Privileged Remote Access 21.2.1 Release Notes

August 31, 2021

Requirements:

• This version of Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models.
• 21.2.1PA requires Base 6.1.1.

New Features and Enhancements:

• Introduced new UI.
• Added Jump Item reporting. Users can view events related to Jump Items on Jump Groups (Personal or Shared).
• Added a team chat history in the access console.
• BYOT – SSH. Allows a user to use the tool of their choice with an SSH or Telnet session established through Privileged Remote Access.
• Personal Vault Account limit has been increased to 25.
• Added Polish language support.
• Access console credential search.
• Vault Account Rotation in Azure AD environments.
• Copy Jump Item API.
• Appliance Migration.
• Web access console translations and updated UI styles.
• Web Jump is now available on Linux Jumpoints.
• Jumpoint Proxy is now available on Linux Jumpoints.
• Session End Behavior has moved to a Session Policy.
• Added Username in parenthesis next to Account Name in the Credential Store dropdown menu.
• BeyondTrust Console Script (BRCS) functions now work in the Web access console.
• Configuration API Additions:
  • WebJump
    • GET /jump-item/web-jump/
    • GET /jump-item/web-jump/<id>
    • POST /jump-item/web-jump
    • PATCH /jump-item/jump-item/<id>
    • DELETE /jump-item/web-jump/<id>

Issues Resolved:

• Reporting
  • Resolved an issue with User Search permissions even though the user had the “View His/Her Teams” permission.
  • Resolved an issue with Session Summary Reports sometimes showing incorrect averages in some time zones.
• API
  • Updated API version to 1.21.1.
  • Resolved an issue where the Name field was being required in the Jump Client Configuration API when it should not have been.
  • Username and Password authentication has been removed from API access.

 

Username and password authentication deprecated. Before upgrading to PRA 21.2.1, you must reconfigure any existing integration using user account API authentication to OAuth account API authentication.

• Group Policies
  • Resolved an issue deleting Group Policies with blank names.
• Vault
  • Resolved an issue with browsing a search path for Vault Accounts where the OU names contained special characters.
  • Resolved an issue with rotation while a Jump Client is offline. Now only scheduling the rotation if the Jump Client is online and adding a timeout if the Jump Client goes offline during the rotation.
  • Resolved an issue with some Discovery jobs failing due to timeouts.
  • Resolved an issue with Credential Injection failing and Vault Shared accounts remaining checked out until the session ends.
• Misc
  • Resolved an issue with the Two Factor Authentication Note not being visible under the Vendor User information in Group Policies.
  • Updated the /login help information for Jumpoint RDP Service Accounts.

• Clients
  • Access Console
    • Resolved an issue with using a period in screen sharing with Italian.
  • Customer Client
    • Resolved an issue with bad banner files causing the Customer Client to crash.
  • Web Access Console
    • Resolved an issue with the monitor layout sometimes not displaying correctly.
    • Resolved an issue with the Home and End keys not working properly in the Web Console during Shell Jump.
    • Resolved an issue with Time In Queue not resetting after transferring a session in the Web access console.
  • Jumpoint
    • Resolved an issue where the Jumpoint would sometimes crash during a push if the connection is lost.
  • Mac
    • Resolved an issue with copy and pasting from a Mac access console to Windows endpoint.
    • Resolved an issue with screen flickering when the Energy Saver turns off the screen during a screen sharing session.
  • RDP
    • Resolved an issue with installing the RDP agent on native German systems.
  • Linux
    • Resolved an issue with System Info not showing the Network Sockets on Ubuntu 20.04 and SLED 15.
    • Resolved an issue where there was no error returned if any of the System Info commands fail on Linux.
• Virtual Smart Card
  • Resolved an issue with the access console sometimes crashing when loading credentials from a Smart Card.
  • Resolved an issue with running different versions of the Virtual Smart Card on the access console and endpoint.
  • Resolved an issue with some PIV cards showing the same subject for each certificate, thus making it difficult to select the correct one.
  • Resolved an issue with Microsoft Virtual Smart Cards using long serial numbers.
  • Resolved an issue with sharing more than one Virtual Smart Card during a session.
• Misc
  • Updated the capitalization of “Authenticator App” to “authenticator app” to be more consistent across other products.

Known Issues:

• A BYOT SSH session can stop responding if the user enters text into the session and it does not echo to the terminal.

Notes:

• Supports upgrades from Privileged Remote Access 20.1.3 PA+.
• Requires Integration Client 1.7.3.
• Requires Endpoint Credential Manager (ECM) 1.5.0.
• This release is certified with the following mobile versions:
  • iOS Access Console 2.2.5+
  • Android Access Console 2.2.10+