You can add and manage connections to third-party services on the Service Connections page in your Recast Management Server.
Service Connection Types
- ActiveDirectory: Needed for Right Click Tools web dashboards
- AzureActiveDirectory (Entra ID): Needed for Privilege Manager and the Entra ID BitLocker Recovery Keys tool
- MEMCM (Microsoft Endpoint Manager Configuration Manager): Needed for Application Manager and Right Click Tools web dashboards
- MBAM (Microsoft BitLocker Administration and Monitoring): Optional for BitLocker web dashboard
To configure service connections, your Recast Management Server must be installed with Recast Proxy.
The Service Connections page displays the connections that allow your Recast Management Server to query information from third-party services.
You can find the page in RMS by navigating to Administration > Service Connections.
Service connection information:
- Confirmed: Shows whether a service connection is confirmed as available for use. You can confirm a service connection that is not currently available by clicking View/Edit and the Confirmed check box.
- Connection: Service connection name
- Type: Active Directory, Azure Active Directory (Entra ID), MEMCM, MBAM. For information on the service connection requirements for Recast products and features, see Service Connection Types.
- Sync Status: Current status of a service connection data sync.
- In Progress - Recast Management Server is actively retrieving service connection data
- Complete - Data sync has completed successfully
- Error - Data sync has failed
- Unknown - Displayed before an initial Active Directory or Configuration Manager data sync or when IIS is reset after a data sync
- N/A - Currently displayed for Azure Active Directory(Entra ID) and MBAM service connections.
- Last Sync Status Change: Date and time the latest service connection data sync started, completed, or failed. For information on viewing or editing the data sync schedule, see Synchronize Service Connection Data.
- Actions
- View/Edit service connection details
- Sync Now to immediately update service connection data from MEMCM or Active Directory. See Synchronize Service Connection Data.
- Test the connection between your Recast Management Server and a third-party service.
- Delete a service connection so that your Recast Management Server will no longer request data from the third-party environment.
To add a service connection:
1. On the RMS Service Connections page, click Add Service Connection.
2. Select a connection Type: ActiveDirectory, MEMCM, MBAM, AzureActiveDirectory (Entra ID).
3. Name the new connection and add details associated with the connection type, such as the Tenant ID, Client ID, and Client Secret key.
4. Select a Proxy Computer Name and Proxy User Name from the drop-down lists.
5. Click the Confirmed check box to ensure that the service connection is available for use.
6. Click Submit.
To edit a service connection:
1. On the RMS Service Connections page, click View/Edit to the right of the service connection to edit.
2. Edit service connection details (these will differ according to the connection type).
3. Uncheck the Confirmed option if you don't want the service connection to be available for use.
4. Click Submit to save your edits.
Beginning with Recast Software Version 5.9.2502.2105, your Recast Management Server retrieves user and device data from your Configuration Manager and Active Directory service connections according to a set discovery sync schedule.
View Discovery Sync Details
The RMS Service Connections page displays the current Sync Status and the Last Sync Status Change. For specifics, see View Service Connections.
View or Edit Discovery Sync Schedule
Your Recast Management Server automatically creates a scheduled task to retrieve data from each ConfigMgr and AD service connection every 24 hours. Synchronization is scheduled by default to occur nightly between 1am and 3am at local time for the server. You can edit the run time for each scheduled task via the Task Scheduler.
You can view or edit the discovery sync schedule for each service connection by opening the Task Scheduler and navigating to Task Scheduler Library > Recast Software > Recast Task Scheduler.
Each service connection discovery sync task is named using the following format:
<service connection>DiscoverySyncForServiceConnectionID<number>
Examples: MEMCMDiscoverySyncForServiceConnectionID3, ActiveDirectoryDiscoverySyncForServiceConnectionID4
Initiate a Discovery Sync
It's essential that device and user data be up-to-date in your Recast Management Server before adding a user/group scope or route scope as data that does not match in RMS and the service connection cannot be saved. Instead of waiting for the scheduled discovery sync to run, you can manually trigger data synchronization.
To manually initiate a discovery sync on the Service Connections page, click Sync Now and confirm the action. The service connection's Sync Status will change to 'In Progress'.
NOTES:
- In larger environments, a discovery sync can take 15 minutes or longer to complete.
- You cannot cancel a discovery sync once it is in progress.
- Running a discovery sync during working hours can impact individuals using the system.
- If you plan to trigger discovery syncs for multiple service connections, we recommend doing so consecutively rather than concurrently to avoid memory errors.
You can choose to include one or more existing service connections in a Right Click Tools web dashboard scan to query third-party environments.
To select a service connection:
1. On any web dashboard, click Select Service Connections.
2. In the side panel that opens, select from the list of available service connections.
3. Click Save & Run Scan.