Datto RMM 12.9.0 release notes

Schedule*

Platform	Date	From (UTC)	To (UTC)	Duration
Syrah (APAC)	Monday, March 25, 2024	10:00	13:00	3 hrs
Zinfandel (US West)	Thursday, March 28, 2024	08:00	11:00	3 hrs
Concord (US East)	Tuesday, April 2, 2024	08:00	11:00	3 hrs
Merlot (EU2)	Tuesday, April 2, 2024	17:00	20:00	3 hrs
Vidal (US East)	Wednesday, April 3, 2024	08:00	11:00	3 hrs
Pinotage (EU1)	Wednesday, April 3, 2024	17:00	20:00	3 hrs

NOTE *The schedule is subject to change. Please check the Status Page for regular updates. When changes are made to the original schedule, those changes are denoted in red.

IMPORTANT This is a full platform and Agent release; therefore, partners should expect brief disconnections of the Agent during the update window.

About the release

The 12.9.0 release is the third of our twelve monthly releases planned for 2024. Please see below for the highlights, along with the full list of fixes and improvements. As always, we look forward to your feedback as we continue to improve the product every single month.

Unified Login with KaseyaOne

Access Groups (role-based access control)

IMPORTANT Access Group security levels will replace manually assigned security levels for login via KaseyaOne. Users with no valid security level will not be able to log in to Datto RMM.

Use this setting to replace all users' security levels with security levels matching the KaseyaOne group names the users are assigned to. Existing security level assignments will still apply to a login authenticated via Datto AuthWeb (Datto Partner Portal). Refer to Automatically assign access to Datto RMM based on KaseyaOne groups.

Users manually assigned to the default administrator security level will always be able to log in via Datto AuthWeb (Datto Partner Portal) in addition to their Access Group permissions. This eliminates the potential for KaseyaOne changes to remove all possible administrators from the connected Datto RMM instance.

The Access Groups table will show the mappings between KaseyaOne groups and Datto RMM security levels. The mapping synchronizes nightly, but a manual sync can be requested using the Sync option.

Best practice setup steps

Start by creating user groups in KaseyaOne (or connect your third-party IdP to synchronize those user groups to KaseyaOne). Use a naming convention that defines the roles of your employees, make sure the groups have Datto RMM assigned, and add the appropriate users to each group.
Create new security levels in Datto RMM with matching names, or rename existing security levels to match the KaseyaOne group names (not case sensitive).
Click Sync in the Access Groups section to confirm all groups match to the intended Datto RMM security level. If the mappings match as expected, proceed to turn on the Enable Access Group toggle.
Use the Access Group setting alongside Require Log In with KaseyaOne for standard employees to ensure they receive security levels based on their KaseyaOne groups. If they log in via Datto AuthWeb, they will still receive the manually assigned security levels.
Add external users to the Require Log In with KaseyaOne exception list to ensure they keep manually assigned security levels.

Splashtop Streamer uninstallation if idle

Unused remote control software presents a larger-than-necessary attack surface to client environments, even when automatic updates are in place. To help mitigate this, the Splashtop Streamer software on client devices will now be automatically uninstalled if all the following conditions are true:

The Splashtop Streamer is not licensed with Splashtop for Business.

The Splashtop Remote Screen Share Integration is active.

A Splashtop remote control session hasn't been initiated for 30 days.

The Splashtop Streamer wasn’t installed within the last 30 days.

The Splashtop Streamer Configuration Tool component hasn’t been used to opt out of this automatic removal mechanism.

This is not a permanent uninstallation, as attempting a Splashtop connection to a device without the Streamer software will quickly deploy and connect when ready.

Refer to Automatic uninstallation details in Splashtop Remote Screen Share Integration.

Additions to the ComStore

We release new ComStore components and update existing ones every month. Notable additions this month include the following:

Drive List Monitor v2 [WIN]: This will allow you to get alerts when a new disk was added or removed.
Server Role Detection v2 [WIN]: An updated PowerShell version with a few more features.
Forensic Audit [WIN]: Produces a low-level audit of system aspects which may change but are seldom expected to for historical purposes and detailed documentation.

Want to know what's coming next?

Interested in what we’re currently working on and the broader roadmap vision? Check out the Datto RMM resources feed and watch the latest Quarterly Innovations Update for a glimpse into product priorities.

List of improvements and fixes in this release

Activity Log

Type	Summary
Fix	Page numbers now refresh to the first page when you change a date range in the Activity Log and on the Jobs page when using View Jobs last edited by user, which allows users to see an accurate list of results.

Agent

Type	Summary
Foundation	To enhance security, the agent UninstallString located in the registry has been updated on new and existing agents to a quoted directory path.

Autotask Integration

Type	Summary
Fix	To avoid multiple clicks and erroneous errors, the Save and Check Now button for Autotask Integration credentials will disable after the button is clicked while credentials are being checked.

Components

Type	Summary
Fix	The View and Edit buttons for components are no longer grayed out for non-administrators with proper permissions.

Connectwise Manage Integration

Type	Summary
Fix	The Request Support check boxes in an Agent policy are now displayed properly in the New UI for ConnectWise-integrated accounts.

Datto Continuity Integration

Type	Summary
Fix	Improvements were made to the Datto Continuity Integration to successfully raise alerts for backup failures under additional scenarios. Alerts were not consistently raising when a protected agent did not have at least one successful backup and if the backup schedule was configured for a time frame that was more frequent than the alert threshold itself.

Endpoint Security

Type	Summary
Fix	The Exclude the following file extensions dialog box in a Ransomware Detection monitor no longer disappears if left blank during policy creation.

Groups

Type	Summary
Fix	Renaming a device group with a large number of devices no longer removes devices from the group.

IT Glue Integration

Type	Summary
Fix	IT Glue users connecting to Web Remote that are unauthenticated will see a message advising that their IT Glue Integration is turned on but that authentication is required to use it. A link to the Device Summary page, which opens in a separate tab, will be provided for users to complete authentication. Refer to IT Glue passwords in Web Remote.

Jobs

Type	Summary
~~Foundation~~	To improve security and provide better visibility, we corrected the Jobs page for non-administrator users with View or Manage permission. Non-admin users can now see jobs they created as well as any jobs for which they have access to all of the job targets and components used in the job. Administrators continue to have access to all jobs.
Fix	Downloading job results using Select all rows across all pages has been optimized to accommodate larger datasets.

Login

Type	Summary
Fix	The user switcher functionality no longer produces an error when a username includes a special character.

New UI

Type	Summary
Fix	The Add Device page for OnDemand sites no longer shows unsupported options. Refer to Adding a device.
Fix	Adding <, >, or & to fields in the web interface will no longer translate to HTML. Changes have been addressed on the Branding page, for device descriptions, on integrations pages, and for UDFs. The fix for UDFs will also fix the UDF in the legacy UI and allow these UDF variables to be called in scripts successfully.
Fix	Multi-select column filters have been updated to identify and narrow the list of options as a user types in the text field.

Patch Management

Type	Summary
Foundation	Lists of devices have been updated in the New UI to improve performance upon page load. Queries that were required only during specific requests are now called only when necessary.

Platform backend

Type	Summary
Foundation	The method used to check for existing agent keys has been updated to optimize performance and reduce load on the database.

Policies

Type	Summary
Fix	Policy updates no longer reset privacy mode settings on a device when a manual override is in place. Technicians connected to an endpoint will remain connected as long as the manual override time frame has not expired.

Reports

Type	Summary
Fix	The Priority column in the Patch Management Activity report has been renamed to Severity, and the values within the column were updated to match the web interface.

Software Management

Type	Summary
Fix	A fix was implemented to allow users to select a new Software Management policy from the Device Summary page (the Manage tab in the Software card or the Policies card) after the device or site is disabled in the first policy.
Fix	Software Management policies are now applying to a device after a successful initial audit instead of upon an overnight policy refresh.
Fix	The Manage tab in the Software card no longer shows an inactive policy as active when the policy is disabled or the device's site in the policy is disabled.

Splashtop

Type	Summary
Foundation	We fixed the Splashtop Streamer update mechanism in the Datto RMM Agent. It now successfully updates existing Splashtop Streamer versions to our latest released version.

ComStore updates

IMPORTANT This table does not list updates for components that are installed via Software Management.

NOTE To access a full list of ComStore components, refer to List of ComStore components.

Component Name	Platform	New/Changed/Removed	Description
Forensic Audit	Windows	New	Gathers a wealth of information that seldom changes on a system (disk serial numbers, MAC addresses, and so forth), which can be referred back to at a later date for bookkeeping.
RMMMax HomeBrew Collection	macOS	Changed	Vendor update.
Acronis Cyber Protect - Deployment	macOS	Changed	Vendor update.
RMMMax Linux Update Collection	Linux	Changed	Vendor update.
Monitor Local User Creation	Windows	Changed	Bugfixes.
Create URL Shortcut on Desktop	Windows	Changed	Improved support for OneDrive-connected accounts.
Vipre AV Monitor	Windows	Changed	Bugfixes.
Datto Endpoint Backup (for PCs & Servers) Agent	Windows	Changed	Bugfixes relating to drive size detection.
Drive List Change Monitor v2	Windows	New	Rewritten to be more robust and support UDF choice.
Drive list change monitor	Windows	Removed

	Need troubleshooting help? Open Kaseya Helpdesk.
	Want to talk about it? Head on over to the Kaseya Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the ideas forum!
	Provide feedback for the Documentation team.