Installing Recast Management Server with Recast Proxy


Right Click Tools Prerequisites

Recast Client Pre-Reqs - The Extras - Recast Software

Prerequisites

Hardware

  • At least 4 cores CPU
  • At least 8 GB RAM
  • The SQL server will need at least 20GB of free space in addition to your normal Windows installation to install SQL and provide database space. More space is required if setting up trends and taking snapshots. 100GB is a good place to start for teams planning to maximize trends utilization.  

Software

  • Windows Server 2012R2 or later
  • IIS
  • ASP.net 4.7

  • .Net Core Hosting Bundle (The Recast Management Server will install this if it is not present, this should be installed after IIS)
  • Any licensed version of SQL (If you don't have permission to create a SQL DB during the install, you can pre-create the SQL DB)
  • Download the newest version of the Recast Management Server installer by logging into the Recast Portal site at: https://portal.recastsoftware.com/

Installing Recast Management Server

We recommend installing the Recast Management Server either on its own server or on the primary Configuration Manager server.

IIS Configuration

The first page in the wizard after accepting the EULA walks you through the server name and IIS port. You should only change the server name if the client is going to use a DNS alias. The server port can be changed to any open TCP port – 444 is the default to prevent conflicts when installing on ConfigMgr servers, but it can be changed to port 443 if it’s preferred in your environment.

IIS Configuration

Certificates

Recast Management Server requires a certificate for secure communication with the Right Click Tools and any Recast Proxies. You have the option to generate a self-signed certificate or use an existing one. You should either use a web server certificate issued by a trusted internal Certificate Authority, or generate a self-signed certificate. The certificate can be changed later by editing the Binding in IIS Manager.

Certificate Configuration

Things to Note:

  • The subject name or one of the subject alternative names of the certificate should match the server name in the URL that the Right Click Tools and Recast Proxies are pointed towards.
  • The public key of self-signed certificates will need to be added to the Trusted Root Certificate Authorities store on your Recast Proxies
  • Right Click Tools will prompt for untrusted certificates and add them to an allowed list. To avoid this prompt, import the public key of the Recast Management Server certificate into the Trusted Root Certificate Authorities store on the devices where the Right Click Tools are installed.
  • Certificates can be changed later from IIS Manager.

SQL Server

Recast Management Server requires a SQL Server in version 4.0 or higher. This can be the free SQL Server Express version, or enterprise SQL. If the SQL Server is installed on a remote device, the computer account of Recast Management Server will need permissions to create the database on the remote device. Alternatively, you can pre-create the RecastManagementServer database and give the computer account db_owner permissions. If the SQL Server is installed on the local device, the computer account of the Recast Management Server will need permissions to create the database on the local device. You can precreate the database and give the IIS AppPool\Recast Management Server account db_owner permissions to the database. This account will not exist until after the installation is finished, so the permissions will need to be given after installation. The Test SQL Connection button will verify connectivity to the SQL Server during installation if the account running the installation has permissions to remotely connect.

SQL Server

Things to Note:

  • If using a remote SQL Server, the computer account of the Recast Management Server needs to be given the db_owner role for the RecastManagementServer database.
  • The IIS AppPool\Recast Management Server account will not exist until after the installation completes.
  • The default SQL Server Port Number is 1433
  • For more information on SQL permissions, see Troubleshooting - SQL Server Configuration
  • If using a local SQL Server, the IIS AppPool\Recast Management Server account needs to be given the db_owner role for the RecastManagementServer database.

Licensing

Licenses can be downloaded during your Recast Management Server installation by entering your Recast Portal email address and password and clicking Download License. The license information should show up in the right pane if the retrieval was successful. If your server does not have internet access you can use the Browse for License button to browse the filesystem for a license file that has been exported from Portal.

License

Proxy Service Account Permission Requirements

  • Minimum requirements

    • Local admin on the server where it is being installed
    • Read-only analyst in ConfigMgr Console
    • db_datareader in ConfigMgr DB
    • Read permissions in Active Directory
  • Run Actions as a Service Account

    • Local admin on any device that actions will be run against
    • Read/Write permissions in Active Directory (Write is only required to delete devices from AD)
    • Appropriate ConfigMgr Security Role for intended actions in ConfigMgr Console (Full Administrator for all actions)
    • Permission to MBAM if applicable
  • Collect Warranty Information with Endpoint Insights

    • If your Recast Management Server is installed on a server other than your ConfigMgr SQL DB, the proxy account will need to be added to the "SMS_SiteSystemToSiteServerConnection_MP_(YourSiteCode)" local group on that server. This will allow it to read/write to your "inboxes\auth\ddm.box" which is required to gather warranty data.

Install Recast Proxy

The installer will then bring you to the Service Account Proxy installation screen.

If you choose to install the Service Account proxy, you should enter the Service account Domain, Username, and Password.

Right Click Tools Service Account Proxy Account Info

Hit test connection to verify the service account has access to read from your domain.

Right Click Tools Service Account Proxy Do Not Install

Fill out your the site server name that has your SMS provider role and the Site Code. Also fill out the server name where your ConfigMgr SQL database is located and the database name. 

If you have an MBAM Server in your environment, you can test if the service account has access to MBAM. Hit "Click Here to Configure MBAM" and fill out your Admin URL and SQL Server. If not, hit install.

This section is for a separate MBAM Server. If you are using the ConfigMgr integrated BitLocker or AD, you do not need to fill this out.

The installation will continue and finish with this dialog box. For information on how to configure routes for the proxy check the configuration section below.

RMS install Complete

Verification

When the installation is complete, verify that you are able to open the Recast Management Server by navigating to https://ServerFQDN:Port in a web browser. Chrome, Edge, or Firefox are recommended. You will receive an authentication window asking you to sign in. Enter the username and password for the account that you were using to install the Recast management Server. A correctly configured Recast Management Server should look similar to the below screenshot.

Server Working Screenshot

If you do not see a screen like the one above, please check out the troubleshooting section of our documentation Troubleshooting

Installation Logs

If you need to verify the installation logs for any reason, Logs for the installation of the Recast Management Server and Recast Proxy (when installed together) will be located here:

C:\Users\user account running the install\AppData\Local\Temp

It will be named something like Recast_Management_Server_2021*****.log