Datto RMM Agent
SECURITY All users
About Datto RMM Agent
The Datto RMM Agent is a lightweight software program installed on a device that supports agent installation. Refer to Supported operating systems and Agent requirements. Datto RMM regularly rolls out agent updates, typically when a new major release comes out. However, updates deemed critical by Datto RMM, such as security updates, may occasionally be rolled out between major releases. The Datto RMM Agent checks for updates every two hours.
The Agent gathers up-to-date information about the device's health and status and communicates it to the web interface. The Agent can be used to proactively monitor a device, deploy patches, push out policies, create alerts and tickets, execute scripts, run scheduled jobs, or enable a remote connection to the device. For information about how to connect to a remote device, refer to Agent Browser.
Agent Process and Agent Service
The Datto RMM Agent Process (AEMAgent.exe) is a child process of the main Datto RMM Agent Service (CagService) and is dedicated solely to performing endpoint monitoring tasks. Audit and other data submissions are performed by the main Datto RMM Agent Service.
Location of the Datto RMM Agent Process and the Datto RMM Agent Service by operating system:
Operating System | Datto RMM Agent Service | Datto RMM Agent Process |
---|---|---|
Windows | • 32-bit version of Windows: %ProgramFiles%\CentraStage • 64-bit version of Windows: %ProgramFiles(x86)%\CentraStage |
%ProgramData%\CentraStage\AEMAgent |
macOS | /Applications/AEM Agent.app | /usr/local/share/CentraStage/AEMAgent |
Linux | /opt/CentraStage | /usr/local/share/CentraStage/AEMAgent |
NOTE For information on the location of the log files, refer to Agent log files.
Agent modules
Agent modules are separate processes managed by AEMAgent, and they run alongside the Agent Process (AEMAgent.exe).
Web Remote module
When a Web Remote session is established, a new Web Remote Process (RMM.WebRemote) is created for that session. Refer to Initiate a Web Remote session.
Location of the Web Remote Process by operating system:
Operating System | Location |
---|---|
Windows | %ProgramData%\CentraStage\AEMAgent\RMM.WebRemote\[version] |
macOS | /usr/local/share/CentraStage/AEMAgent/RMM.WebRemote/[version] |
Datto EDR module
When a device is targeted by a Threat Detection monitor in an Endpoint Security policy, AEMAgent downloads an installer called RMM.AdvancedThreatDetection.exe. A successful installation creates agent.exe as a process and registers it as a service with the service name HUNTAgent on Windows and macOS devices and HUNTAgent.service on Linux devices. When a device is no longer targeted by a Threat Detection monitor, the Datto EDR module (process) will be uninstalled and the service will be unregistered.
Location of the Datto EDR module:
Operating System | Location |
---|---|
Windows | %ProgramData%\CentraStage\AEMAgent\RMM.AdvancedThreatDetection |
macOS | /usr/local/share/CentraStage/AEMAgent/RMM.AdvancedThreatDetection |
Linux | /usr/local/share/CentraStage/AEMAgent/RMM.AdvancedThreatDetection |
How to...
- Ensure you have an Agent installed on your device. For information about Agent types, available operating systems, and deployment options, refer to Installing the Datto RMM Agent on servers, desktops, and laptops.
- Locate the Datto RMM icon in the system tray or menu bar of your device. If the Agent is running, the icon should be displayed by default. Depending on the status of the Agent and whether you have applied custom branding, you may see different icons. For more information, refer to Managed and OnDemand Agents and Branding.
NOTE You can launch the icon by opening the Agent Monitor application on your device.
NOTE If you have an Agent installed but the icon is not displayed, the icon may be hidden through an Agent policy. For further information, refer to Service options.
- Depending on your operating system (macOS or Windows), click or right-click on the Datto RMM icon to be presented with the following options:
NOTE Some options may not be available on macOS devices.
Field | Description |
---|---|
Take screenshot and request support | These options are only available when configured in an Agent policy that targets the device in question. The Autotask Integration must be enabled to configure the options. Refer to Agent policy. Click to open and submit a support request form with or without a screenshot. For more information, refer to Agent ticketing for end users. |
Request support | |
Open | Opens the Agent Browser window. For further information, refer to Log in to the Agent Browser. IMPORTANT The Agent Browser is only available for Managed Agents on Microsoft Windows devices. OnDemand Agents and operating systems other than Windows do not have an Agent Browser. |
Device description | Only available on Windows devices. Enter your device description. It will update the device description in the web interface as well. Refer to Device summary. |
Privacy Mode Options | Enables privacy mode to control any connection to be established to the device. For more information, refer to Privacy Mode. |
Settings |
IMPORTANT This option is only available on Windows devices and only displayed to Windows Administrator users. It allows you to configure your Agent and Agent Browser settings. For more information, refer to Configure the Agent and Agent Browser. |
Restart | Allows you to restart the Agent. |
About... | Displays the Agent version and the name of your company. You can configure the latter on the Branding page. For further information, refer to Branding. |
Exit/Quit | Exits the Agent and Agent Browser. |
You can configure the Agent and the Agent Browser settings.
IMPORTANT This option is only available on Windows devices and only displayed to Windows Administrator users.
- Right-click on the Datto RMM icon.
- Select Settings.
- A new window will open where you can configure the following:
Tab name | Description |
---|---|
Network | You can apply proxy settings for your Agent. For more information, refer to Configure proxy settings in the Datto RMM Agent. |
RDP | Allows you to configure your settings for an RDP remote takeover session. You can define the following:
To learn how to start an RDP remote takeover session, refer to RDP. |
VNC | Allows you to change the default password used in a VNC remote takeover session. If you opt to change this password, ensure that the same change is undertaken on all devices involved as this password is used to authenticate the end-to-end connection for VNC. To learn how to start a VNC remote takeover session, refer to VNC. If VNC is disallowed on a target device, the VNC connection will fail. On Windows devices, you can control whether VNC is allowed globally. Refer to VNC Settings in the legacy UI and VNC Integration in the New UI. |
Preferences | You can set the following preferences:
|
Advanced | Allows you to:
NOTE While it is possible to customize the cache location, only certain folders (for example, Monitoring or Policy) will be moved to this location. The Datto RMM Agent will continue to store executable files in the following folders in C:\ProgramData\CentraStage even if a custom cache location has been defined:
|