One agent, one install. Below is the full capability set: how MAJIC reaches your machines, runs its own AI, sets itself up across your domain, and keeps every byte inside your network.
MAJIC never depends on a single channel. It picks the fastest available method and falls back automatically, so a machine is reachable even if its IP changes or it moves networks.
The control plane sends a command to the central API; the target's agent picks it up over a live SignalR hub and runs it in seconds. Fastest path, fully audited server-side.
For privileged or network-credentialed work, the agent registers a one-time elevated scheduled task — the same trick used for SQL and cross-machine hops.
Domain-wide remote PowerShell for fleet sweeps, installs, and orchestration across every Windows host at once.
Every host gets an outbound-only Cloudflare tunnel — key-based SSH from anywhere, no open ports, works behind any NAT or WAN.
Read checks, status, inventory, and service control run locally on the agent with zero round-trips.
Reach database servers and network resources through a credentialed worker, so data-tier tasks run without exposing credentials.
MAJIC installs and serves large language models on your own hardware. No tokens billed to a third party, no prompts leaving your network.
The installer stands up the local inference stack (Ollama + a routing layer) and pulls the models — a single file does the whole setup, no ML expertise required.
Fast lane for quick answers, deep-thinking lane for hard problems, and a vision lane — MAJIC routes each request to the right local model automatically.
From a single workstation card to a multi-GPU server — MAJIC manages quantization and load so big models run on the hardware you already own.
Want to burst to a cloud model for a specific task? Add your own API key, gated by org-admin — MAJIC stays local by default.
Drop MAJIC on a domain and it configures itself — devices auto-enroll, users sign in with what they already have, and the AI is seeded with your business on day one.
On a Windows domain, domain-joined machines auto-enroll and trusted users get instant, zero-config access to the company chat — no per-machine keys to hand out.
Google Workspace / Microsoft 365 single sign-on, or local accounts — plus domain-verification (DNS TXT) and email 2FA for org onboarding.
One command pulls in your existing knowledge, chat history, device inventory, and your public website, then trains your private model so the AI knows your operation from the start.
Every organization's AI memory lives in its own isolated store on its own servers — physically separated from everyone else, invisible even to MAJIC operators.
Every agent dials OUT through an encrypted tunnel. Nothing to forward, nothing to attack on your router.
Inference, knowledge, and conversations stay on your hardware and inside your network. No third-party cloud.
Reboots, config changes, and remote exec require step-up auth and are fully logged.
Each organization's data lives in its own physically separate store — multi-tenant safe.
Every integration and connector uses least-privilege tokens you can revoke instantly.
Every action, by every user and the AI, is recorded with who/what/when across the fleet.
The single installer hardens the host too — enables remote access, sets power & uptime, and wires the tunnel so the box stays reachable.
Personal machines, standalone servers, and full Active Directory domains all supported.
Let the AI connector act on your fleet — fix things, not just report. Billed in simple token-based credits.
Have a demo code? View the preview we personalized for you.
Enter your demo code → Visit appmajic.ai