Understanding the parts of the Recast Management Server

Understanding the parts of the Recast Management Server

The Recast Management Server with all its components and moving parts can sometimes be difficult to understand, especially if you are setting it up for the first time. During my time with Recast I’ve had the pleasure of speaking to many people about how the tools work, and how to think of the tools. Here are some of the definitions that I use when working with users.

Recast Management Server - the Recast Management Server provides Enterprise level features for Right Click Tools. Recast Management Server features include

  1. Role based authentication for Right Click Tools actions, which can be scoped to AD Site, OU, ConfigMgr Site, or ConfigMgr Collection
  2. Audit Log of all previously run actions, including who ran them, when they were run, and what the result was.
  3. The ability to schedule certain actions to happen in the future and with optional recurrence using the Recast Proxy.
  4. The ability to use a service account to run actions, by Configuring the Recast Proxy
  5. The ability to create a scope of computers from Active Directory or Configuration Manager that specific user roles can run actions against.
  6. The ability to run actions against computers in untrusted domains or workgroups using the Recast Agent.
  7. The ability to run actions over the Cloud Management Gateway using the Recast Agent.

Recast Agent - A Recast Agent is a service running on a computer that acts as a Right Click Tools client. When the Agent service is running, Right Click Tools actions can execute under the system context, which means that Local Admin is not required to run actions. Agents can also be very helpful in zero trust networks or on workgroup computers.

Recast Proxy - The Recast Proxy is a service that runs under a service account. It can be used to read from Active Directory to populate scopes, or it can be used to run Right Click Tools actions under that Service Account. There is also a “hidden” type of proxy. A Console User Proxy is automatically installed with your standard Right Click Tools installation. The Console User Proxy ensures that the actions you to run in Right Click Tools will run as the logged in user with the logged in user's permissions. These User Proxies do not show up on the Proxies list.

Scopes - Scopes are lists of devices. Right Click tools uses scopes to determine which computers to run actions against. If a computer is in a particular scope the action can run against it, if it is not the action will not be able to run against it. Scopes are populated by Proxies.

Routes - Routes determine which Recast Proxy your Right Click Tools actions are sent to. You need to have a route for each of the ways that your Right Click Tools actions will reach out to your managed computers.

  1. ConfigMgr Console User Proxy Route = User Proxy route – the User Proxy route will send the action that is being run from the originator's console out to the target device
  2. Recast Agent Proxy = The Recast Agent Proxy Route will send actions to the computers that have Recast Agent installed.
  3. Service Account Proxy = The Service Account Proxy route will send an action to the proxy that is running under a service account if the route is assigned a role that has permissions to run the action and if the targets of that action fall within the route’s assigned scope. The route role and scope work similarly to user permissions.
  4. ConfigMgr Fast Channel = The ConfigMgr Fast Channel Route will send actions to computers that are Fast Channel Capable. That means the computer has the Recast Agent or the WMI provider installed, and it is communicating over the Fast Channel

Fast Channel - the Fast Channel is a Microsoft technology that was developed as a “client notification” layer in ConfigMgr 2012r2. Since then it has evolved to be able to do some additional things. The most important for our purposes is its ability to run scripts.

CMG - Cloud Management Gateway. The Cloud Management Gateway provides a simple way to manage Configuration Manager Clients on the internet. The important thing here, is that the CMG uses the Fast Channel to communicate with ConfigMgr. Therefore, if we can run Right Click Tools actions on devices using the Fast Channel, we can run Right Click Tools actions over the CMG! (Most of the tools anyway)

That's it for now, let me know if there are some additional items that you would like more information about.

 

Marty

 

Marty is the Customer Success Manager at Recast Software. He blogs about trends that come up when supporting customers using Right Click Tools. His email address is martym@recastsoftware.com