BeyondTrust Appliance U-Series Software 4.2.1 Release Notes
June 6, 2024
Requirements
- .NET 8.0.0 or later (available through BT Updater via Supporting Software SUPI subscription)
- SUPI 3.2 (available through BT Updater)
New Features
This is a maintenance release and does not contain any new features.
Issues Resolved
- Resolved an issue where the Installed Software page was slow to load and sometimes would have an incorrect version listed for a product.
- Cause: The appliance was requesting product version information from BT Updater, causing a delay in loading the results on the page. Also, if an update had failed in BT Updater, it returned the version for the failed update, despite it not being installed.
- Resolution: The appliance no longer contacts BT Updater for product version information.
- Resolved an issue where when attempting to create a backup on a SQLFree appliance, no options were displaying under Backup Options.
- Resolved an issue where when a backup that was created on a SQLFree appliance and contained the BeyondInsight database, a restore of that backup on the same SQLFree appliance would fail.
Known Issues
- Endpoint Privilege Management (EPM) Event Collector Service is missing from the log download page or log export page if there are no log files present.
- EPM and Privileged Management Reporting (PMR) High Availability requires that the source EPM accounts match on each appliance. Accounts require manual intervention to rename.
- Workaround: Users must manually create the EPM/PMR SQL Users in the database on the secondary node.
- Last Pass can interfere with the Deployment and Configuration Wizard.
- Workaround: Disable or log out of Last Pass or configure the appliance in incognito mode in the browser so that the browser extensions are not interfering with the wizard.
- When changing the EPM Database credentials on the host machine and remote collector password, if the EPM Database Access feature is turned off and then on, the user has to enter and confirm their password every time.
- The beyondtrust_user account is locked out after changing the Auth SQL Server password.
- Appliance self-signed certificate does not have subject alternate name (which does not support HSTS). For Chrome 58 and later, only the subjectAlternativeName extension (not commonName) is used to match the domain name and site certificate.
- Using High Availability in a multi-node EPM deployment that has the secondary node set up as the PMR database, when the secondary is promoted to primary, the PMR reports do not display in BeyondInsight. A red X displays in place of the charts.
- Cause: A multi-node deployment typically uses the IP/machine name of the database host in the shared EPM config file. This pointer continues to point at the failed primary, causing the problem.
- Workaround:
- In BeyondInsight, from the left sidebar, click Configuration > Endpoint Privilege Management > Privileged Management Reporting Database Configuration.
- In the Server field, update the IP address to be that of the current appliance.
- In the appliance software, from the left sidebar, click Service Status.
- Restart the EPM Reporting Gateway Service.
- In BeyondInsight, from the left sidebar, click Configuration > Endpoint Privilege Management > Privileged Management Reporting Database Configuration.
Notes:
- Security Management Appliance Installer is dependent on BeyondInsight 24.1.
- Security Management Appliance package in BT Updater is dependent on BeyondInsight 24.1.
- This update is available through BT Updater or as a manual installer from the download tool.
