Privileged Remote Access 22.2.1 Release Notes

May 3, 2022


  • This version of Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models.
  • 22.2.1 PA requires Base 6.2.0.

New Features and Enhancements:

  • Vault can now rotate Windows service accounts and restart any services associated with the service account.
  • Vendor Onboarding 3.0 gives PRA administrators the option to delegate all notifications and workflow approvals to any user in an associated Vendor Group, and the user interface for Vendor Groups provides more visibility and a streamlined workflow for vendor management.
  • Password Safe Integration, Phase 2:
    • External Web Jump Items are now supported from Password Safe.
    • Multiple Jumpoints can now be utilized with External Jump Items.
  • Added Apple silicon support.
  • Added lossless video support.
  • Protocol Tunneling is now supported on Linux Jumpoints.
  • Web Jump now supports opening links in new tabs via CTRL/CMD + Click.
  • Vault > Endpoints page now lets users configure which columns are displayed.
  • Vault configurable password length now allows administrators to define the password length requirements for Windows Local, Domain, and Azure AD accounts currently managed by Vault.
  • Syslog reports can now be downloaded from /login.
  • Vault Discovery:
    • Search has been added to Vault Discovery.
    • The operating system is now included in Discovery results.
    • Distinguished Name of Endpoint now included in Discovery results.
  • Search filters have been added to the Jump Groups page.
  • Search filters have been added to the Group Policies page.
  • Screenshot capabilities have been added to the web access console.
  • Session anonymization improvements allow sessions to be anonymized multiple times.
  • Added a notification animation when deleting a traffic node from an Atlas configuration.
  • The Copy Jump Item API has been updated to allow the name of the new Jump Item to be specified and also returns the new Jump Item’s ID.
  • Reverted the Jump Client System Tray icon back to the previous image.

Important Information for This Release:

This update removes support for Jumpoint and desktop access console installs on Windows 7, Win7POS, and Server 2012 and 2012R2.

Issues Resolved:

Administrative Interface

  • Reporting
    • Resolved issue with the Jump Item name sometimes not showing up in session reports.
    • Resolved issue with License Usage reports sometimes not being accurate.
    • Resolved issue with downloading the License Usage report in Excel 2007+ format.
    • Resolved issue with Jump Item report missing some events.
  • API
    • API version updated to 1.22.2.
  • Vault
    • Resolved issue with Jump Client discovery not showing a toast message when discovery finished.
    • Resolved issue with editing the name or hostname of an endpoint not updating the associated RDP Jump Items.
    • Resolved issue with sometimes getting a Credentials Invalid error message when the ECM failed to respond.
    • Resolved issue that would sometimes cause performance problems on the appliance after doing an import or rotation in Vault.
  • Web Jump
    • Resolved issue with credential injection causing problems through a Web Jump to a site where the password element is replaced after it is discovered.
    • File Transfer in Web Jump now honors File Transfer permissions.
  • Text Updates
    • Updated the text of the user’s reporting permission to View Only Their Events.
    • Corrected a typo for Appliance on the /login > Management > Cluster page.
  • Miscellaneous
    • Resolved issue with the Management > Site Configuration > HTTP Site address box not highlighting after being selected.
    • Resolved issue with the tooltip for a disabled ECM group not showing when using the Chrome browser.
    • Updated the Jump Approver Email field to take one email address per line.
    • The Days to keep Jump Item Logging Information permission has been moved to the Management > Security page.
    • Resolved issue in which resetting the admin account did not clear the MFA settings as well.
    • Resolved issue in which the ACH Credential Provider only supported one active customer client.


  • Access Console
    • Resolved issue with using Korean toggle keys.
    • Resolved issue in which copying a Jump Client to a new group always showed the Jump Client as online.
    • Made minor Dark Mode adjustments.
    • Resolved issue with injecting AltGr+^ on Spanish keyboard layouts.
  • Customer Client
    • A registry entry can now disable the customer client from attempting to activate the logon screen.
  • Shell Jump
    • Resolved issue with Alt+. not bringing up the last command.
  • Mac
    • Resolved issue in which the access console on Macs crashed when the user’s keyboard layout was set to Chinese and any characters were typed through screen sharing.
  • RDP
    • Resolved issue with BYOT RDP freezing when screen recordings were enabled.
    • Resolved issue with BYOT RDP SecureApp sometimes disconnecting.
    • We now pin the BYOT RDP chat sidebar on session endings in case there are errors to display in the chat.


  • Supports upgrades from Privileged Remote Access 21.1.4 PA+.
  • Requires Integration Client 1.7.3.
  • Requires Endpoint Credential Manager (ECM) 1.6.0.
  • 22.2.1 PA includes VSC
  • This release is certified with the following mobile versions: