Datto RMM 12.9.0 release notes
Schedule*
Syrah (APAC) |
Monday, March 25, 2024 |
10:00 |
13:00 |
3 hrs |
Zinfandel (US West) |
Thursday, March 28, 2024 |
08:00 |
11:00 |
3 hrs |
Concord (US East) |
Tuesday, April 2, 2024 |
08:00 |
11:00 |
3 hrs |
Merlot (EU2) |
Tuesday, April 2, 2024 |
17:00 |
20:00 |
3 hrs |
Vidal (US East) |
Wednesday, April 3, 2024 |
08:00 |
11:00 |
3 hrs |
Pinotage (EU1) |
Wednesday, April 3, 2024 |
17:00 |
20:00 |
3 hrs |
NOTE *The schedule is subject to change. Please check the Status page for regular updates. When changes are made to the original schedule, those changes are denoted in red.
IMPORTANT This is a full platform and Agent release; therefore, partners should expect brief disconnections of the Agent during the update window.
About the release
The 12.9.0 release is the third of our twelve monthly releases planned for 2024. Please see below for the highlights, along with the full list of fixes and improvements. As always, we look forward to your feedback as we continue to improve the product every single month.
Unified Login with KaseyaOne
Access Groups (role-based access control)
IMPORTANT Access Group security levels will replace manually assigned security levels for login via KaseyaOne. Users with no valid security level will not be able to log in to Datto RMM.
Use this setting to replace all users' security levels with security levels matching the KaseyaOne group names the users are assigned to. Existing security level assignments will still apply to a login authenticated via Datto AuthWeb (Datto Partner Portal). Refer to Automatically assign access to Datto RMM based on KaseyaOne groups.
Users manually assigned to the default Administrator security level will always be able to log in via Datto AuthWeb (Datto Partner Portal) in addition to their Access Group permissions. This eliminates the potential for KaseyaOne changes to remove all possible administrators from the connected Datto RMM instance.
The Access Groups table will show the mappings between KaseyaOne groups and Datto RMM security levels. The mapping synchronizes nightly, but a manual sync can be requested using the Sync option.
Best practice setup steps
- Start by creating user groups in KaseyaOne (or connect your third-party IdP to synchronize those user groups to KaseyaOne). Use a naming convention that defines the roles of your employees, make sure the groups have Datto RMM assigned, and add the appropriate users to each group.
- Create new security levels in Datto RMM with matching names, or rename existing security levels to match the KaseyaOne group names (not case sensitive).
- Click Sync in the Access Groups section to confirm all groups match to the intended Datto RMM security level. If the mappings match as expected, proceed to turn on the Enable Access Group toggle.
- Use the Access Group setting alongside Require Log In with KaseyaOne for standard employees to ensure they receive security levels based on their KaseyaOne groups. If they log in via Datto AuthWeb, they will still receive the manually assigned security levels.
- Add external users to the Require Log In with KaseyaOne exception list to ensure they keep manually assigned security levels.
Splashtop Streamer uninstallation if idle
Unused remote control software presents a larger-than-necessary attack surface to client environments, even when automatic updates are in place. To help mitigate this, the Splashtop Streamer software on client devices will now be automatically uninstalled if all the following conditions are true:
- The Splashtop Streamer is not licensed with Splashtop for Business.
- The Splashtop Remote Screen Share Integration is active.
- A Splashtop remote control session hasn't been initiated for 30 days.
- The Splashtop Streamer wasn’t installed within the last 30 days.
- The Splashtop Streamer Configuration Tool component hasn’t been used to opt out of this automatic removal mechanism.
This is not a permanent uninstallation, as attempting a Splashtop connection to a device without the Streamer software will quickly deploy and connect when ready.
Refer to Automatic uninstallation details in Splashtop Remote Screen Share Integration.
Additions to the ComStore
We release new ComStore components and update existing ones every month. Notable additions this month include the following:
- Drive List Monitor v2 [WIN]: This will allow you to get alerts when a new disk was added or removed.
- Server Role Detection v2 [WIN]: An updated PowerShell version with a few more features.
- Forensic Audit [WIN]: Produces a low-level audit of system aspects which may change but are seldom expected to for historical purposes and detailed documentation.
Want to know what's coming next?
Interested in what we’re currently working on and the broader roadmap vision? Check out the Datto RMM resources feed and watch the latest Quarterly Innovations Update for a glimpse into product priorities.
List of improvements and fixes in this release
Activity Log
Fix |
Page numbers now refresh to the first page when you change a date range in the Activity Log and on the Jobs page when using View Jobs last edited by user, which allows users to see an accurate list of results. |
Agent
Foundation |
To enhance security, the agent UninstallString located in the registry has been updated on new and existing agents to a quoted directory path. |
Autotask Integration
Fix |
To avoid multiple clicks and erroneous errors, the Save and Check Now button for Autotask Integration credentials will disable after the button is clicked while credentials are being checked. |
Components
Fix |
The View and Edit buttons for components are no longer grayed out for non-administrators with proper permissions. |
Connectwise Manage Integration
Fix |
The Request Support check boxes in an Agent policy are now displayed properly in the New UI for ConnectWise-integrated accounts. |
Datto Continuity Integration
Fix |
Improvements were made to the Datto Continuity Integration to successfully raise alerts for backup failures under additional scenarios. Alerts were not consistently raising when a protected agent did not have at least one successful backup and if the backup schedule was configured for a time frame that was more frequent than the alert threshold itself. |
Endpoint Security
Fix |
The Exclude the following file extensions dialog box in a Ransomware Detection monitor no longer disappears if left blank during policy creation. |
Groups
Fix |
Renaming a Device Group with a large number of devices no longer removes devices from the group. |
IT Glue Integration
Fix |
IT Glue users connecting to Web Remote that are unauthenticated will see a message advising that their IT Glue Integration is turned on but that authentication is required to use it. A link to the device summary page, which opens in a separate tab, will be provided for users to complete authentication. Refer to IT Glue passwords in Web Remote. |
Jobs
Foundation
|
To improve security and provide better visibility, we corrected the Jobs page for non-administrator users with View or Manage permission. Non-admin users can now see jobs they created as well as any jobs for which they have access to all of the job targets and components used in the job. Administrators continue to have access to all jobs.
|
Fix |
Downloading job results using Select all rows across all pages has been optimized to accommodate larger datasets. |
Login
Fix |
The user switcher functionality no longer produces an error when a username includes a special character. |
New UI
Fix |
The Add Device page for OnDemand sites no longer shows unsupported options. Refer to Adding a device. |
Fix |
Adding <, >, or & to fields in the web interface will no longer translate to HTML. Changes have been addressed on the Branding page, for device descriptions, on integrations pages, and for UDFs. The fix for UDFs will also fix the UDF in the legacy UI and allow these UDF variables to be called in scripts successfully. |
Fix |
Multi-select column filters have been updated to identify and narrow the list of options as a user types in the text field. |
Patch Management
Foundation |
Lists of devices have been updated in the New UI to improve performance upon page load. Queries that were required only during specific requests are now called only when necessary. |
Platform backend
Foundation |
The method used to check for existing agent keys has been updated to optimize performance and reduce load on the database. |
Policies
Fix |
Policy updates no longer reset privacy mode settings on a device when a manual override is in place. Technicians connected to an endpoint will remain connected as long as the manual override time frame has not expired. |
Reports
Fix |
The Priority column in the Patch Management Activity report has been renamed to Severity, and the values within the column were updated to match the web interface. |
Software Management
Fix |
A fix was implemented to allow users to select a new Software Management policy from the device summary page (the Manage tab in the Software card or the Policies card) after the device or site is disabled in the first policy. |
Fix |
Software Management policies are now applying to a device after a successful initial audit instead of upon an overnight policy refresh. |
Fix |
The Manage tab in the Software card no longer shows an inactive policy as active when the policy is disabled or the device's site in the policy is disabled. |
Splashtop
Foundation |
We fixed the Splashtop Streamer update mechanism in the Datto RMM Agent. It now successfully updates existing Splashtop Streamer versions to our latest released version. |
ComStore updates
IMPORTANT This table does not list updates for components that are installed via Software Management.
NOTE To access a full list of ComStore components, refer to List of ComStore components.
Forensic Audit |
Windows |
New |
Gathers a wealth of information that seldom changes on a system (disk serial numbers, MAC addresses, and so forth), which can be referred back to at a later date for bookkeeping. |
RMMMax HomeBrew Collection |
macOS |
Changed |
Vendor update. |
Acronis Cyber Protect - Deployment |
macOS |
Changed |
Vendor update. |
RMMMax Linux Update Collection |
Linux |
Changed |
Vendor update. |
Monitor Local User Creation |
Windows |
Changed |
Bugfixes. |
Create URL Shortcut on Desktop |
Windows |
Changed |
Improved support for OneDrive-connected accounts. |
Vipre AV Monitor |
Windows |
Changed |
Bugfixes. |
Datto Endpoint Backup (for PCs & Servers) Agent |
Windows |
Changed |
Bugfixes relating to drive size detection. |
Drive List Change Monitor v2 |
Windows |
New |
Rewritten to be more robust and support UDF choice. |
Drive list change monitor |
Windows |
Removed |
|