Privileged Remote Access 24.2.2 release notes

July 23, 2024

Requirements

  • Requires Base 7.2.1.
  • Requires ECM 1.6.2.
  • Requires Integration Client 1.7.5.
For a list of supported platforms for the latest version of Privileged Remote Access, see Supported Platforms.

Supported Platforms for previous versions of Privileged Remote Access can be found in the Privileged Remote Access Documentation Archive.

New features and enhancements

  • Endpoint Automation - administrators can run scripts remotely without having to start a session with the endpoint.
  • New Jump Policy option allows requiring Two-Factor Authentication to start a session.
  • Multiple Jump Items can be selected and started together in the Access Console.
  • Filtered Jump Item views can be saved in the Access Console.
  • When creating a Jump Policy, Teams can be selected as Jump Approvers.
  • After a site upgrade, Jump Clients that have not upgraded can be jumped to. A warning message appears for Jump Clients that are pending upgrade.
  • Users can save Default Credentials for Jump Items.
  • Access Console Jump Item lists and icons have been updated.
  • Spanish (European and Latin American) language is supported.
  • Users can bypass Two Factor Authentication when logging in with passwordless FIDO2.
  • A SAML test page is available for testing SAML configurations.
  • Customer Client installers can be downloaded using curl, wget, and btapi.
  • Support for x.509 certificates in Vault for CAs and Client Authentication.
  • Support for Network Tunnels on networks that do not have DHCP.
  • Added Username, Hostname, and Port as place holder variables for External Tools arguments.
  • Configuration API additions and enhancements to support Network Tunnel Jump Items:
    • GET jump-item/network-tunnel-jump
    • POST jump-item/network-tunnel-jump
    • GET jump-item/network-tunnel-jump/<id>
    • PATCH jump-item/network-tunnel-jump/<id>
    • DELETE jump-item/network-tunnel-jump/<id>
    • POST jump-item/network-tunnel-jump/<id>/copy

Issues resolved

Administrative interface

Reporting
  • Resolved an issue with the performance of some Team Activity reports.
  • Resolved an issue with Jump Item report filter not showing the correct tunnel type.
  • Resolved an issue with the Jump Item Report not showing a Jump Approver correctly.
API
  • Configuration API version updated to 1.10.
Vault
  • Resolved an issue with the generic (token) accounts not showing up in the Bulk Rotation message.
  • Resolved an issue with the expiration time not being displayed when checking out SSH-CA accounts.
  • Vault accounts that are scheduled for rotation can be checked out as long as they have not been sent to the Jumpoint for rotation.
  • Now setting a timeout for scheduled rotations.
Security Providers
  • Removed the check box for Proxy from the appliance through the Connection Agent in Cloud sites.
  • Resolved an issue with adding certificates to Clustered LDAP providers.
  • Resolved an issue with logging in using RADIUS or Kerberos security providers.
Vendor
  • Resolved an issue with vendor account expiration emails not sent.
Text Updates
  • Updated the Personal Token Account window title to say Token instead of Password.
  • Updated the help text for Any Jump Items under Jump Item Association to display Kubernetes cluster tunnel.
  • Resolved an issue with an error message after clicking the Anonymize button more than once.
Misc
  • Resolved an issue with pasting values into the External Tools Arguments field not being saved.
  • Updated the More buttons from horizontal to vertical.
  • Resolved an issue with changing the default language for /login not saving properly.
  • Updated the Jump Item Role labels for clarity.
  • Able to import and export Network Tunnel Jump Items in /login.
  • Cloud sites have access to the Portal Redirect and site address settings.

Clients

Access console
  • Resolved an issue with the Infrastructure Access Console showing some Jump Items as able to jump when they were not.
  • Resolved an issue with the tool tip for viewing Kubernetes tokens saying Show Password instead of Show Token.
  • Resolved several issues with intermittent console crashes if pop-up windows were visible when the console closes.
  • Resolved an issue with intermittent console crashes when doing a Local Push and Start session.
  • Resolved an issue with the Infrastructure Access Console window appearing in the wrong location on Windows 11 Arm devices.
  • Updated the Window Title to show the type of Tunnel being created or edited.
  • Resolved an issue with an error message not being displayed in Chat when the Network Tunnel session cannot connect to the Network Tunnel Service.
  • Resolved an issue with any Jump Approval changes made outside of the console not showing up in the console until restarted.
  • Displays an error message if DHCP returns the IP address of the Physical NIC when starting a Network Tunnel. This occurs in AWS and Azure environments.
  • Now displaying a message if the Network Tunnel Service is installed or running.
  • Resolved an issue with the Special Action for System Restore not working properly.
  • Resolved an issue with the BT Command Shell Display setting not saving correctly.
  • Displays an improved error message when using the CLI tool to run Vault Get Shared.
  • Allows older key-exchange algorithms to be used when connecting to systems via Shell Jump or BYOT SSH.
  • Added a download button for SSH-CA account checkouts.
  • Resolved an issue with Command Shell not automatically starting when the External Tool option is selected.
  • Providing keyboard shortcut hints on how to recover minimized windows when using RemoteApp RDP sessions.
  • Displays a wait message instead of No Jump Items found during a search for external Jump Items
  • Resolved an issue with MS SQL Tunnels not working properly with non-default ports and Kerberos authentication.
  • New overlays for Android TV sessions.
  • Resolved an issue with the Network Tunnel not being able to get an IP address from some Microsoft DHCP servers.
  • Clears the remote clipboard when the local clipboard is cleared.
Web Access Console
  • Resolved an issue with saving a screenshot to file not appending the .png file extension to the end of the file name.
  • Resolved an issue with the focus not being set correctly after editing some Jump Items.
  • Resolved an issue with search not working properly when non-English character were used.
Jump Client
  • Resolved an issue with Headless Jump Clients on some Arm devices not upgrading properly.
  • Resolved an issue with the cached Customer Client not downloading properly and causing attempts to Jump to that Jump Client to fail.
Jumpoint
  • Resolved an issue with Jumpoints randomly restarting in certain situations.
  • Clustered Jumpoints can now use the same installer to install multiple nodes.
Shell Jump
  • Resolved several issues with Shell Jump sessions not working as expected until the directory had been refreshed.
  • Resolved an issue with a user not having the Allow Elevated Access to Tools and Special Actions on the Endpoint permission causing Shell Jump sessions to no longer be accessible.
Mac
  • Resolved an issue with Jump Approval notifications text being too small on Macs.
  • Resolved an issue with an extra window being displayed when starting tunnel sessions on a Mac.
  • Resolved an issue with the some icons not displaying correctly in the console when in dark ode on Macs
  • Support for the Mac TouchBar has been removed.
Linux
  • Now writing the Systemd Service Information to a file for Linux Jump Clients and Linux Jumpoints.

Notes

  • This version of Privileged Remote Access has been certified for physical BeyondTrust Appliances, virtual BeyondTrust Appliances, and cloud deployment models.
  • Verified for GA.
  • Supports upgrades from 23.2.3 PA+.
  • Supports ECM Protocol 1.6.
  • Includes VSC 1.2.6.1.