Skip to main content

General

A general place for Privileged Remote Access conversations.

  • 124 Topics
  • 289 Replies
124 Topics
B
Community Manager
BeyondTrust CommunicationsCommunity Manager
published in General
Monthly Buzz - May - Privileged Remote Access

RS/PRA failover configuration Can RS or PRA failover be configured so a specific appliance automatically reclaims the primary role once it comes back online? No, once a failover occurs, the IP address associated with the hostname is assigned to the backup appliance. This IP address is no longer available without manual intervention. When the former primary appliance comes back online, it checks to see if the hostname and IP address are available. If they are not available, because they are being used by the backup appliance, it will not reclaim them and will not switch back to primary.After a failover, all connections are established with the backup appliance, which is acting as the primary. Additionally, configuring one appliance to always assume the primary role could lead to further disruptions after a failover, as everything is still connected to the backup appliance.Read more here Latest Available Version:Privileged Remote Access 25.1.1 - April 2025 Beekeepers Hot Topics PRA - AD

80
B
Community Manager
Sean Cashin
BeyondTrust Employee
Sean CashinBeyondTrust Employee
published in General
BeyondTrust Remote Support SaaS Service Security Investigation

As a result of our investigation into the Remote Support SaaS Security Incident detailed in our Security Advisory (link below), we have proactively completed an update for our Secure Remote Access (Remote Support and Privilege Remote Access) Cloud customers, fortifying the security of their solution overall. More information can be found as it becomes available via the Security Advisory on our website found here. Please note that we have updated the security investigation as of 28-Jan-25, 5:45 PM Eastern Time. Please follow the link for additional details.

5725
Sean Cashin
BeyondTrust Employee
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (May 29 - Jun 5)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021833 - How to enable in-session two factor authentication in Remote Support and Privileged Remote Access KB0022201 - Managed System external Jump items are missing KB0022264 - How to turn PID logging on and off for RS and PRA on Mac or Linux systems KB0022453 - What is the retention for RS and PRA Vault password history? KB0022465 - Warning message: Installing more than one Jump client being phased out KB0022484 - Is there a maximum screen resolution for an RDP Jump session? KB0022485 - Is Session Recordings required at all times, or only in specific cases? KB0022486 - Is there a mechanism to verify the deletion of recordings after 90 days? KB0022489 - Should the same upgrade package be used if appliances are in failover for RS and PRA?

00
GloriaB
BeyondTrust Employee
R
rrueschjjApprentice
asked in General
PRA Shell Jump sudu/su and credential injection so that our admins can use sudo without needing to know their password.

In the ideas portal A10-I-249 someone suggested being able to re-inject credentials when running a sudo or su command. The idea was marked as already implemented. Is there any documentation on how to achieve this or can anyone provide steps to accomplish this without setting the sudoers file to passwordless?

10
R
P
pvermaNewcomer
asked in General
Inspect /dev tools on a Web Jump on PRA

Does anyone know if we can leverage inspect /dev tools on a Web Jump on PRA? We have developers trying to inspect and open dev tools on the web page but looks like it doesn’t work?

30
P
S
SFARising Star
asked in General
PRA-DATA AT REST ENCRYPTION INBUILT AVAILABLE?

Hello is there data at rest encryption available in PRA inbuilt? or need to configure with key management solutions? Found whitepaper etc but it just mentions steps to integrate with KMS.

71
A
BeyondTrust Employee
T
timbrigham-ocApprentice
asked in General
Netbios name when connecting via PRA not available?

Can the netbios name be made available for PRA and Password Safe, not just the domain name? domainname\username doesn’t work on all applications; some legacy platforms it has to be the netbios name. 

557
T
M
MudupuriApprentice
asked in General
On Privilege Remote access how can I link the Session policy to a bulk group policy with the help of API. I do not see any parameter of Session policy in Group policy

On Privilege Remote access how can I link the Session policy to a bulk group policy with the help of API. I do not see any parameter of Session policy in Group policy

81
R
BeyondTrust Employee
M
MatsuNewcomer
posted in General
Network Tunnel drops connectivity on Jumpoint temporary fix, KB0021363 related

We recently encountered a recurring issue impacting the accessibility of Jumpoints, which we have traced back to behaviors described in KB0021363. The root of the problem appears to be interference between the old and new network management features, particularly when IP assignments are modified either through binding on virtual machines' NICs or via IP changes on bare metal systems.ObservationsWhen these changes occur, the resulting network configuration across the multiple management interfaces becomes inconsistent. This inconsistency causes the Jumpoint to: Attempt to resolve to its own address, Become entirely unresolvable, or Exhibit packet fragmentation or corruption during analysis. Network inspection tools and bomgar logs show erratic behavior. Logs typically reveal incomplete packets or generalized packet errors, but offer no definitive indicators as to the root cause. The symptoms include: Dropped connections, Fluctuating tunnel availability, Inconsistent routing beha

331
DMITRI
BeyondTrust Employee
R
Rohit NikamApprentice
asked in General
Issue with BYOT Option – Remote RDP Sessions Terminating

Hello,I am experiencing an issue with the Bring Your Own Tool (BYOT) option when attempting to open a Remote RDP session using an external tool. For some endpoints, the session initiates but terminates within 1-2 seconds. This behavior is inconsistent, as it works fine for other endpoints.Could you please assist in identifying the cause of this issue and suggest a resolution?

2077
I
P
ParshwaNewcomer
asked in General
Proof of applying bt24-10 and bt24-11 on RS

We had applied patches bt24-10 and bt24-11.Our Security team is asking for a proof that we had applied the security patch to mitigate the subjected vulnerabilities.Please advise where we can get this proof that the patch was applied on RS appliance/ console

171
H
BeyondTrust Employee
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (May 19 - May 26)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021363 - Network Tunnel jumps cause Jumpoint host inaccessibility KB0022325 - Protocol Tunnel Jump unavailable after upgrade. TCP is greyed out KB0022393 - Is Local Jump supported for Linux Server OS? KB0022422 - Is there a way to request a password reset for the /appliance admin account in RS and PRA? KB0022423 - How often does BeyondTrust update RS and PRA Cloud Appliances? KB0022427 - Unable to update. Error: An error occurred installing this update KB0022430 - Can SAML users be migrated to another provider in Remote Support or Privileged Remote Access? KB0022438 - Web Jump fails and times out. Error - The connection attempt timed out KB0022440 - Can port forwarding be used on the SRA appliance for Remote Support or Privilege Remote Access ? KB0022455 - Is it possible to automatica

170
GloriaB
BeyondTrust Employee
T
TZoltanTrailblazer
asked in General
Deploy Jump Clients within a golden image

Hi,I would have a question to anyone, who has experience with installing Jump Clients with a golden image.The question would be, will the installers be still valid after each PRA upgrade? Is there any best practice or guide how this should be done properly?Many thanks for any answer.

274
T
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (May 12 - May 19)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0021333 - Cannot change the name of a traffic node in Remote Support or Privileged Remote Access "Internal Server Error" KB0021344 - Unable to communicate with Jump Clients or security providers in IP ranges 172.17.0.0/16 or 172.18.0.0/16 after upgrading to Base 7.0 KB0022321 - What application parameters are available for the PRA BeyondTrust Desktop agent? KB0022324 - Where is the API configuration found? KB0022353 - Why can some accounts view password history and others cannot? KB0022358 - Is there a way to prevent screenshots being taken when in session? KB0022373 - Unable to download Access Console from PRA environment KB0022374 - Do session recordings have audio? KB0022377 - Windows Clients going offline after upgrade from RS and PRA 22.1 or earlier KB0022379 - Failed to convert

90
GloriaB
BeyondTrust Employee
J
BeyondTrust Employee
Johnli AzucenaBeyondTrust Employee
posted in General
Privileged Remote Access: Group Policies Interactive Workshop

Hop on and join our interactive workshop, where you can gain hands-on experience and handle different use case scenarios. Title: Privileged Remote Access: Group Policies Interactive WorkshopDate: 29 April 2025 Time: 9 am Eastern and 2 pm UK and 9 pm SGTDuration: 90 minutes  Workshop AimThis interactive workshop enables participants to learn the aim and process of configuring Group Policies in Privileged Remote Access. There will be an opportunity to collaborate and study a Use Case to configure a Group Policy within a virtual test environment.  Learning Objective:Learn how to create and configure Group Policies in Privileged Remote Access according to best practices. In this session we will cover:Why would you use Group Policies?     How do users get assigned?     What does Group Policy control?     Best practice guidance     Defined and Final Settings Click here to enroll!For more information on workshops or to make suggestions, please navigate here.

882
Levi
BeyondTrust Employee
R
rrueschjjApprentice
asked in General
SRA Web Jumps and non standard ports

Many times sites will use a unique port other than the standard 443 and 80. Is there a way to utilize web jumps with non standard ports? Sites are SSL enabled. Example: https://site.com:12345/login

1073
R
P
PurushothamApprentice
asked in General
Remoteshell failed (error code-2rs) in PRA console

For one of the end user is not able to access Linux machine and getting below error, tried uninstalled & Installed Desktop access but getting same error however it is working in Web console able to access the server.Could someone please assist to fix the issue?

1162
R
C
Carlos MendonçaRising Star
asked in General
Privileged Remote Access

Hello,Please, has anyone faced or is going through this? At first, it works normally on the local server, but not on the PRA application. It is impacting a lot to continue with visibility. The screen goes white when loading.  

383
C
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (May 5 - May 12)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0022284 - Linux Jumpoint installation error - Failed at step EXEC spawning /home/beyondtrust/jumpoint/init-script: Permission denied KB0022322 - Can RS or PRA failover be configured so a specific appliance automatically reclaims the primary role once it comes back online? KB0022323 - Unable to remove users from a Jump Group KB0022325 - Protocol Tunnel Jump unavailable after upgrade. TCP is greyed out KB0022345 - Where is the download license usage report? KB0022348 - Unable to override Jump Policy. Error - The Jump Policy's schedule does not permit a session to start at this time KB0022353 - Why can some accounts view password history and others cannot? KB0022366 - How many concurrent sessions does a Jump Client Support? KB0022374 - Do session recordings have audio? KB0022375 - Can ses

160
GloriaB
BeyondTrust Employee
Prudhvi Keertipati
Prudhvi KeertipatiVeteran
asked in General
PRA - AD Group Synchronization (Pre-Provisioning)

Hi All,In PRA, we have a SAML security provider configured for user authentication and provisioning. User will only be provisioned when they first-time logged in.Is there anyway we can pre-provision the users by LDAP/AD Group synchronization similar functionality as Password Safe (without using SCIM). Thanks, 

12014
Prudhvi Keertipati
L
lineVeteran
asked in General
Integrate SQL management studio with credential injection on PRA

Jump SQL management studio with credential injection on PRA

1836
L
A
AndyHTrailblazer
asked in General
Incorrect Timestamp on Failover Sync

Hello,I’ve encountered an unusual issue with the failover backup instance. Under the "Sync Now" section, the timestamp for the last data sync displays as:"The last data-sync was successfully pulled at 01/01/1970 12:00:00 AM."Has anyone seen this behavior before? Could you please advise on how to resolve it?Thank you. 

533
MikeK
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in General
Privileged Remote Access - Knowledge Article Publications (Apr 28 - May 5)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0022237 - After upgrading to 25.1.1, cannot send emails after upgrade. Error - Test email failed. SMTP authentication error [535] KB0022243 - Privileged Remote Access report types and how to create them KB0022246 - Missing Login Prompt on Headless Linux System with Jump Client KB0022250 - Canned scripts option missing for macOS remote sessions KB0022251 - Vault account fails to check in post-use, becomes unusable KB0022254 - Upload Update option removed in Remote Support and Privileged Remote Access Cloud 25.1.1 KB0022255 - Issue opening sra-pin.exe - The application could not be started 0x0000364 KB0022262 - File transfer not working for macOS remote session KB0022264 - How to turn PID logging on and off for RS and PRA on Mac or Linux systems KB0022265 - How many characters can the pa

140
GloriaB
BeyondTrust Employee
H
HamzaTrailblazer
asked in General
PRA External Invite

I have multiple questions regarding PRA External invite feature if anyone has used it.is the invite is only for the session the user has created for or external user can also view other session in the console once joined through invite? once external user joins the session , can he will be able to see even if the I minimize the console for some other work ?

221
MikeK
A
AndyHTrailblazer
asked in General
PRA failover: Is there a way to automatically have the first appliance reclaim the primary role once it comes back online?

Hello,I am currently testing our PRA failover setup, which uses the DNS Swing method.Configuration:Setting Primary site setting Backup site setting Enable Backup Operations off on Auto data-sync interval 5 minutes 5 minutes Bandwidth limiting unlimited  unlimited Enable Automatic Failover on on Primary site instance timeout 5 minutes 5 minutes Below are the test steps and observations:Test Steps:1. Both appliances synchronized successfully.2. Shut down the primary appliance.3. The load balancer automatically updated the DNS to point to the secondary appliance.4. After a few minutes, the secondary appliance became the primary.5. Powered the first appliance back on.6. The load balancer automatically updated the DNS back to the first appliance.7. However, after waiting for 10 minutes, the primary role remained with the second appliance.Question:Is there a way to automatically have the first appliance reclaim the primary role once it comes back online?Thank yo

732
A

Badge Earners

  • BCIE: Endpoint Privilege Management - Windows
    BPopovhas earned the badge BCIE: Endpoint Privilege Management - Windows
  • BCA: Password Safe
    mayank6270has earned the badge BCA: Password Safe
  • BCA: Endpoint Privilege Management - Mac
    Max ForeTechhas earned the badge BCA: Endpoint Privilege Management - Mac
  • BCSE: Password Safe
    JawaadKhas earned the badge BCSE: Password Safe
  • BCIE: Endpoint Privilege Management - Windows
    Ahsan Tariqhas earned the badge BCIE: Endpoint Privilege Management - Windows
Show all badges
Terms & ConditionsCookie settings