This version of Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models.
This release requires Base software Base 6.0.1.
New Features and Enhancements:
Vault now supports importing up to 2000 endpoints, 2000 local accounts, and 2000 domain accounts simultaneously.
Toast messages are now shown when a Discovery job finishes.
Configuration API documentation is now also available in HTML format at /login/apidocs.html.
Now automatically associates Local Windows accounts with Jump Clients on domain-joined machines.
Now automatically associates Windows Jump Clients installed on domain-joined machines with Vault endpoints.
Added various improvements to screen sharing with customer clients running on Windows systems.
Added Linux Jumpoints.
Added outbound proxy support.
SAML enhancements to /login and /console.
Added more options for storing the Vault Encryption Key.
Improved granularity of session inactivity timeout.
Added option to create Remote RDP Jump Items during Domain Discovery.
Remote RDP Jump Items associated with Vault Endpoints can now be deleted through the Access Console.
Vault now supports SSH Public Key Certificate authentication.
Added vendor onboarding.
Added credential grouping.
Added Vault scheduled rotation.
Added personal Vault accounts.
Added a Vault link to the access console and to the Web Access Console.
Jump Items may now be copied.
Improved elevated tool access granularity.
Added API account information to the Vault Report filter.
Added more information icons to fields on the Vault Discovery and Vault Domain pages.
Access Invite keys are now only valid for 2 hours.
Changing the Search Term or Password Age filter will now also clear any selected Vault accounts.
Configuration API additions:
Group Policy
GET Group Policy Vault-Account
POST Group Policy Vault-Account
Vault
GET Vault Account now includes personal Vault accounts.
GET Vault Account now includes account groups.
Vendor
GET Vendor Group List
GET Vendor Group
POST Vendor Group
PATCH Vendor Group
DELETE Vendor Group
GET Vendor User List
GET Vendor User
POST Vendor User
PATCH Vendor User
DELETE Vendor User
Jump Client
GET and PATCH now support Endpoint User Agreement.
Issues Resolved:
Administrative Interface
Reporting
Resolved an issue in which mouse click events did not appear in forensics reports.
API
API version increased to 1.2.
Resolved an issue in which the URL in the YAML file for authentication displayed remote-support instead of privileged-remote-access.
Security Providers
Resolved an issue in which invited Access users appeared in local users search results.
Resolved an issue in which deleting a Security Provider did not kick out all of the logged-in users.
Group Policies
Resolved an issue in which selecting a custom session policy inside a group policy did not always enable the controls to modify that custom session policy.
Vault
Resolved an issue with determining if a system is pure Azure Active Directory or on-premise Active Directory.
Reordered the tabs on the Vault page in /login.
Resolved an issue in which manually adding a domain and then using Discovery to find the same domain caused that domain to not have a management account.
Atlas
Resolved an issue with traffic node selection when using address prefix.
Miscellaneous
Microsoft Internet Explorer 11 is no longer supported in /login.
Resolved an issue with the alignment of check boxes and information icons on the Add New Group Policy > Membership page.
Clients
Access Console
Resolved an issue in which BRCS scripts did not pass the password parameter correctly.
Resolved an issue in which using Show My Screen multiple times in a session caused a black screen to appear.
Resolved an issue with screen and mouse flickering in VDI/Terminal Service screen sharing sessions.
Jumpoint
Resolved an issue with opening many connections through a protocol tunnel.
Mac
Access Console running on Mac now requires macOS 10.13 or greater.
Resolved an issue with using the Use high resolution Retina display option in VMWare Fusion on a Mac VM.
RDP
Resolved an issue with failed RDP attempts not showing the hostname of the machine.
Miscellaneous
Resolved an issue in which clients timed out while waiting on an FQDN to be returned.
Added more robust INI file handling.
Notes:
Supports upgrades from Privileged Remote Access 19.2.3PA+.
Supports ThinClient Protocol 2.1 and 2.2.
Requires Integration Client 1.7.3.
Requires Endpoint Credential Manager (ECM) 1.5.0.
Supports ECM Protocol 1.5.
This release is certified with the following mobile versions: