reject a device is made to recognize a device even if it's been wiped out.
Are ticket resolution times affected by business hours or ticket status?
No, ticket resolution time counter runs 24/7 until the ticket is closed and/or resolved.
Can an end user opt to have NinjaOne provision a device for RDP access?
No. A NinjaOne administrator will need to provision a device for RDP access in order for an end user to be able to successfully connect.
Can software applications be updated when they are still open?
No. Applications must be closed to fully apply an update. If an application is still open when NinjaOne attempts to install an update, the install will fail and the following error will appear in the activity log: "One or more products failed to update due to application running state."
Can MFA be disabled for a user or account?
No. MFA is required for all NinjaOne user accounts and cannot be disabled.
Is the Pending Tickets board available in the mobile app?
No. The Pending Tickets board is only visible within the web application.
Can the location of the NinjaOne agent files be changed locally on the device?
No. The location or name of the folders containing the NinjaRMM cannot be changed or customized at this time.
What happens when I generate an installer with a location and then delete the location? Can I still use this installer?
No. When the location is deleted, the agent will try to register to a location that doesn't exist. The agent will attempt to install but it will be uninstalled due to the location being unknown. It is best to create a new installer.
Is the mobile app compatible with my branded site?
No; NinjaOne's mobile app is not currently compatible with custom branded sites.
Will changing permissions cause revisions?
No; Only the latest permissions for all files/folders in the Backup job are retained.
Can I monitor devices that cannot connect to the internet?
No; The NinjaOne agent requires an internet connection to report back monitoring information to the NinjaOne application
Do we need to deploy a new agent to existing machines because of a release or hot fix?
No; devices automatically receive new agent information when they come online and communicate with NinjaOne.
Can custom fields be locked so that only CLI from an admin portal can read or write to them, but the local terminal cannot read them?
No; the only option would be to disable the automations so that devices cannot access them at all.
I cannot find Node Approval access in User Permissions. Where is this permission located?
Node Approval is built into the Organization permissions.
Is it possible to read data from a custom field attachment through a script?
Not at the moment; however, NinjaOne is working on developing API endpoints for this.
Can I configure my Windows patch management settings to prevent Windows Defender from deploying patches (such as definition updates)?
No—NinjaOne's Windows patch management tool cannot disable Windows Defender from deploying patches.
If I grant a technician access to one organization and all devices, will they be able to see all devices (outside of that organization as well)?
No—entities are restricted to the organization(s) a technician has access to. In the scenario above, the technician would only have access to the devices under the organization that they have access to.
If technicians use SSO as their authentication method, are they able to reset their NinjaOne password?
No—once the authentication method for a technician gets set to SSO, they will no longer have the option to reset their NinjaOne password.
What happens if a targeted device is offline when the scheduled task runs?
Offline devices will be skipped when a scheduled task runs. If that task is set to run on a recurring schedule, then it will run on the device on the next scheduled date/time. Offline devices will not make up a missed scheduled task upon coming online.
How is the NinjaOne backup tool protected against ransomware?
Once NDP backs up the data to the Cloud, that data is then completely inaccessible except for restores. Please note, it is up to the customer to protect their local storage.
Can custom users add Hyper-V hosts to organizations?
Only system administrator users have the ability to set up Hyper-V monitoring. Custom users will not be able to see the Virtualization tab under the organization editor.
What level of permissions do I have to have to approve a pending device?
Only system administrators in NinjaOne can view pending devices and change the approval status for devices.
I use SMS-based MFA only, and I no longer have access to the phone number associated with my NinjaOne user. There are also no other system administrators in my NinjaOne environment. How can I get back into my account?
Please contact NinjaOne Support.
What is the expected CPU, memory, and bandwidth load for the NinjaOne agent?
Please see benchmark metrics for the NinjaOne agent below. These metrics were compiled based on the resource consumption of an agent at rest on a system with two 2.3GHz CPU's and 8GB RAM. The agent CPU, memory, and bandwidth load vary based on the actions and tasks being executed on the NinjaOne agent.
How can I assign a device as a documentation delegate for an organization in order to allow documentation fields to be updated via CLI/scripting?
Refer to Custom Fields and Documentation: CLI and Scripting.
What user do the Remote Tools run as?
Remote Tools run as System on Windows, and Root on Mac.
Can I run reports for each location under an organization separately?
Reports can only be run per organization and cannot currently be separated per location.
How are total numbers of installed, approved, pending, or failed patches calculated in the patch compliance report?
Reports show the total number of OS Patches and Software Patches. Users should add Dashboard > Patching > OS or Software > Installed to show that the UI value matches the value displayed in report.For Approved Patches, users should add Dashboard > Patching > OS or Software > Approved.
Will scripts be queued which couldn't run during scheduled automations?
Scheduled Automations and Scheduled Tasks will not execute unless the device is online at the time the action is scheduled
If I create a Scheduled Task to end after a single occurrence, can I "re-use" this task by modifying the occurrences to end after?
Scheduled Tasks cannot be rescheduled if a task was initially saved to stop after one occurrence. In this case, you won't be able to reuse this task and apply a different schedule onto it.
What is the difference between Scheduled Scripts and Scheduled Tasks?
Scheduled scripts/automations are run on all devices under a policy, while scheduled tasks are detached from policies and can be run against organizations, particular devices, or groups.
What permissions does a NinjaOne user need to be granted in order to view or create Scheduled Tasks?
Scheduled tasks are only available for system administrators. If a user has custom permissions, the Tasks tab will not be visible under Administration.
How can I tell the current priority for a process under the Task Manager/Activity Monitor/System Monitor?
Select the process and then click Change Priority. The priority that is listed by default is the current priority assignment for the process.
What happens if I attempt to issue a reboot via a custom script?
Since the NinjaOne Agent is not able to plan for reboots issued via custom scripts, doing so may cause issues with the agent. To resolve the issue, the custom script in question should be either deleted or modified to remove the lines in the script that issue a reboot. NinjaOne's native reboot script may be used to issue reboots on machines.
Why can't I see the Getting Started page when using my branded site?
Since the branded site is geared towards your end users, the Getting Started page (which includes numerous links to NinjaOne's Community page) is not available here. However, it is still available in your non-branded NinjaOne app.
How can I ensure that unwanted software is not being installed on my endpoints?
Software will only be installed on managed devices if the Install option is set to "Yes", or if the installer for that software is overridden to be approved when found in a scan. Make sure that you have selected "No" for the Install option when configuring the Products section of your Software policy settings for any software that you do not want to be installed on managed endpoints.
One of the other users in my NinjaOne environment no longer has access to their MFA authentication method(s). Can I reset MFA for them?
System administrators are able to reset MFA for other users in their NinjaOne environment. To do this, navigate to Configuration > Users, and click Reset > Reset MFA for the user whose MFA you'd like reset. The user will then be prompted to set up MFA again upon their next login.
What remote access tools are currently available via the mobile app?
TeamViewer (Automatic), Splashtop, NinjaOne Remote, and Cloud RDP (BETA) are currently available via the NinjaOne mobile app.
Why can't I see the play/action button icon in the top right corner of the screen when I navigate to a device?
The Action button will not be visible when a device is offline. Please refresh your app and check whether the device in question is currently offline.
What values are being displayed for CPU and memory for Hyper-V Guests?
The CPU value displays the ratio of the vCPUs assigned to this Hyper-V Guest machines vs. the overall CPU resources available the at host level. The Memory value displays the memory allocated (static number) by the Hyper-V Host to this Guest machine.
When attempting to cancel a task on Android, is the cancel button to close the window or cancel the job that is currently running?
The Cancel button will cancel the action. To go back, select the Back softkey on Android.
How do I control the permissions technicians are granted for new organizations/policies/etc.?
The Default Access permissions determine this. For example, if the Default Access permissions for Organizations is set to 'No Access', the technician will not be granted access to any newly created organizations.
Does the History tab within Organizations > Devices > Discovery jobs display a record of all the jobs that have run, or just those that have found devices?
The Discovery Jobs History tab displays jobs that found devices (approved or rejected). However, the Activity feed will indicate that a job was run, regardless of whether any devices were discovered or not.
Why can't I change the location that a Hyper-V guest belongs to?
The Hyper-V guest's location assignment is derived from the Hyper-V host's location. If you would like to change the location for the Hyper-V guest, you'll need to change the location for its host.
Why can't I change the organization that a Hyper-V host or Hyper-V guest belongs to?
The Hyper-V host's organization assignment is derived from the delegate's organization. The Hyper-V guest derives from the Hyper-V host. If you would like to change the organization for the Hyper-V devices, you'll need to change the organization for their delegate.
Can I access my branded site from the Ninja mobile app?
The NinjaOne mobile app is not currently compatible with branded sites.
Why is the action/play button not visible when I have a device linked to a ticket?
The action button is only visible on tickets that has an assigned technician. This button is not visible when viewing tickets that a technician has not been assigned.
How often does the information in the Remote Tools update?
The data in NinjaOne's Remote Tools updates automatically in real time.
Is the date shown in the Solved Time column referring to when the ticket entered a Resolved status or a Closed status?
The date is recorded when the ticket enters the Resolved status.
How does NinjaOne's Windows patch management tool work?
The executable for NinjaOne's patch management tool is located in the installation directory of the NinjaOne agent. This executable handles the detection and installation of patches via the Windows Update Agent API. Depending on policy configurations, up to three scans will run during a typical WPM scan cycle: A scan for recommended updates that includes everything under Important in the Approvals section of the OS patching policy settings. A scan for the Optional updates and Feature Updates (if enabled). A scan for Drivers (if enabled).
What happens if I delete a script that is referenced in a scheduled script or task?
The script will no longer be referenced in the scheduled script/task(s).
Why can I not use the search field in the Unassigned Tickets board to look for tickets by type/requestor/organization?
The search field only works for ID and Subject. All other data can be filtered using the available drop-down lists next to the search field.
Is there a limit to simultaneous connections in Ninja Remote?
There is a max limit of three simultaneous connections on any given device, but all of the technicians can have Ninja Remote access.
Can I add additional custom fields to the Help Request Form in the systray icon?
There is not currently a way to add additional or custom fields to the Help Request Form.
Is there a way to import credentials from ITGlue (or another source)?
There is not currently a way to import credentials — they need to be entered manually.
Can I pass credentials to a device on the fly?
There is not currently an option to pass credentials to a device ad-hoc. Credentials must be stored under an organization's credential list to be used.
A specific patch with known issues has been found in a scan and approved. How can I prevent it from being deployed in my environment?
This can be accomplished by navigating to the system dashboard. Navigate to Software > Approved, and check off the patch in question, and choose 'Reject for Policies'. Alternatively, if the patch has not yet been found in a scan, to make sure the patch is not auto-approved ensure that both Critical and Recommended patches are set to 'Manual' approval under the Products section of your Software policy settings. This will place patches into a pending status and allow you to manually approve or reject them from there.
Is it possible to split or merge a ticket?
This can be accomplished in one of two ways: From a NinjaOne Ticketing board, simply select the checkbox(es) next to the ticket(s) you wish to split or merge. Or, from directly within a ticket, select the ellipses in the upper-right and choose whether to split or merge the ticket.
How can I remove a Hyper-V host (and the associated VMs) from my NinjaOne environment without deleting them from the Hyper-V server?
This can be done by removing the Hyper-V host within the organization settings. To do so, navigate to the organization editor for the organization that the Hyper-V host in question is under, select the 'Virtualization' tab, and then remove the listed host. This will break the link between the monitoring delegate and the host, which in turn will remove the host and associated VMs from your NinjaOne environment.
Where does the data in the Reboot Required field come from when viewing the list of Pending/Approved/Rejected patches?
This data is pulled directly from the Microsoft Update Catalog data for each patch.
Why am I getting "Sync with server" error?
This error indicates the device was not successfully registered for notifications in NinjaOne. Please sign out and sign in again, as this may resolve the issue. If the issue does not resolve, please reach out to NinjaOne Support.
What version of PowerShell is used by NinjaOne automation?
This is dependent on what version of PowerShell is natively installed on the agent the script is being run on. The agent determines the executing PowerShell version, rather than NinjaOne. Typically, PowerShell 2 and above is used—but any exceptions are outlined in the script notes.
How does NinjaOne determine whether a device is a workstation or a server?
This is determined by the device's OS.
I'm trying to add a new host, but I can't click on the 'Add' button — why?
This is likely because you have not yet successfully tested the host. Click 'Test' and ensure that you see a message indicating success in the bottom left corner of the window.
A user is getting a "Not Authorized" error when trying to sign into the Mobile App (shown below). Why?
This may occur if the user attempting to log in is an end user, rather than a technician. At this time, the mobile app is only available for technicians. If you have a technician NinjaOne account and are encountering this error, please reach out to your system administrator so that they can review your account permissions.
I'm trying to grant an end user TeamViewer access, but I don't see it as an option — why?
This may occur if you do not currently have TeamViewer configured for your NinjaOne account. Check out TeamViewer: Setup Guide (Automatic) for information on configuring TeamViewer.
For reboot prompts triggered by Ninja and the Systray icon, the display language will default to the one of the OS; however, is there a limit for how many languages these prompts are translated to? if so, is there a way to know the translated languages?
This specific message (and its variations depending on if the reboot will happen in a certain amount of time or something) is available in all the languages we support so English, German, French, Spanish, Italian, Dutch, Swedish, Norwegian, Danish, Portuguese, Polish and Russian. We only support these languages so I don't foresee any other translation being added.
What does the "Take Screenshot" option take a screenshot of (from the Help Request Form in the systray icon)?
This will automatically take a screenshot of the user's entire screen.
Where are ticketing reports located?
Ticketing reports are located under our regular reporting module—check out Reporting: Types of Reports for information about the report types available.
Can we solve and reply to tickets in bulk?
Tickets cannot be resolved in bulk at this time, but incident tickets will be grouped together in their own tab on the problem ticket page so you can access them all in one place.
How do I prevent a certain patch from installing on my devices?
To prevent a patch from installing on your devices that has not yet been found in a scan, a preemptive rejection for the KB can be added at the policy level or the global level. Alternatively, if a patch has already been found in a scan, you can manually reject it for your device(s)/policies.
How can an ad-hoc scan or apply cycle be run on multiple devices?
To run an ad-hoc scan/apply cycle on multiple devices, navigate to the Device Search tab. Here, you can filter for certain devices or simply check off the devices you'd like to run the scan/apply cycle on. Hover your cursor over Run at the top of the list, and then select Software Update > Scan or Apply. If this option does not appear, make sure that all the devices you have selected are online and have 3PP enabled.
I lost my FIDO security key. How can I access my account?
Upon attempting to log in, select a primary method of authentication (Authenticator App or SMS) from the drop-list. You can then delete your FIDO key under your user settings.
Can a report be run ad-hoc, without having to set a schedule?
Upon creating a new report, you can set the Recurrence settings to "Never", which gives you the ability to run that report only as needed (rather than on a set schedule). For more information about creating reports, please see Reporting: Create and View Reports.
Should users be prompted to authenticate with MFA upon each login?
Users will be prompted to authenticate with MFA upon the original login. From there, users will not be prompted for MFA if they close the app and reopen it until the configured MFA global administrative idle time is met, at which point they will be prompted again for MFA. If users sign out of the app, they will be prompted to authenticate with MFA with log in when the app is next launched.
Can I upload a script to run against both Mac and Windows devices?
We do not support scripts running against multiple platforms. However, a script can be uploaded for both Mac and Windows platforms separately.
For 3PP patching there is an option for Apply Immediately on the scan schedule. When apply immediately is selected, I have noticed that the activity feed only shows when the apply patch is running and not showing the scan being run. Is this intended?
We run a scan cycle before an apply no matter what to ensure we are getting the latest information. If the Apply Immediately option is set, we just skip the scan cycle and go straight to the apply cycle as there is already a scan built in. The apply cycle has built-in scanning before and after apply. But we just don't display scan as it's part of the apply cycle.
What method of encryption is NinjaOne using for the credential store?
We use AES-256 encryption.
How does NinjaOne know what to patch?
When Microsoft releases a new patch, it is distributed through Service channels. If the device is able to detect the update in question during a normal, local update scan, NinjaOne would be able to detect those patches during the next patch management scan as well. If the device cannot detect the patch, then NinjaOne does not display it either, as NinjaOne utilizes the results and data from Windows Updater. NinjaOne only detects patches if they are available when a Windows Patch scan is run. It is important to note that when running a patch scan locally on a device, doing so bypasses any Windows patch management policy settings configured in Ninja (so, patches would not be either approved nor rejected according to the configured policy settings).
What happens to a device when it is rejected?
When a device is rejected, it will first delete the device from your NinjaOne console. This triggers a command to uninstall the NinjaOne agent. Simultaneously, it will also prevent NinjaOne from being re-installed on the device in the future (unless the rejection is cleared).
Does suppressing features such as patching, integrated AV scans, or scripting with maintenance mode suppress only scheduled instances of those actions, or are ad-hoc actions also suppressed?
When an action is suppressed via maintenance mode such as patching, integrated AV scans, or scripting, both scheduled and ad-hoc instances of these actions will be suppressed.
Why am I only seeing a few users when I try to add a user to a ticket?
When an organization is selected, only users who have been granted access to that organization via permissions or roles can be added to the ticket. A technician, end user, or contact must be associated with an organization if one is added to the ticket.
Will my script run as System or as Current User?
When you run a script on a device (whether it be via scheduled task, scheduled script, or ad hoc), you will be prompted to specify whether you wish to run the script as system, the current user, or using credentials available via your credential store.
Can I delete a user from my AD domain controller from within the NinjaOne console?
While users can be disabled from within NinjaOne's Active Directory User Management feature, users cannot be deleted.
With the File Explorer/Finder/Files, can I download multiple files at once?
While you cannot initiate multiple files to begin downloading at once (for example, check off multiple files and then click Download), and as such the downloads need to be started one by one, you can have multiple files downloading at the same time.
Can I use my pre-existing TeamViewer login with End User Sharing?
With TeamViewer Automatic mode (which is the TeamViewer mode compatible with End User Sharing), a TeamViewer login is not needed, as connections are made directly within NinjaOne and the license is sent through the API. Please do not attempt to use a pre-existing TeamViewer account with these connections.
Can the organization settings (such as Policies, TeamViewer, and Splashtop) be set per location?
With the exception of policies, the same organization settings will apply to all locations under an organization
Are headless systems supported?
Yes — NinjaOne supports headless VMs and physical systems.
When I delete a VM from the NinjaOne UI (either from the Hyper-V host's VM List, or from the Hyper-V guest), does this delete it from the Hyper-V server?
Yes — VMs deleted from the NinjaOne UI will also be deleted from the Hyper-V server.
Can I view instances of changes made via any of the Remote Tools?
Yes — all activities pertaining to Remote Tools will be logged within the Activity Feed.
Is communication between NinjaOne servers and the NinjaOne agent encrypted?
Yes — all communication between NinjaOne servers and the NinjaOne agent is encrypted.
Do end user invitations expire?
Yes — end user invitations expire after 24 hours. If the end user does not accept the invitation and register for their account within the 24-hour window, a new invitation will need to be sent. This can be done from the listing for the end user in question (either under the organization editor for organization-specific end users, or under Administration > Accounts > End Users).
Can an end user reset their own password or MFA, or update information such as their email or phone number?
Yes — once logged into their account, end users can click on the silhouette icon in the top right corner of the page to make changes to their own profile. From here, they can change their name, email, phone number, or language. They can also reset their password and MFA method, or configure additional MFA methods.
With the File Explorer/Finder/Files, can I upload multiple files at once?
Yes — simply select the files you wish to upload. Once initiated, a progress bar will be visible until all file uploads are complete.
If a device is in a 'Pending' state, is NinjaOne installed on the device?
Yes — when a device is in a pending state (prior to being approved or rejected), the NinjaOne agent is installed, but any integrated components will not be installed, and NinjaOne will not be monitoring or managing the device.
If software is installed/uninstalled while a device is in maintenance mode, will 'Software added/removed' notifications be sent after maintenance mode is disabled?
Yes — when software is installed or removed while a device is in maintenance mode, a notification will be sent for these activities after maintenance mode is disabled.
Can I pull a report to show all successful or failed backups?
Yes! Create a summary report (global or organizational) and use the Backup Summary template. All successful and/or failed backups will display in the Backup History section. You can refer to this article to learn how to create a report.
Do NinjaOne users need to be created in NinjaOne first in order to be used with SAML, even when SSO/SAML is configured with an IdP?
Yes, NinjaOne user accounts cannot be created by third-party sources. They need to be created in NinjaOne first and then have SSO enabled per each individual account.
If I edit a script in the library, will this change propagate to existing scheduled scripts and tasks?
Yes, any edits made in the script library will be propagated to any scheduled scripts/tasks that currently reference the script.
Are the in-app banners that Ninja posts visible in my branded site?
Yes, in-app banners are visible in branded sites.
Can you schedule tasks for Mac devices?
Yes, tasks can be scheduled for Mac devices. However, the selected scripts for the task need to be compatible with the device type (scripts for Windows devices will fail on Mac devices).
Can a technician be added to multiple roles?
Yes, technicians can be added to multiple roles.
Can technicians log into branded NinjaOne sites with SSO?
Yes, technicians using Single Sign-on authentication are able to sign into a branded NinjaOne site. No additional SAML configuration is required.
Will the option to 'Submit Help Ticket' be included under the "?" logo in the top right corner of my branded site?
Yes, the 'Submit Help Ticket' option will be included under the "?" logo in the branded site if the "Help" option is enabled.
Is the e-mail field a required field in the Help Request Form?
Yes, the e-mail field is required, and must be in x@x.x format.
Is there a character limit for new categories that I create?
Yes, there is currently a 50-character limit for category names.
Is it expected behavior to enable the notification option every time you log in to the mobile app?
Yes, this is as designed. If you are signing out manually in the mobile app, the NinjaOne system unregisters your mobile device so that notifications will not be pushed to your device. This should not occur if you are logged out due to session expiration.
Does NinjaOne utilize background updates for Office 365?
Yes.
When health statuses are customized, are these settings applicable to the entire account?
Yes. The health statuses are configured at the account level and therefore are the same for all users.
I use SAML/SSO to log into NinjaOne. Can I log into the mobile app?
Yes. The mobile application supports SAML/SSO if it is configured for your NinjaOne account and user.
Can I restrict or assign scripts to specific users?
Yes; Restrictions to scripts can be managed through categories and permissions
Can I reset alerts through the mobile app?
Yes; if you swipe an active alert in the mobile app, you will see options to either view the device or reset the alert.
When a user sends or responds to a ticket via email and includes an attachment, where is the attachment stored? Will it appear in the ticketing system?
Yes; in the ticket, the technician can click on the attachment to view it. It is stored in the server.
Can I view devices' Custom Fields data in CSV format?
Yes—Custom Fields data can be included in a CSV export. This can be done from the Search page. Filter the device list as needed and then click Export > Export With Custom Fields.
Does a scan cycle run immediately prior to an application cycle occurring?
Yes—during a Windows patch management apply cycle, a scan is also run prior to the application of updates
Do text fields have any character limits?
Yes—multiline fields have a 10000-character limit. Text fields have a 200-character limit. Secure fields have a character limit of between 200 and 10000 characters (as configured in the Advanced Settings for the field).
Can I receive notifications based on the value of a field (or multiple fields)?
Yes—see Policies: Conditions for information about the Custom Field condition.
Can I edit a pre-existing report?
Yes—this can be done by navigating to Administration > Reporting. Then, hover your cursor over the report you would like to make changes to and select Edit.
Are scripts encrypted when they are transmitted from NinjaOne to an endpoint's local library?
Yes—transmission of a script from the server to the agent is encrypted, like all other communications between the Ninja servers and Ninja agent.
Can I view and edit the built-in scripts/actions?
You can currently only view and edit the scripts that you created. The native scripts that NinjaOne provides by default cannot be viewed or edited.
How can I back up different servers under the same organization in different ways—such as one server with full image and one with file/folder?
You can do this through device level overrides, which allows you to assign different policies to devices that share the same organization. See Policies: Change Device Policy for more information.
How do I reassign the location for NMS devices?
You can reassign the location for the server that is hosting the NMS agent. This will automatically reassign the location for all NMS devices that are being monitored under the server's NMS agent via network discovery.
Is it possible to run a report with the amount of time spent by specific technicians on a ticket?
You can use an API for this; please refer to some helpful resources from our NinjaOne team members below
I am getting an error when attempting to log in, even though I am certain that I am using the proper credentials. Why?
You may be attempting to log in to the incorrect instance—depending on whether you use app.ninjarmm.com, eu.ninjarmm.com, oc.ninjarmm.com, or ca.ninjarmm.com for the Web app, ensure you've selected the US, US2, EU, OC, or CA instance of the mobile app, respectively. To see how to select an instance during login, see Step 2 of the To log into the NinjaOne mobile app section of NinjaOne Mobile App.
What, if any, changes can I expect to see in a log file for machines using a proxy server for communication?
You may only see a log message for agent start up, which can also display for each service restart.
Can I rename or delete the "Main Office" default location?
You may rename the "Main Office" default location by hovering over the location in the organization editor and clicking "edit", but you cannot delete the default location.
Why am I receiving pending emails with a Cause of "Receiver not found"?
You must ensure that the receiver email is configured as a forwarding address.
Should I run NinjaOne on the main server computer, or should I run NinjaOne on each of the virtual machines? Is there a preference?
You will need to put the NinjaOne Agent on each of the virtual machines rather than putting it on just the host—this is currently the only supported method, known as "agentless backup."
What size and file type can my systray icon image be?
Your systray icon image must be between 16x16 and 128x128 pixels, and it must be a square image. The image may be either a .png or .jpg file.
Do all web browsers fully support MFA?
no they dont
