Privileged Remote Access 20.2.1 Release Notes
September 15, 2020
Requirements:
- This version of Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models.
- This release requires Base software Base 6.0.1.
New Features and Enhancements:
- Vault now supports importing up to 2000 endpoints, 2000 local accounts, and 2000 domain accounts simultaneously.
- Toast messages are now shown when a Discovery job finishes.
- Configuration API documentation is now also available in HTML format at /login/apidocs.html.
- Now automatically associates Local Windows accounts with Jump Clients on domain-joined machines.
- Now automatically associates Windows Jump Clients installed on domain-joined machines with Vault endpoints.
- Added various improvements to screen sharing with customer clients running on Windows systems.
- Added Linux Jumpoints.
- Added outbound proxy support.
- SAML enhancements to /login and /console.
- Added more options for storing the Vault Encryption Key.
- Improved granularity of session inactivity timeout.
- Added option to create Remote RDP Jump Items during Domain Discovery.
- Remote RDP Jump Items associated with Vault Endpoints can now be deleted through the Access Console.
- Vault now supports SSH Public Key Certificate authentication.
- Added vendor onboarding.
- Added credential grouping.
- Added Vault scheduled rotation.
- Added personal Vault accounts.
- Added a Vault link to the access console and to the Web Access Console.
- Jump Items may now be copied.
- Improved elevated tool access granularity.
- Added API account information to the Vault Report filter.
- Added more information icons to fields on the Vault Discovery and Vault Domain pages.
- Access Invite keys are now only valid for 2 hours.
- Changing the Search Term or Password Age filter will now also clear any selected Vault accounts.
- Configuration API additions:
- Group Policy
- GET Group Policy Vault-Account
- POST Group Policy Vault-Account
- Vault
- GET Vault Account now includes personal Vault accounts.
- GET Vault Account now includes account groups.
- Vendor
- GET Vendor Group List
- GET Vendor Group
- POST Vendor Group
- PATCH Vendor Group
- DELETE Vendor Group
- GET Vendor User List
- GET Vendor User
- POST Vendor User
- PATCH Vendor User
- DELETE Vendor User
- Jump Client
- GET and PATCH now support Endpoint User Agreement.
- Group Policy
Issues Resolved :
Administrative Interface
- Reporting
- Resolved an issue in which mouse click events did not appear in forensics reports.
- API
- API version increased to 1.2.
- Resolved an issue in which the URL in the YAML file for authentication displayed remote-support instead of privileged-remote-access.
- Security Providers
- Resolved an issue in which invited Access users appeared in local users search results.
- Resolved an issue in which deleting a Security Provider did not kick out all of the logged-in users.
- Group Policies
- Resolved an issue in which selecting a custom session policy inside a group policy did not always enable the controls to modify that custom session policy.
- Vault
- Resolved an issue with determining if a system is pure Azure Active Directory or on-premise Active Directory.
- Reordered the tabs on the Vault page in /login.
- Resolved an issue in which manually adding a domain and then using Discovery to find the same domain caused that domain to not have a management account.
- Atlas
- Resolved an issue with traffic node selection when using address prefix.
- Miscellaneous
- Microsoft Internet Explorer 11 is no longer supported in /login.
- Resolved an issue with the alignment of check boxes and information icons on the Add New Group Policy > Membership page.
Clients
- Access Console
- Resolved an issue in which BRCS scripts did not pass the password parameter correctly.
- Resolved an issue in which using Show My Screen multiple times in a session caused a black screen to appear.
- Resolved an issue with screen and mouse flickering in VDI/Terminal Service screen sharing sessions.
- Jumpoint
- Resolved an issue with opening many connections through a protocol tunnel.
- Mac
- Access Console running on Mac now requires macOS 10.13 or greater.
- Resolved an issue with using the Use high resolution Retina display option in VMWare Fusion on a Mac VM.
- RDP
- Resolved an issue with failed RDP attempts not showing the hostname of the machine.
- Miscellaneous
- Resolved an issue in which clients timed out while waiting on an FQDN to be returned.
- Added more robust INI file handling.
Notes:
- Supports upgrades from Privileged Remote Access 19.2.3PA+.
- Supports ThinClient Protocol 2.1 and 2.2.
- Requires Integration Client 1.7.3.
- Requires Endpoint Credential Manager (ECM) 1.5.0.
- Supports ECM Protocol 1.5.
- This release is certified with the following mobile versions: