Datto RMM 11.7.0 release notes
Schedule*
| Platform | Date | From (UTC) | To (UTC) | Duration |
|---|---|---|---|---|
| Syrah (APAC) | Monday, March 27, 2023 | 10:00 | 13:00 | 3 hrs |
| Zinfandel (US West) | Wednesday, March 29, 2023 | 08:00 | 11:00 | 3 hrs |
| Concord (US East) | Thursday, March 30, 2023 | 08:00 | 11:00 | 3 hrs |
| Merlot (EU2) | Thursday, March 30, 2023 | 17:00 | 20:00 | 3 hrs |
| Vidal (US East) | Monday, April 3, 2023 | 08:00 | 11:00 | 3 hrs |
| Pinotage (EU1) | Monday, April 3, 2023 | 17:00 | 20:00 | 3 hrs |
NOTE *The schedule is subject to change. Please check the Status page for regular updates. When changes are made to the original schedule, those changes are denoted in red.
IMPORTANT This is a full platform and Agent release; therefore, partners should expect brief disconnections of the Agent during the update window.
About the release
The 11.7.0 release is the third of our twelve monthly releases planned for 2023. Please see below for the highlights, along with the full list of fixes and improvements. As always, we look forward to your feedback as we continue to improve the product every single month.
Datto EDR Integration: macOS and Linux deployment
Partners with Datto EDR enabled in Datto RMM will now be able to target macOS and Linux devices with an Endpoint Security policy, which will deploy Datto EDR to these operating systems. To complement this, devices with these operating systems will also display the Endpoint Security card for better visibility of the Datto EDR status. Refer to Datto EDR and Datto AV in Endpoint Security policy and Endpoint Security in Device summary.
Datto EDR Integration: deep links
Three new deep links are available to quickly navigate to the Datto EDR portal, saving an average of 10 clicks for each button. They can be found in the following places:
Datto RMM alerts generated by Datto EDR
These navigate to a pre-filtered list of Datto EDR alerts for a device. Refer to Overview in Single Alert View.
A process-specific event inside a Datto RMM EDR alert
These navigate to the same process in Datto EDR (matched by hash) to allow for quick blocklist/allowlist management. Refer to Endpoint Security alerts: diagnostic information in Single Alert View.
The Endpoint Security card for devices with Datto EDR
This also navigates to a pre-filtered list of Datto EDR alerts for a device. Refer to Endpoint Security in Device summary.
Software Management at the global and site levels
Dedicated Software Management pages allow users to review and approve managed software globally or at the site level. These actions were previously available only for single devices. Refer to Software Management.
- With the Approval Required filter, discover software requiring approval in one click.
- Control the level of detail displayed by adding or removing the Type and Latest version columns.
- Approve any or all software items simultaneously from the filtered results.
IT Complete: common look and feel
We continue to smooth transitions when switching between IT Complete products by implementing more elements of the Kaseya Design System. This specification aims to ensure similar icons and stylings are used to help products feel familiar, even when encountered for the first time.
- Fresh icons. Icons have been updated to IT Complete versions.
- Clearer filter tags. Tags used when configuring and viewing applied column filters are now a restyled bold theme for added clarity.
- Updated tooltips and cards. Tooltips and cards now feature rounded corners and softened colors.
Row selection improvements
We’re continuing to remove limitations on the number of rows available for selection when performing actions on list items. It is now possible to select all rows on a page, or all rows across all pages, from certain lists using the new drop-down arrow next to the check box in the table header.
Implementing the new asynchronous processing approach requires working on each action and list combination separately. The actions and lists benefiting from the new approach in this release are as follows:
- Schedule Reboot
- Devices > All. Refer to Action buttons in Devices.
- Sites > Devices. Refer to Action buttons in Site summary.
- Global/Site > Filter Results. Refer to Viewing filter details in Device filters.
- Global/Site > Group Results. Refer to Viewing devices in Groups.
Additions to the ComStore
We release new ComStore components and update existing ones every month. Notable additions this month include the following:
- SNMP Database Collector: Use this new tool to gather a complete SNMP catalog – more than just a walk – of an SNMP-enabled network device. This catalog can then be sent directly to Kaseya to aid in the production of SNMP policies.
- Toggle Embedded Files in OneNote: This can be used to work around new vulnerabilities discovered in OneNote by Bleeping Computer.
- Toggle RTF in Microsoft Word (CVE-2023-21716): Disables Microsoft Word’s access to RTF files, which can be weaponized following the vulnerability in CVE-2023-21716. If your devices are patched, the same component can be used to reverse changes.
NOTE To access a full list of ComStore components, refer to List of ComStore components.
Want to know what's coming next?
Interested in what we’re currently working on and the broader roadmap? Check out this post in the Kaseya Community for more information on our broader roadmap vision, what we’re currently working on, and priorities for upcoming releases!
List of improvements and fixes in this release
Agent
| Type | Summary |
|---|---|
| Foundation | Several minor changes to logic in the Datto RMM Agent Service have made offline device detection and alerting more accurate. |
| Foundation | The Datto RMM Agent Process has been migrated from .NET Core 3.1 to .NET 6.0.6, and all alert response components are now executed by the Agent Process. |
Antivirus
| Type | Summary |
|---|---|
| Fix | Antivirus detection support for Sophos Intercept X now also includes Sophos Intercept X v2022.3. |
Autotask Integration
| Type | Summary |
|---|---|
| Fix | Device sync now behaves correctly between Autotask and Datto RMM after devices are moved between sites via the New UI in Datto RMM. Refer to A few notes to consider in Device sync logic and frequency. |
| Fix | Device moves via the Datto RMM New UI now correctly deactivate the synced configuration item (CI) in Autotask. If the device is moved to a site mapped to an Autotask company, a matching CI will be synced to the device or a new CI will be created. Refer to A few notes to consider in Device sync logic and frequency. |
Components
| Type | Summary |
|---|---|
| Fix | Users with a security level that includes Manage permissions for Components can now edit the component level of a component imported from the ComStore that they have the permission to view without requiring the component to first be copied. Refer to Level in Component Library and Viewing and editing component details in Creating a component. |
| Fix | When a ComStore component is updated in the New UI, its component level is no longer reset to default. |
ConnectWise PSA Integration
| Type | Summary |
|---|---|
| Fix | Device moves in Datto RMM now correctly deactivate the synced configuration item (CI) in ConnectWise PSA. If the device is moved to a site mapped to a ConnectWise PSA company, a matching CI will be synced to the device or a new CI will be created. Refer to Map Datto RMM devices to ConnectWise PSA configurations. |
Datto Networking Integration
| Type | Summary |
|---|---|
| Fix | The Datto Access Point Connected Devices card is now correctly displayed. |
Monitoring
| Type | Summary |
|---|---|
| Fix | Alerts from monitors are now correctly displayed in the New UI when a monitor runs a response component that has a file attachment. |
New UI
| Type | Summary |
|---|---|
| Fix | An error message is no longer displayed when enabling Privacy Mode for selected devices. |
| Fix | Component monitors are now correctly excluded from the list of jobs when scheduling a job or running a quick job. |
| Fix | In the Email Settings section on the Global Settings page, it is no longer possible to save a From Name without a Reply-To Address. Refer to Email Settings. |
| Fix | The device selection is now cleared after performing an action via Select all rows across all pages. |
| Fix | Time zones with non-integer offsets from UTC are now represented with respect to the number of minutes in an hour (15/30/45 minutes) in the New UI. |
Platform backend
| Type | Summary |
|---|---|
| Fix | Autotask and ConnectWise PSA ticket creation no longer fails due to a delay when retrieving the alert data. |
| Foundation | Performance and availability of Network Discovery pages in the New UI have been improved. |
Policy management
| Type | Summary |
|---|---|
| Fix | The policy edit page no longer incorrectly implies that the site scope can be edited in the New UI. Refer to Editing a policy. |
Software Management
| Type | Summary |
|---|---|
| Fix | The Software Management Status dashboard widget now supports devices running macOS versions newer than macOS X in the New UI. |
| Fix | In lists of devices, the Software Status column now supports macOS devices. |
Web Remote
| Type | Summary |
|---|---|
| Foundation | Copy and paste functions for Web Remote PowerShell now interact with the technician's clipboard without affecting the clipboard of the remote device. Refer to Initiate a Web Remote PowerShell session. |
| Foundation | Web Remote has been migrated from .NET Core 3.1 to .NET 6.0.6. |
| Fix | On Agents that are configured to use a proxy, Web Remote is no longer affected by a bug that prevented takeover connections after the 11.6.0 release. |
ComStore updates
IMPORTANT This table does not list updates for components that are installed via Software Management.
NOTE To access a full list of ComStore components, refer to List of ComStore components.
| Component Name | Platform | New/Updated | Description |
|---|---|---|---|
| Agent Health Direct-Check | Windows | Updated | Improved certificate check and AEMAgent version checking. Removed checks for windowsupdate.com. |
| Datto Cloud Continuity Agent | Windows | Updated | Updated link in documentation for BitLocker. |
| Audit Local Users + Administrators | Windows | Updated | Updated to better serve Azure tenants. |
| Sophos Central | Windows macOS |
Updated | Vendor update. |
| Delete Named Admin Account (Active Directory) | Windows | Updated | Bugfixes. |
| Enable Bitlocker and Document to UDF | Windows | Updated | Bugfixes. |
| SNMP Database Collector | Windows | New | Use this to gather a complete catalog of an SNMP device for submission to Kaseya in order to facilitate development of SNMP policies. |
| Toggle Embedded Files in OneNote | Windows | New | bleepingcomputer.com/news/security/how-to-prevent-microsoft-onenote-files-from-infecting-windows-with-malware |
| Toggle RTF in Microsoft Word (CVE-2023-21716) | Windows | New | Used to disable RTF support in Microsoft Word in line with CVE-2023-21716. Can also be used to remove restrictions from patched devices. |
| Monitor Windows Licence/License Status | Windows | New | |
| Enable Long Paths | Windows | New | Enables paths greater than 260 characters for Windows 10 onward. |
| Audit User Account Control (UAC) | Windows | New | |
| Toggle Cortana | Windows | New | |
| Security (Antivirus) Monitor | Windows | New | Used to alert if a device's antivirus is not an expected value (for example, Norton instead of Norman). |
