Privileged Remote Access 20.2.1 Release Notes

September 15, 2020

Requirements:

  • This version of Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models.
  • This release requires Base software Base 6.0.1.

New Features and Enhancements:

  • Vault now supports importing up to 2000 endpoints, 2000 local accounts, and 2000 domain accounts simultaneously.
  • Toast messages are now shown when a Discovery job finishes.
  • Configuration API documentation is now also available in HTML format at /login/apidocs.html.
  • Now automatically associates Local Windows accounts with Jump Clients on domain-joined machines.
  • Now automatically associates Windows Jump Clients installed on domain-joined machines with Vault endpoints.
  • Added various improvements to screen sharing with customer clients running on Windows systems.
  • Added Linux Jumpoints.
  • Added outbound proxy support.
  • SAML enhancements to /login and /console.
  • Added more options for storing the Vault Encryption Key.
  • Improved granularity of session inactivity timeout.
  • Added option to create Remote RDP Jump Items during Domain Discovery.
  • Remote RDP Jump Items associated with Vault Endpoints can now be deleted through the Access Console.
  • Vault now supports SSH Public Key Certificate authentication.
  • Added vendor onboarding.
  • Added credential grouping.
  • Added Vault scheduled rotation.
  • Added personal Vault accounts.
  • Added a Vault link to the access console and to the Web Access Console.
  • Jump Items may now be copied.
  • Improved elevated tool access granularity.
  • Added API account information to the Vault Report filter.
  • Added more information icons to fields on the Vault Discovery and Vault Domain pages.
  • Access Invite keys are now only valid for 2 hours.
  • Changing the Search Term or Password Age filter will now also clear any selected Vault accounts.
  • Configuration API additions:
    • Group Policy
      • GET Group Policy Vault-Account
      • POST Group Policy Vault-Account
    • Vault
      • GET Vault Account now includes personal Vault accounts.
      • GET Vault Account now includes account groups.
    • Vendor
      • GET Vendor Group List
      • GET Vendor Group
      • POST Vendor Group
      • PATCH Vendor Group
      • DELETE Vendor Group
      • GET Vendor User List
      • GET Vendor User
      • POST Vendor User
      • PATCH Vendor User
      • DELETE Vendor User
    • Jump Client
      • GET and PATCH now support Endpoint User Agreement.

Issues Resolved:

Administrative Interface

  • Reporting
    • Resolved an issue in which mouse click events did not appear in forensics reports.
  • API
    • API version increased to 1.2.
    • Resolved an issue in which the URL in the YAML file for authentication displayed remote-support instead of privileged-remote-access.
  • Security Providers
    • Resolved an issue in which invited Access users appeared in local users search results.
    • Resolved an issue in which deleting a Security Provider did not kick out all of the logged-in users.
  • Group Policies
    • Resolved an issue in which selecting a custom session policy inside a group policy did not always enable the controls to modify that custom session policy.
  • Vault
    • Resolved an issue with determining if a system is pure Azure Active Directory or on-premise Active Directory.
    • Reordered the tabs on the Vault page in /login.
    • Resolved an issue in which manually adding a domain and then using Discovery to find the same domain caused that domain to not have a management account.
  • Atlas
    • Resolved an issue with traffic node selection when using address prefix.
  • Miscellaneous
    • Microsoft Internet Explorer 11 is no longer supported in /login.
    • Resolved an issue with the alignment of check boxes and information icons on the Add New Group Policy > Membership page.

Clients

  • Access Console
    • Resolved an issue in which BRCS scripts did not pass the password parameter correctly.
    • Resolved an issue in which using Show My Screen multiple times in a session caused a black screen to appear.
    • Resolved an issue with screen and mouse flickering in VDI/Terminal Service screen sharing sessions.
  • Jumpoint
    • Resolved an issue with opening many connections through a protocol tunnel.
  • Mac
    • Access Console running on Mac now requires macOS 10.13 or greater.
    • Resolved an issue with using the Use high resolution Retina display option in VMWare Fusion on a Mac VM.
  • RDP
    • Resolved an issue with failed RDP attempts not showing the hostname of the machine.
  • Miscellaneous
    • Resolved an issue in which clients timed out while waiting on an FQDN to be returned.
    • Added more robust INI file handling.

Notes: