Skip to main content

General

A general place for Privileged Remote Access conversations.

  • 35 Topics
  • 71 Replies
35 Topics
Sean Cashin
BeyondTrust Employee
Sean CashinBeyondTrust Employee
published in General
BeyondTrust Remote Support SaaS Service Security Investigation

As a result of our investigation into the Remote Support SaaS Security Incident detailed in our Security Advisory (link below), we have proactively completed an update for our Secure Remote Access (Remote Support and Privilege Remote Access) Cloud customers, fortifying the security of their solution overall. More information can be found as it becomes available via the Security Advisory on our website found here. Please note that we have updated the security investigation as of 16-Dec-24, 11:46PM Eastern Time. Please follow the link for additional details.

761
Sean Cashin
BeyondTrust Employee
18 hours ago
E
EdenNCITApprentice
asked in General
Remote Support 24.3.1 Upgrade Pending

We have 50+ jump clients that are showing in an Active [Upgrade Pending] state and are inaccessible.  The devices are on the network, pingable, and I’m able to open a remote PowerShell session on them using enter-pssession, however, they’re not completing the jump client upgrade process. I’ve been able to get a few to complete the upgrade after forcing multiple reboots.  In two cases I had to gain physical access and uninstall the old client and manually install the new one.Is anyone else seeing these issues?

35511
E
13 hours ago
L
lineApprentice
asked in General
Integrate SQL management studio with credential injection on PRA

Jump SQL management studio with credential injection on PRA

221
Prudhvi Keertipati
1 day ago
T
TZoltanApprentice
asked in General
PRA Access Console - Freezing

Hi,Has anybody experienced slowness with Access Console in v24.3.1?We have some reports that connections are established slower in 24.3.1, and some consoles are freezing too.Did anybody experienced similar issues?

301
R
BeyondTrust Employee
1 day ago
Prudhvi Keertipati
Prudhvi KeertipatiVeteran
posted in General
Match naming of the SRA Console User and Password Safe User

Context: Once Password Safe and SRA are successfully integrated. One of the reasons for SRA user fail to search for the managed systems from Password Safe is the mismatch of the naming of the SRA Console User and Password Safe User. In most cases, your Password Safe User has a domain name included in the username but where as SRA user has the short name.Below is one of the method to fix the username matching for SRA SAML2 and/or SCIM security providers. It is useful for the Password Safe Cloud and SRA Cloud instances where customer doesn't have access to backend configuration.  Solution: For example if username in Password Safe is domain.com\username or username@domain.com. To match the username in SRA Console, Navigate to /login console, Go to Users & Security → Security Providers → Edit SAML2 or SCIM Providers. Expand User Attribute Settings, Edit the Username filed. If you are getting the domain.com as an Domain attribute in SAML2 or SCIM claims. Update Username filed as below:

371
J
BeyondTrust Employee
7 days ago
Prudhvi Keertipati
Prudhvi KeertipatiVeteran
asked in General
PRA Access Console - Connection Issue

Hi Team,We have a PRA Cloud tenant deployed and there are NO network restrictions setup on /login console. From US, we are able to access the Access Console, but our users from India team are unable to access and getting below error. They can access /login console but not Access Console. Are there any logs that I can verify or what might be the cause?Thanks,Prudhvi

553
Prudhvi Keertipati
7 days ago
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Dec 2 - Dec 9)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021764 - Privileged Remote Access 24.3 feature show all Password Safe (PS) items in a Jump Point KB0021780 - SEC_ERROR_EXPIRED_CERTIFICATE error when accessing appliance through Firefox browser KB0021788 - Do the following HAProxy CVEs affect Remote Support or Privileged Remote Access? KB0021791 - Privileged Remote Access 24.3 feature static username and port sessions setting KB0021794 - Privileged Remote Access and Remote Support 24.3 OS Certification Matrix KB0021808 - Vault interface not pulling in Password Safe connected credentials through ECM integration when executing SQL Tunnel in Privileged Remote Access KB0021820 - How to restrict access to /appliance

960
GloriaB
BeyondTrust Employee
8 days ago
R
rp-natApprentice
asked in General
PRA - Anyone use Cloudflare successfully?

Hello,We have put Cloudflare (DNS Proxy) infront of our domain for PRA.This works fine 99% of the time, however, occassionally, users experience minor “blips” where the desktop console will close/re-open (remaining logged in).After talking with our SE and support alot on the issue, they cant tell me whether they have other customers using Cloudflare with DNS proxy successfully.They state that reverse proxies are unsupported (which i understand, its in the docs), however, unsupport != shouldnt work.Just trying to understand whether the issue is the same across other orgs.

264
R
11 days ago
Prudhvi Keertipati
Prudhvi KeertipatiVeteran
asked in General
PRA - Jumpoint - RDP Service Account for Session Forensics

Hi,We have Password Safe and PRA integrated and we are using Jumpoint for Remote Jump. For Session Forensics functionality, Is there a way to get the RDP Service Account credentials from Password Safe instead of creating the account in PRA Vault? Thanks,Prudhvi

332
Prudhvi Keertipati
12 days ago
Prudhvi Keertipati
Prudhvi KeertipatiVeteran
asked in General
Jump Shortcut Import Wizard Missing

In the PRA Cloud 23.3.4 instance, Jump Shortcuts Mass Import Wizard  is missing under Jump Items. Is there any configuration or setting has to be enabled for this wizard to show? Thanks,Prudhvi

151
Prudhvi Keertipati
13 days ago
L
LeeAtkinsonRising Star
asked in General
Unable to select jump zone proxy cluster for Jump Client installer

I’ve created a jumpoint cluster with jump zone proxy enabled. When I create a jump client installer, I am unable to select the jumpoint cluster as the jump zone proxy. It says: “There are no standalone Jumpoints with proxying enabled.” I am on the latest version of PRA and clustered jumpoints with jump zone proxy should now be supported.Any ideas please? 

101
L
13 days ago
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Nov 25 - Dec 2)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021560 - What is FIDO2 and how to enable it for Remote Support and Privileged Remote Access KB0021779 - NET::ERR_CERT_INVALID error when accessing appliance through Chrome browser KB0021796 - Unable to retrieve available endpoints -- Details: Search term [*] is not allowed; allowWildcardOnlyEndpointSearch must be 'true' in the appSettings section of the ECM config KB0021809 - How to upgrade Endpoint Credential Manager (ECM)

110
GloriaB
BeyondTrust Employee
15 days ago
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Nov 18 - Nov 25)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021298 - Vault account unavailable stuck in rotating state "The selected account is queued for rotation. Please try again later." KB0021626 - Privileged Remote Access and Remote Support 24.2 OS Certification Matrix KB0021786 - Privileged Remote Access 24.3 feature start sessions with an entire Jump Group by right-clicking

120
GloriaB
BeyondTrust Employee
22 days ago
T
TZoltanApprentice
posted in General
BeyondTrust PRA Atlas Deployment

Hi,Are there any members who are using BeyondTrust PRA as an Atlas Deployment?Do you have any connectivity / stability problems? I mean slow connection establishment, “connection timed out” errors.We use it and many users have this kind of problem, when they are connected internally.If you have met this kind of problems what was your experience, how did you manage to solve it? :) 

412
T
23 days ago
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Nov 11 - Nov 18)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021754 - Privileged Remote Access 24.3 feature Jumpoints deployable through Docker container

80
GloriaB
BeyondTrust Employee
29 days ago
L
LeeAtkinsonRising Star
asked in General
Certificate Warnings

When connecting to a target using Remote RDP in PRA Cloud, we are encountering certificate warnings. I understand this is expected when using self-signed certificates. However, if connecting to a server with a CA-signed certificate issued by the organisation, these warnings should not appear.Could anyone clarify: What steps are required to ensure CA-signed certificates are properly recognised during RDP connections? Do we need to provide BeyondTrust with a CA-signed certificate, or is this entirely dependent on the operating system’s certificate store on the user’s device?Additionally, the documentation states that certificates stored in the operating system are trusted. Does this refer to the certificate store on the user’s local machine, or the machine where the Jumpoint resides?

702
L
1 month ago
J
Jsizzle45Apprentice
asked in General
Jump Clients offline/Software uninstalling

I login to Beyond Trust yesterday and see 2 machines offline. I login today and there are 10Not only is the machine offline, but the app has been removed. Is there a reason this keeps occurring? Is there a time limit to have it installed? I reference back to this article where support linked it to an update, but no update has occurred.   

643
P
BeyondTrust Employee
1 month ago
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Nov 4 - Nov 11)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021594 - How to make Intel vPro work with Remote Support and Privileged Remote Access KB0021687 - How to clean up Uninstalled or Lost status Jump Client endpoints in RS or PRA KB0021693 - Jump Client screen share graphic issue (artifacting) when no monitor is connected to the machine (headless) - Not refreshing screen KB0021731 - How to get connection agent logs for Remote Support or Privileged Remote Access KB0021737 - How to use group policies and session policies to apply permissions in Secure Remote Access

190
GloriaB
BeyondTrust Employee
1 month ago
T
Travis JNewcomer
asked in General
Possible to present webjump in mobile format?

Anyone know if it’s possible to present web jump in mobile screen format for the phone PRA client?  In my testing it comes up almost unusable as it tries to present it like it’s a monitor. Use case:Internal web app for in/out board and tracking staff location in the field.  There is a mobile phone view if they are on internal network.  Would like to make available using the iphone/android PRA client app when users are off network.

171
P
BeyondTrust Employee
1 month ago
l3g0l4s
l3g0l4sApprentice
asked in General
Automation of sending reports in Para

Hello everyone!I would like to know if anyone knows of any methods for automating the sending of session reports in Privileged Remote Access via email.Thank you in advance!

391
M
BeyondTrust Employee
1 month ago
Devin Churchill
BeyondTrust Employee
Devin ChurchillBeyondTrust Employee
published in General
Customer Success Quarterly - 2024-Q4 - Privileged Remote Access

Hello! Last month our Chief Customer Officer, Sean Cashin, provided some information on our upcoming dedicated user community. I’m excited to announce that BeyondTrust launched our new BeeKeepers community on Monday, September 16th! Why BeeKeepers?The name BeeKeepers was born from the idea to protect and secure privileged identities, along with the paths those identities follow in order to gain privilege, aka Paths to Privilege. What does the BeeKeepers name mean to us?Imagine a company’s data and secrets as the honey in a beehive. BeeKeepers take care of the hive, protecting the honey and honeybees, from predators the live to steal the honey, damaging and destroying the hive. Now imagine you, BeyondTrust customers, IT Admins, SOC professionals, and CISOs are the BeeKeepers! And honeybees are identities – human and non-human – continuously travelling along their flight paths, the Paths to Privilege, collecting pollen and making more honey. BeeKeepers protect the honeybees’ path and con

320
Devin Churchill
BeyondTrust Employee
1 month ago
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Oct 28 - Nov 4)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021628 - Session termination behavior is not working in Privileged Remote Access and users are still appear as logged in after a session ends KB0021718 - Checking for RS or PRA updates fail on Base 7.0 and lower

180
GloriaB
BeyondTrust Employee
1 month ago
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Oct 21 - Oct 28)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021611 - Jump Client not connecting to virtual machines

140
GloriaB
BeyondTrust Employee
1 month ago
L
LeeAtkinsonRising Star
asked in General
Jump Approval Notifications

Before I raise an enhancement request, am I right in thinking that there is no other to view jump approvals for an approver other than via email? An approval tab in the interface would be a very useful enhancement - albeit one I’m surprised isn’t already there. Approvers wont be using the Access Console in this case...

412
L
1 month ago
M
mjhallVeteran
asked in General
Updating the Jump Client

Is there a command line we can run on machines to prompt them to update the jump client? i.e.: Simulate right clicking on a jump client in the representative console and clicking update?  We just updated our site software, and I am wondering about the best way to slowly rollout the jump client updates. Generally, the process we take would be updating the IT department, the business pilot, then start staging it out to production. We deploy our jump client via the generic .msi install. There are a couple methods that I can think of, but each has their downsides. Selecting jump items through the console and clicking “Update”. Downsides: This would take forever to manually do for a few hundred pilot machines Deploying via the Jump Client Auto Update settings. Downsides: No control over who gets the updates Deploying via the .msi installer. Downsides: You must uninstall the old version, then install the new version (This resets all of the audit history for that jump client instance ID)What

1193
M
BeyondTrust Employee
1 month ago

Badge Earners

  • BCIE: Privileged Remote Access
    Bruceyhas earned the badge BCIE: Privileged Remote Access
  • BCIE: Remote Support
    Bruceyhas earned the badge BCIE: Remote Support
  • BCA: Privileged Remote Access
    linehas earned the badge BCA: Privileged Remote Access
  • BCA: Password Safe
    linehas earned the badge BCA: Password Safe
  • BCA: Password Safe
    MedBouhas earned the badge BCA: Password Safe
Show all badges
Terms & ConditionsCookie settings