Privileged Remote Access 23.3.1 Release Notes

October 3, 2023

Requirements:

• Requires Base 7.0.0.
• Requires ECM 1.6.0.
• Requires Integration Client 1.7.5.

New Features and Enhancements:

• SSH Certificate Authority accounts are now available in Vault.
• A new Status field is available in the desktop console Jump Item list to indicate Jump Items in use.
• FIDO2 Admin Control Enhancements:
  • Added “Last Passwordless Authentication Date” column to the User and Vendor list pages.
  • Added “Last Passwordless Authentication Date” to the User Account Report.
  • Passwordless Authenticator and 2 Factor columns added to the Vendor User list.
• New option added to allow admins to redirect / to /login or /console.
• An App Switcher has been added to allow for switching between BeyondTrust cloud products which have been connected to Identity Security Insights.
• Windows 11 on ARM support in emulation.
• The Vendor Group limit has been increased to 150.
• Simultaneous Access for Jump Clients. Administrators can define which Jump items can be accessed by multiple users from different Jump Groups. This was previously a global setting.
• Added the ability to search User activity in the Teams Activity report.
• Improved error reporting for installing Linux Jumpoints and Headless Jump Clients. Now listing any libraries that are missing to complete the install.
• Generic Jump Client installers can now be downloaded from /login.
• Infrastructure Access Console improvements.
• Now able to assign Group Policies to users from the User Edit page.
• The GET /vault/account API has been updated to include Windows Local and Domain accounts with useful attributes.
• BYOT Tool Selection has been added.
• Passwordless FIDO2 Authentication for Mac and Linux is now supported.
• File Transfer only Shell Jumps now support MFA authentication.
• FIDO2 information added to the /user/ API configuration.
• Now displaying more certificate information in the current Security Provider’s certificate.

Issues Resolved:

Administrative Interface

Reporting

• Fixed an issue with viewing Session Recording or Chat Transcripts not honoring the preferred language set in /login when opening the link from another website.
• Fixed an issue with the View link not showing in Session Forensics reports for Shell Jumps.

API

• Configuration API version increased to 1.8.
• Fixed an issue with DELETE /vault/account-group/<id>/jump-item-association/shared-jump-group when Jump Items were in the Jump Group.
• Updated GET /Jumpoint/<id>/installer API to return a better error message for already installed Jumpoints and maxed Jumpoint clusters.

Vault

• Fixed an issue with the Title column not being resizable on the Discovery Results page.
• Fixed an issue with Endpoints associated with Local Accounts being selected for import even though selected Domain Accounts had reached the limit for importing.
• Fixed an issue with filtering Discovery Results and using the Select All check box selecting more than is currently selected.
• Fixed an issue with Vault Discovery failing through a copied Jump Client if the original Jump Client was removed.
• Fixed an issue with the Eye icon on the Vault Checkout page being the wrong color when in Dark Mode.

Group Policies

• Fixed an issue with scrolling through large numbers of Group Policies.
• Fixed an issue with not being able to drag a Group Policy to the end of the Group Policy list.

Web Jump

• Fixed an issue with languages not working correctly when using Web Jump to access /login.

Misc

• Fixed an issue with logging in through the AcessConsole or WebAcessConsole using SAML with network restrictions enabled.
• Renamed all instances of “Microsoft Azure AD” to “Microsoft Entra ID”.

Clients

Access Console

• Fixed an issue with an error message saying that “Your session was not able to be resumed in the allotted amount of time” would be displayed sometimes when exiting the Access Console.
• Now requiring the remote session to be unlocked at least once before access to Elevated Tools is granted.
• Added the white center back to the black dot pointer that is displayed when the user doesn’t have screen sharing control of the endpoint.
• Added “Last Accessed” to the Jump Item report generated in the Access Console.

Web Access Console

• WebAccessConsole now supports Confirmation windows.
• Fixed an issue with the WebAccessConsole not adhering to the “Elevated Access to Tools” when using the “Run As” Special Action.
• Fixed an issue with the Jump Item not being selected after editing it.
• Fixed an issue with canceling or changing a Jump Approval Request causing the status of the request not to update properly.

Jump Client

• Fixed an issue with ending Jump Client sessions on Eval sites.
• Fixed an issue with Vault not properly handling Jump Clients that have changed domains.

Jumpoint

• Fixed an issue with pushing sessions through a Jumpoint that is connected to an Azure AD Hybrid domain.

Mac

• Fixed an issue with the Close button’s label being blank on the Vault Account Details window in the Access Console after the window loses focus.

Linux

• Fixed an issue with session termination not locking the desktop screen on some Linux systems.
• Fixed an issue with some Linux Jumpoints going offline intermittently.

BeyondTrust CLI Tool

• Fixed an issue with starting a session through the BeyondTrust CLI Tool if there was an error message displayed on the Access Console.
• Added a feedback message when theBeyondTrust CLI Tool is installed.

Known Issues:

None.

Notes:

• Automatic Elevation Service is no longer available.
• This version of Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models.
• Verified for GA.
• Supports upgrades from 22.3.1 PA+.
• Supports ECM Protocol 1.6.
• Includes VSC 1.2.6.1.