A Recast Agent is a Windows service that runs as the local system. Agents are designed to be installed on every device within an organization.
Agent Uses
- Run actions on workgroup computers or on computers in untrusted domains
- Run actions on computers where the user does not have administrator permissions
- Run actions on computers that have more restrictive firewall rules in place
- Collect Endpoint Insights inventory data from devices
- Give users a way to self-elevate credentials with Privilege Manager
NOTE: An Agent Gateway is required for every 20K Recast Agents deployed.
If your Recast Management Server is using a self-signed certificate, you must import the certificate into the Trusted Root Certificate Authorities Store on all devices that will have Agents. For instructions on importing a certificate to a local machine, see Certificate used by Recast Management Server is not trusted.
A Recast Agent is installed on a computer and runs Right Click Tools actions on that computer as the local system account. A Recast Agent should be deployed on each device you want to run Right Click Tools actions against. After deploying Recast Agents, you can configure them to run Right Click Tools actions or for Fast Channel Support. You can also use the same Recast Agent for Endpoint Insights and Privilege Manager. To learn more about Recast Agent uses, see the Recast Agent Overview.
Prerequisites for Deploying Recast Agents:
- If deploying 5000+ Recast Agents, follow the 503.2 IIS Error instructions before proceeding.
- If your Recast Management Server is using a self-signed certificate, you must first import the certificate into the Trusted Root Certificate Authorities Store on all devices that will have Agents.
Deploying Agents with Application Manager
We recommend deploying Recast Agents using Application Manager. Your Right Click Tools Enterprise license alone gives you access to Application Manager to deploy Recast Agents. In the absence of Application Manager licensing, only the Recast Agent and Right Click Tools applications will be available in the AM software catalog.
Prerequisites for Deploying Agents using Application Manager:
- Recast Management Server is running Recast Software version 5.4 or later, as that version introduces Application Manager in RMS.
- Required proxy permissions for Application Manager are in place
To deploy the Recast Agent application with Application Manager, complete the initial AM setup, selecting 'Recast Agent' as the application to deploy.
For a video walkthrough, see Recast Application Deployment with Application Manager on our YouTube channel.
TIP: Alternatively, you can choose to deploy Recast Agents by downloading and running the Agent installer.
Silent Agent Install
Add the RCTENTERPRISESERVER=https://<FQDN>:<Port> parameter to your install string, substituting the FQDN and port number for your Recast Management Server.
Example:
msiexec.exe /i "Recast Agent.msi" /qn /norestart RCTENTERPRISESERVER="https://RMS.RecastDomain.com:444" /L*V "%temp%\RecastAgentMSI.log"
NOTE: The default Recast Management Server port is 444. Inbound and outbound traffic over port 444 (or an alternative port you specify) must be enabled between the Recast Management Server and any device that has a Recast Agent in order for the Agent to be able to communicate with the server.
Connect Recast Agents to an Agent Gateway
Connect your Recast Agents to a specific Agent Gateway by adding the AGENTGATEWAY parameter to your install string.
Example:
msiexec.exe /i "Recast Agent.msi" /qn /norestart RCTENTERPRISESERVER="https://RMS.RecastDomain.com:444"
AGENTGATEWAY="https://agentgateway.dev.recastsoftware.com:444" /L*V "%temp%\RecastAgentMSI.log"
The Recast Management Server Agents page shows all agents installed in your environment, as well as their software Version and whether they are Connected and/or Authorized.
NOTE: If an authorized agent doesn't appear to be Connected, Recast Management Server may not currently be able to connect to it, or a certificate on the client may not be functioning properly.
To edit an agent:
1. On the Recast Agents page, click the Edit icon to the right of the agent.
2. Edit agent details, such as the computer name or whether the agent is authorized.
3. Click Update.
Installed agents must be authorized before they can be used to run actions. The Recast Management Server will automatically approve any agents that connect from the same domain as the Recast Management Server. Agents connecting from a different domain (or from a workgroup computer) must be approved manually, unless you've edited the default setting to approve all agents automatically.
Approve an Agent Manually
To approve an agent manually in RMS:
1. On the Recast Agents page, click the Edit icon to the right of the agent you want to authorize.
2. In the Edit Recast Agent window, enable the Authorized checkbox and click Save.
Approve All Agents Automatically
You can choose to have your Recast Management Server automatically authorize all agents regardless of the domain where they're installed.
To approve all agents automatically:
1. In your Recast Management Server, navigate to Administration > Settings.
2. Under Recast Management Server, click the Edit icon to the right of Recast Agent Approval.
3. In the Change Setting window, choose Automatically Approve All Agents from the Value drop-down.
Deleting an agent on the Recast Agents page, removes it from the database and revokes the client certificate, but agent uninstallation must be done manually.
To delete an agent in RMS:
1. On the Recast Agents page, click the Delete icon to the right of the agent you want to remove.
2. In the Delete Recast Agent window, click Delete.