Privileged Identity 7.2.0 Release Notes

November 2, 2021

New Features and Enhancements:

  • The behavior of loading an elevation list has been improved to replace the available system list currently shown.
  • Added the Asset tag field to the input fields for adding shared credentials.
  • Added an option to override the domain for SAML claims.
  • Added post-run alerting to jobs. Admins can now receive post-run emails for any job.
  • Added a color indicator to jobs that have been flagged Do Not Delete.
  • Added read/write delegation permissions for jobs.
  • Added a website option to limit the group list for elevation.
  • Added a feature to check names that also checks for object names.
  • Added job affinity bit for Data Store Maintenance jobs.
  • Added a description column option to the shared password list.
  • Added Germany regional support for Azure AD.

Issues Resolved:

  • Resolved issue in which the response from a OneLogin SAML provider added an extra carriage return, causing the SAML response to be improperly parsed.
  • Resolved issue in which the application launcher would not load default apps.
  • Resolved account truncation issue with MySQL password change jobs.
  • Resolved issue in which you could not select an elevation list from saved lists.
  • Resolved issue in which a delegated user with specific console permissions could not launch the admin console and received an Access Check Failure message.
  • Resolved issue in which PI allowed the creation of multiple OATH/Yubico tokens for the same user. The expected behavior displays a pop-up dialog stating that a token for the user already exists.
  • Resolved issue in which Login with MFA does not pass the simple user name to the MFA login page. The expected behavior is once a user name is entered, it properly passes the user name to the MFA challenge page. However, the system does not know who the interactive user is for interactive login and does not pass the user name to the MFA page.
  • Resolved issue in the web application in which filtering for ESXi account store types does not display ESXi account stores.
  • Resolved issue in which the pre-run alert setting in the web application did not match the same setting in the admin console.
  • To improve behavior, the default system is no longer selected on the Elevation page in the web application.
  • Resolved issue in which changes to the .NET required strong naming for extension components.
  • Resolved issue in which the app launch link was broken on the Password panel.
  • Resolved a date/time UTC textual display issue that occurred in some cases.
  • Resolved the schedule restriction logic to correctly assign permissions when using the weekly schedule requirement feature.
  • Resolved performance issue in which accounts numbered twenty thousand and above for password recovery.
  • Resolved issue in which password ages were showing Zero in the Windows Account Store view.
  • Resolved issue in which the date and time did not sort correctly in the Job dialog. It now sorts correctly when you click the Column headers.
  • Resolved missing Endpoint definition in the web.config file.
  • Resolved issue in which Compliance reports could not be exported.

Known Issues:

  • When creating a new password change job from the web UI, alert settings cannot be specified or saved. Alert settings can be specified and saved by subsequently editing the newly created job. This will be resolved in a future release.


  • PI 7.2.0 exe installer SHA 256 checksum: 3505CDB72599D91CCD69345CE890D43ABE52F50BB5FC33188FA1BDAF7A46E4BF.
  • Privileged Identity 7.2.0 supports upgrades from, 5.5.5.x, 6.0.x, 7.0.x., and 7.1.x
  • PI 7.2.0 supports BeyondTrust PI ECM Plugin 19.4.2.