Privileged Remote Access 20.2.1 Release Notes September 15, 2020
This version of
Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models. This release requires Base software Base 6.0.1.
New Features and Enhancements:
Vault now supports importing up to 2000 endpoints, 2000 local accounts, and 2000 domain accounts simultaneously.
Toast messages are now shown when a Discovery job finishes.
Configuration API documentation is now also available in HTML format at
/login/apidocs.html. Now automatically associates Local Windows accounts with Jump Clients on domain-joined machines.
Now automatically associates Windows Jump Clients installed on domain-joined machines with Vault endpoints.
Added various improvements to screen sharing with customer clients running on Windows systems.
Added Linux Jumpoints.
Added outbound proxy support.
SAML enhancements to
/login and /console. Added more options for storing the Vault Encryption Key.
Improved granularity of session inactivity timeout.
Added option to create Remote RDP Jump Items during Domain Discovery.
Remote RDP Jump Items associated with Vault Endpoints can now be deleted through the Access Console.
Vault now supports SSH Public Key Certificate authentication.
Added vendor onboarding.
Added credential grouping.
Added Vault scheduled rotation.
Added personal Vault accounts.
Added a Vault link to the access console and to the Web Access Console.
Jump Items may now be copied.
Improved elevated tool access granularity.
Added API account information to the
Vault Report filter. Added more information icons to fields on the
Vault Discovery and Vault Domain pages. Access Invite keys are now only valid for 2 hours.
Search Term or Password Age filter will now also clear any selected Vault accounts.
Configuration API additions:
GET Group Policy Vault-Account
POST Group Policy Vault-Account
GET Vault Account now includes personal Vault accounts.
GET Vault Account now includes account groups.
GET Vendor Group List
GET Vendor Group
POST Vendor Group
PATCH Vendor Group
DELETE Vendor Group
GET Vendor User List
GET Vendor User
POST Vendor User
PATCH Vendor User
DELETE Vendor User
GET and PATCH now support Endpoint User Agreement. Issues Resolved:
Resolved an issue in which mouse click events did not appear in forensics reports.
API version increased to 1.2.
Resolved an issue in which the URL in the YAML file for authentication displayed
remote-support instead of privileged-remote-access.
Resolved an issue in which invited Access users appeared in local users search results.
Resolved an issue in which deleting a Security Provider did not kick out all of the logged-in users.
Resolved an issue in which selecting a custom session policy inside a group policy did not always enable the controls to modify that custom session policy.
Resolved an issue with determining if a system is pure Azure Active Directory or on-premise Active Directory.
Reordered the tabs on the
Vault page in /login. Resolved an issue in which manually adding a domain and then using Discovery to find the same domain caused that domain to not have a management account.
Resolved an issue with traffic node selection when using address prefix.
Microsoft Internet Explorer 11 is no longer supported in
/login. Resolved an issue with the alignment of check boxes and information icons on the
Add New Group Policy > Membership page. Clients
Resolved an issue in which BRCS scripts did not pass the password parameter correctly.
Resolved an issue in which using
Show My Screen multiple times in a session caused a black screen to appear. Resolved an issue with screen and mouse flickering in VDI/Terminal Service screen sharing sessions.
Resolved an issue with opening many connections through a protocol tunnel.
Access Console running on Mac now requires macOS 10.13 or greater.
Resolved an issue with using the
Use high resolution Retina display option in VMWare Fusion on a Mac VM.
Resolved an issue with failed RDP attempts not showing the hostname of the machine.
Resolved an issue in which clients timed out while waiting on an FQDN to be returned.
Added more robust INI file handling.
Supports upgrades from
Privileged Remote Access 19.2.3PA+. Supports ThinClient Protocol 2.1 and 2.2.
Requires Integration Client 1.7.3.
Requires Endpoint Credential Manager (ECM) 1.5.0.
Supports ECM Protocol 1.5.
This release is certified with the following mobile versions: