About This Article
None of this is confidential to the best of my knowledge. The webinar is recorded and I expect all of the new features to make their way into the documentation if they haven’t already. Quotes are best effort, I’m typing them up as they go, so they might not be exact. Some quotes have been cleaned up for grammar and spelling. Finally, the post isn’t chronological, I ordered things so that it fits into understandable narrative.
Panelists
Matthe Smit, GM of Datto RMM.
George Cochrane, Product Manager II, Datto RMM
Daniel Chaplin, Datto RMM Principal Project Manager.
Overview:
Kaseya wants to build out an RMM that is more cloud-focused. Manage M365 in the RMM.
I was (and am) EXTERMELY skeptical of the Kaseya promises to deliver new and better features after the Datto acquisition. That Kaseya did – and does* – purchase companies, ask for 3 year contracts, and only then disclose the purchase is unethical. That said, between the last product update and this one, Kaseya is making actual improvements to their products.
If the product works as advertised this will be real progress. The updates shown today are aimed at things MSPs want, not just what Kaseya wants to sell.
Highlights:
- Launch Web Remote from Autotask and other products
- Track and record time in Web Remote against Autotask tickets
- M365 manager — reset passwords, view logins, see MFA status, see Secure Score and more
- Ingest endpoint data into Autotask for automatic client billing
- Software manager will manage 200 products!
If I were a vendor that had a product that only focused on one of these areas, I’d be thinking about what benefits and features my product had over Datto RMM. Other than not being Kaseya owned (not an insignificant consideration).
*IT Glue, ConnectBooster, AuditIT, TMT, Pulseway. Some of these are good products, there is no need to be deceptive about the purchases.
Datto RMM Usage Statistics
Jobs taking too long to run: Smit promises they are working on it, “we’ve done work here.” From my personal knowledge, this has been an issue for multiple MSPs. My team has gone crazy over it.
Under the hood: upgrading to DotNet 6, especially for better performance on macOS/Linux. Count me a little skeptical, both of these have never performed at par. N.b., Smit thinks that the future of the macOS RMM is in MDM so it is tied into the operating system. I think it will only work when it is MDM.
Autotask
Autotask and BMS can now ingest endpoints for automatic billing to clients.
This is supposed to be coming for multiple Kaseya products.
This is a welcome change that could improve billing and profitability across the entire industry. I’d guess that on average, MSPs have 2-3% shrinkage. Eliminating this would be a huge gross profit boost to the industry.
The RMM/Autotask integration will be available in the new UI and… looks pretty? I dunno, it seems that for this audience it is the least useful, we’ve used the old version for years.
On the plus side, it is one less thing that requires us to ping pong back and forth between the old and the new UI.
ConnectWise setup coming in Q1 for the new UI.
Start Web Remote control sessions from “anywhere,” IT Glue, Autotask and several more that I missed.. Cochrane shows how a Web Remote session can be started from an AT ticket. AT time tracking is also now built into the web remote.
This includes recording the time entry, the same way you do in Autotask today.
“Time stamps are put in by Autotask automatically when we create time entries”
BUT you can’t add notes [outside of the time entry] yet!” “Hi Dean, yes – this should be in the November or December release”
Other tickets for a device can be pulled up inside the web remote interface. It looks like you can link the device you are remoted into to the ticket here.
In November you will be able to create tickets from the RMM.
You can now add attachments to the ticket from the Web Remote. That includes grabbing a screenshot (in November) and — maybe in the future — adding files from the endpoint to the ticket.
Great for logs, might be an issue for PII…
Datto Backup Integration
Datto SaaS backup status now available in the RMM dashboard:
It’s real progress towards a single pane of glass.
Coming in the future, link users to SaaS Backup data in the RMM:
Oddly, Spanning integration isn’t on the roadmap. (Spanning is another Kaseya product that covers SaaS backup, it predates Datto as a Kaseya company)
Azure Backups “Cloud Siris”
“Cloud Siris” devices can now back up Azure servers, no physical device required. You can spin up a virtual server through this cloud-based Siris.
myITprocess Integration
This is the same thing that Kaseya went over in their last platform-wide product update, last copy and paste into myITprocess and more direct imports.
New UI Updates
Device Deletions are now available in the new UI.
See what is pending, such as devices that are offline when you hit delete. (There are other problems here today, maybe I’ll write it up in the future)
There are “patch management improvements” such as:
- Customize messages to end users
- Multi language support
- Auto-resolution for patch alerts
Notable missing: promising that patch management actually works.
Activity log is now available in the REST API.
Coming soon: uninstall software at a Global or Site Level.
Smit promises that there will be an end date for the legacy UI, but that it isn’t now. Chaplin: “We are going to start defaulting people to the new ui starting in 12.6. you will still be able to access the old UI”
SIGNIFICANTLY MORE SOFTWARE APPLICATIONS COMING TO THE SOFTWARE POLICIES. “200”
I feel like they really buried the lede here, this has been a major shortcoming. Up until now, you had to use Chocolatey or Ninite to have reasonable coverage for updates, and those come with their own problems. (Ninite: expensive, Chocolatey, either expensive or community-driven and prone to supplychain attacks.)
Custom packages may be available in the future, no plan today.
Ninite pricing:, $0.41/endpoint at 700 endpoints:
Chocolatey pricing, $16/endpoint at 700 endpoints.
I will some day understand their pricing strategy, but that sure isn’t today.
Co-managed Improvements
I don’t have a good handle on how much of an improvement this is.
Except, the agent branding by site will save me a lot of pain.
M365 Manager
900 partners have access to today, “it will be 100% available to everyone by DattoCon.”
Global View:
Client level view:
Users view:
User level details. Notice the ability to reset M365 passwords in the upper right-hand corner, and the sign-in log with location info at the bottom.
Oddly, in the Q&A a question was asked about if the M365 manager had a read-only mode, not easy to reset a password in read-only. Kaseya answered, “This first release is mostly around displaying data and managing access. We are following Microsoft’s security recommendation and always have security top of mind with everything we build.”
Agent now looks to see if computers are Azure AD joined, and will be able to link users to devices. This is like SaaS Alerts Unify built into Datto RMM.
Roadmap Summary
Events
DattoCon is sold out, “ConnectIT” events coming up:
Q&A
Google Workspace Support (like M365)
no. Gonna get M365 right first.
M365 Costs?
What was shown here today will be included in Datto RMM for no additional charge.
Will Datto add OTP integration when using IT Glue passwords in web remote sessions?
“”Not now. “We have it logged as a request,”
What about the integration problem with ITGlue, is there any progress on fixing it? In concrete terms.
“Yes – this fix will be part of the release we are deploying now. (12.3) – just added to this release today”
IT Glue in Web Remote shows me archived password vault entries. Are you aware of this, and is it on the list to be fixed?
“yes we’ve got this on our radar and it is queued to be addressed shortly.”
Is Splashtop going to be dropped at some point? I am having more and more issues with it…
“Nope, we have no plans to remove it. We want to give people the option for what works best for them. We will be continuing to improve Web Remote but there are no plans to remove any remote technology.”
I agree that Splashtop is not a tier 1 solution at this point.
Will the ALT+TAB be supported in web remote?
“Good idea.” Uhm, yeah.
Will Web Remote replace the ‘agent browser’ in the future? Or will you still invest time in it, and update the agent browser look and feel?
“We do not currently have plans to update the agent browser. We are working on adding more functionality to web remote but have no plans to remove the agent browser.” Yeah good call, the agent browser is awful. It would be nice if they made it less awful until all of its features are integrated into the Web Remote
How can I filter out AT companies – we have a ton that aren’t needed in DRMM, but the mapping seems backward. Every site maps to a company, but not every company maps to a site.
“[We] understand your point, but there were two factors that we wanted to prioritize for this – having multiple sites map to a single company, and the ability to easily “add a new site” for those that don’t exist yet. The tables can be filtered down to show “unmapped only” which can help sift out those you don’t need to see”
Can the Web Remote provide separate menu items to remote, chat or PowerShell?
[No], “we have had some conversation for changing the UI for Web Remote so that you can switch between the chat/powershell/screenshare but we don’t have a current timeline
How do you submit ideas on the ideas portal? Will someone really read what we submit?
“You should be able to submit them here: https://rmm.ideas.datto.com/ideas. we may not respond to every comment/idea but we do look at them and see how/when we can fit them in.”
Are there any plans on adding more widgets, maybe custom widgets?
“It is something we have thought about but do not have firm plans for that right now”
Will the mystery device issue be resolved in the latest release?
No open issue to my knowledge. This is generally related to AV “sandboxing”. https://rmm.datto.com/help/en/Content/3NEWUI/Devices/MysteryDeviceRecords.htm?Highlight=mystery
This is a bad answer. Yes, there are technical roadblocks. I’m confident that Datto/Kaseya could overcome them. Maybe a blog post for another day.
Will Ransomware Detection require a paid license in the future (as expected) or will it remain free indefinitely?
“We do not have a blanket approach, it is determined on a per customer basis” Ha. Negotiate well my friends.
Will quick jobs get an option to set an expiration upon creation, either as a default or user specified?
“We have no plans to add an expiration for quick jobs.” This is a bad answer. The problem is that if you trigger a job and it doesn’t run now — say the device is offline — it will run whenever the device turns back on. If it is user-impacting, or restarting a service (say DNS), it will now happen a point you don’t control. There ought to be a default setting for quick job expirations, I’d say an hour.
When will server metrics be added to the API?
No firm timeframe on it, “but we working on splitting off some of our engineers to be dedicated to the API so we can have more improvements there”
Any Patch management for MAC computers coming in the future?
“Yes, we are hoping to address that in Q1/Q2.” Yeah maybe. You can use softwareupdate -l to get data and other flags to install them, so it certainly is possible.
usage: softwareupdate <cmd> [<args> ...]
** Manage Updates:
-l | --list List all appropriate update labels (options: --no-scan, --product-types)
-d | --download Download Only
-i | --install Install
<label> ... specific updates
-a | --all All appropriate updates
-R | --restart Automatically restart (or shut down) if required to complete installation.
-r | --recommended Only recommended updates
--os-only Only OS updates
--safari-only Only Safari updates
--stdinpass Password to authenticate as an owner. Apple Silicon only.
--user Local username to authenticate as an owner. Apple Silicon only.
--list-full-installers List the available macOS Installers
--fetch-full-installer Install the latest recommended macOS Installer
--full-installer-version The version of macOS to install. Ex: --full-installer-version 10.15
--install-rosetta Install Rosetta 2
--background Trigger a background scan and update operation
** Other Tools:
--dump-state Log the internal state of the SU daemon to /var/log/install.log
--evaluate-products Evaluate a list of product keys specified by the --products option
--history Show the install history. By default, only displays updates installed by softwareupdate.
** Options:
--no-scan Do not scan when listing or installing updates (use available updates previously scanned)
--product-types <type> Limit a scan to a particular product type only - ignoring all others
Ex: --product-types macOS || --product-types macOS,Safari
--products A comma-separated (no spaces) list of product keys to operate on.
--force Force an operation to complete. Use with --background to trigger a background scan regardless of "Automatically check" pref
--agree-to-license Agree to the software license agreement without user interaction.
--verbose Enable verbose output
--help Print this help
