Datto RMM Agent

SECURITY  All users

About Datto RMM Agent

The Datto RMM Agent is a lightweight software program installed on a device that supports agent installation. Refer to Supported operating systems and Agent requirements. Datto RMM regularly rolls out agent updates, typically when a new major release comes out. However, updates deemed critical by Datto RMM, such as security updates, may occasionally be rolled out between major releases. The Datto RMM Agent checks for updates every two hours.

The Agent gathers up-to-date information about the device's health and status and communicates it to the web interface. The Agent can be used to proactively monitor a device, deploy patches, push out policies, create alerts and tickets, execute scripts, run scheduled jobs, or enable a remote connection to the device. For information about how to connect to a remote device, refer to Agent Browser.

Agent Process and Agent Service

The Datto RMM Agent Process (AEMAgent.exe) is a child process of the main Datto RMM Agent Service (CagService) and is dedicated solely to performing endpoint monitoring tasks. Audit and other data submissions are performed by the main Datto RMM Agent Service.

Location of the Datto RMM Agent Process and the Datto RMM Agent Service by operating system:

Operating System Datto RMM Agent Service Datto RMM Agent Process
Windows • 32-bit version of Windows: %ProgramFiles%\CentraStage
• 64-bit version of Windows: %ProgramFiles(x86)%\CentraStage		 %ProgramData%\CentraStage\AEMAgent
macOS /Applications/AEM Agent.app /usr/local/share/CentraStage/AEMAgent
Linux /opt/CentraStage /usr/local/share/CentraStage/AEMAgent

NOTE  For information on the location of the log files, refer to Agent log files.

Agent modules

Agent modules are separate processes managed by AEMAgent, and they run alongside the Agent Process (AEMAgent.exe).

Web Remote module

When a Web Remote session is established, a new Web Remote Process (RMM.WebRemote) is created for that session. Refer to Initiate a Web Remote session.

Location of the Web Remote Process by operating system:

Operating System Location
Windows %ProgramData%\CentraStage\AEMAgent\RMM.WebRemote\[version]
macOS /usr/local/share/CentraStage/AEMAgent/RMM.WebRemote/[version]

Datto EDR module

When a device is targeted by a Threat Detection monitor in an Endpoint Security policy, AEMAgent downloads an installer called RMM.AdvancedThreatDetection.exe. A successful installation creates agent.exe as a process and registers it as a service with the service name HUNTAgent on Windows and macOS devices and HUNTAgent.service on Linux devices. When a device is no longer targeted by a Threat Detection monitor, the Datto EDR module (process) will be uninstalled and the service will be unregistered.

Location of the Datto EDR module:

Operating System Location
Windows %ProgramData%\CentraStage\AEMAgent\RMM.AdvancedThreatDetection
macOS /usr/local/share/CentraStage/AEMAgent/RMM.AdvancedThreatDetection
Linux /usr/local/share/CentraStage/AEMAgent/RMM.AdvancedThreatDetection

How to...

  1. Ensure you have an Agent installed on your device. For information about Agent types, available operating systems, and deployment options, refer to Installing the Datto RMM Agent on servers, desktops, and laptops.
  2. Locate the Datto RMM icon in the system tray or menu bar of your device. If the Agent is running, the icon should be displayed by default. Depending on the status of the Agent and whether you have applied custom branding, you may see different icons. For more information, refer to Managed and OnDemand Agents and Branding.

NOTE  You can launch the icon by opening the Agent Monitor application on your device.

NOTE  If you have an Agent installed but the icon is not displayed, the icon may be hidden through an Agent policy. For further information, refer to Service options.

  1. Depending on your operating system (macOS or Windows), click or right-click on the Datto RMM icon to be presented with the following options:

NOTE  Some options may not be available on macOS devices.

Field Description
Take screenshot and request support These options are only available when configured in an Agent policy that targets the device in question. The Autotask Integration must be enabled to configure the options. Refer to Agent policy.
Click to open and submit a support request form with or without a screenshot. For more information, refer to Agent ticketing for end users.
Request support
Open Opens the Agent Browser window. For further information, refer to Log in to the Agent Browser.

IMPORTANT  The Agent Browser is only available for Managed Agents on Microsoft Windows devices. OnDemand Agents and operating systems other than Windows do not have an Agent Browser.
Device description Only available on Windows devices. Enter your device description. It will update the device description in the web interface as well. Refer to Device summary.
Privacy Mode Options Enables privacy mode to control any connection to be established to the device. For more information, refer to Privacy Mode.
Settings

IMPORTANT  This option is only available on Windows devices and only displayed to Windows Administrator users.

It allows you to configure your Agent and Agent Browser settings. For more information, refer to Configure the Agent and Agent Browser.
Restart Allows you to restart the Agent.
About... Displays the Agent version and the name of your company. You can configure the latter on the Branding page. For further information, refer to Branding.
Exit/Quit Exits the Agent and Agent Browser.

You can configure the Agent and the Agent Browser settings.

IMPORTANT  This option is only available on Windows devices and only displayed to Windows Administrator users.

  1. Right-click on the Datto RMM icon.
  2. Select Settings.
  3. A new window will open where you can configure the following:
Tab name Description
Network You can apply proxy settings for your Agent. For more information, refer to Configure proxy settings in the Datto RMM Agent.
RDP Allows you to configure your settings for an RDP remote takeover session. You can define the following:
  • Display resolution and size.
  • Whether you want to share remote audio settings and local disk drives.
  • Whether you want to apply the remote desktop background and font smoothing.

To learn how to start an RDP remote takeover session, refer to RDP.
VNC Allows you to change the default password used in a VNC remote takeover session.
If you opt to change this password, ensure that the same change is undertaken on all devices involved as this password is used to authenticate the end-to-end connection for VNC.
To learn how to start a VNC remote takeover session, refer to VNC.
If VNC is disallowed on a target device, the VNC connection will fail. On Windows devices, you can control whether VNC is allowed globally. Refer to VNC Settings in the legacy UI and VNC Integration in the New UI.
Preferences You can set the following preferences:
Advanced Allows you to:
  • Define the type of log file you want to save. For more information about the location of the log files, refer to Agent log files.
  • Define where to store the cache. The Datto RMM Agent Service (CagService) needs full access rights to this folder.

NOTE  While it is possible to customize the cache location, only certain folders (for example, Monitoring or Policy) will be moved to this location. The Datto RMM Agent will continue to store executable files in the following folders in C:\ProgramData\CentraStage even if a custom cache location has been defined:
AEMAgent
Jobs
Packages
Deploy
SplashtopClient
Splashtop
Temp
In most cases, the Datto RMM Agent will try to install or reinstall the folders listed above in C:\ProgramData\CentraStage. However, if C:\ProgramData\CentraStage was created by a non-administrator user, and SYSTEM has been denied manage permission/take ownership access, the Agent will create a new folder with a random character or characters appended to the end of the folder name for security purposes (for example, C:\ProgramData\CentraStage_0f).

  • Reset the Agent Browser size and position.