Recently active topics

Some users intermittently encountered this error in Password Safe PAM:Because of an error in data encryption, this session will end. Please try connecting to the remote computer again.After that error message, the session disconnects.Tech Support determined that the issue is caused due to a network-related TLS/SSL interference between the appliances and target servers. However, Networking team couldn't find any issues to fix.Please share with us if anyone encountered this type of issue.ThanksMeku

I can log into the portal but when I click on links for KB articles or cases nothing happens. If I use a direct link to a KB article I get a message that it was not found. Is anyone else experiencing problems or do I need to look for issues on my ends?

What is the best practice for configuring IP rules on APIs when the servers’ external IP addresses change frequently?

Hello All,Is there a way to notify (some sort of pop up) the users that the JIT request has been approved via BT EPM app/agent for a better user experience ? PMC has been integrated with SNOW.

Hey everyone,Checking to see if anyone has seen this before, I have multiple servers in an environment that all point to the same proxy.  On a handful of these servers, I can see where package manager is downloading and attempting to install the adapter and client.  However, on others I’m seeing where it cannot download the package.  It tries 5 times, gives up and says I can find more information on the agent with a specific ID (looks like the computer ID).  Anyone have a location for that log? I’ve looked in the standard ones with no luck.I’ll attach an example from the event viewer logs so you can see where it downloads and tries to install the adapter with a 1603 error on one (this I’m trying to fix with workarounds) and on the other it can’t download at all.  

Does anyone know if it is possible to include multiple domains in a management rule filter?  For an example, we need to setup rules to move multiple domains to single computer groups after a certain length of time.  Currently, I have over 20 management rules in place to do this functionality, however I would like to cut that down if possible.  

Hi,I have a problem with the Avecto Defendpoint Service (client version 25.8.12.0).When I restart a Windows 11 notebook, the service is running, but EPM does not work correctly.To resolve the issue, I have to restart the Avecto Defendpoint Service manually, after which everything works as expected.If I set the service startup type to Delayed Start, it starts after about two minutes and then works fine.Has anyone else experienced this issue?Thank you.Kind regards,Thien

I set up my jump groups and created a jumpclient linked to each jump group. In the jump client configuration I checked the box to allow override for the Name field and I’m trying to pass the jc_name parameter with the MSI deployment. However, it seems to just ignore it and the device comes in the rep console with the name showing as the Jump client name and not what I entered in for the jc_name parameter…. Has anyone had luck setting the name in the rep console with the MSI parameter? 

Hi Guys, Can anyone address this query? Does PRA Remote RDP Jump using SecureApp with Type Remote Desktop Agent requires Cal License. Use case is we have an application that needs to be accessed, so we configured the Remote RDP jump short cut and configured  SecureApp with Type selected Remote Desktop Agent. If Yes Cal is needed then why do we have two options one RemoteApp and the other Remote Desktop Agent. please let me know how to go ahead without the Cal license for this use case

Hi Everyone,I’m posting here to seek your guidance and help in troubleshooting an issue we encountered during a recent Beyond Trust Password Safe upgrade from Password safe 23.3 version to 25.1 version.During the upgrade activity we faced an issue that required us to roll back the change to restore service stability. Since we did not have an immediate workaround available from BT support team , we proceeded with the rollback.Inputs or best practices for troubleshooting similar issues during upgrades Guidance on the error observed, based on the screenshots and details shared below. Any recommendations or pre-checks that should be performed to avoid encountering the same issue againPFB screenshot for your ready reference. Any insights or experiences you can share would be greatly appreciated and will help us better prepare for the next upgrade window.Thank you in advance for your support.Best regards,Billa Shiva Teja

Hello Everyone, We are currently performing clean up act for previously configured data in BeyondTrust Password Safe (On-Premises Instance). while analyzing data it was found that there are number of Address groups which are configured but not sure how those are related to any Smart Rules.Is there any easy way to find out list of smart rules using those Address groups? May be a DB query also works. Thanks,Prasad

Hi Team,  I need latest version  password safe upgrade document. Regards,K.Sathiya

EPM-W is blocking some of the functionality of ZoomText screen reader. How do we get around that and allow all functions of ZoomText to run? zt.exe and child processes have been whitelisted already.

Qurestion for beekepers , has anyone onboarded XEN hypervisor as password sase does not have a platform for this as default . Require guidance on how we can onboard XEN hyperviors onto PS

Hi All I have been looking arround for a document that can help in building the Beyondinsight Using UVM for Privilege Management for Windows & Mac in Active Active mode for DC & DR. What are the prerequisites and how to establish the DC & DR scenarios, what are the things that we should be really looking into for the deployment. My another query is how does the Agent understand the DC & DR scenario as if we need to deploy 1 Management node in DC and 1 Management node in DR with 2 Event worker nodes in DC and 2 Event Worker nodes in DR. Where in DC we have SQL in Cluster with Always ON Availability Group and Same deployed seprately in DR too. Can some one explain as how it works and what are the precautionary measurements we need to take care of.

Greetings all I have a developer who is using AWS Secrets Manager for his code. However, he is passing the username and password from Active Directory over to the secret in AWS Secrets Manager and calling that JSON from Secrets Manager.Ideally, yes, he should be calling it from BT and not AWS Secrets Manager but that would involve a lot of code rewrite for him on a production system.We are looking at adding the secret in Secrets Manager as a synced account with the service account so that when we rotate the password on the service account, it would also rotate the password on the AWS Secrets Manager secret to the same password.What he needs though, complicates it. He is storing this in his AWS secret{"binddn":"cn=ldapauth_account,OU=Service,OU=Accounts,OU=company,DC=domain,DC=com","password":"abcabc"}When BT rotates the password on the service account in AD, it writes the password to the secret in AWS wiping out everything so he ends up with something like newpassword instead of the wh

Hello dear community,We are planning to update the U-Series software (PWS and AM). In addition to the recommendation regarding the BeyondInsight / Password Safe - Upgrade BeyondInsight Password Safe Active Passive appliance high availability pair, we would appreciate hearing from anyone who has already performed this upgrade in a similar setup.Could you please share your experience? Specifically: Were there any system resource requirements or constraints to consider? How long did the process take? Was the upgrade smooth, or did you encounter any challenges? Thank you in advance for your collaboration. Br,

When a BeyondTrust Password Safe Cloud tenant is provisioned with Pathfinder, is direct access via the default subdomain (e.g., example.ps.beyondtrustcloud.com) completely restricted or disabled? If so, could you clarify the exact URL, FQDN, or endpoint that needs to be allowed from the Resource Broker to access Password Safe, including any required ports or protocols?

The following articles were published last week. New Knowledge Base Articles: KB0020807 - Remote Support security scanner CSP directive issue - missing reporting-objective and form-action-objective KB0022221 - Privileged Remote Access and Remote Support with VDIs performance delays KB0022246 - Missing Login Prompt on Headless Linux System with Jump Client KB0023017 - How to gather ping and diagnostic stats via the Access or Representative Console KB0023434 - Unable to open Representative Console or Access Console "error reading license file" KB0023438 - Unable to select any Jump (Asset) Groups when creating Jump Client installer KB0023442 - Remote Support 26.1 navigation name changes KB0023445 - Dashboard shows no data or loses connection and states "The server is restarting" KB0023447 - Active session screen sharing stops working after several minutes KB0023460 -

The following articles were published last week. New Knowledge Base Articles: KB0022221 - Privileged Remote Access and Remote Support with VDIs performance delays KB0022246 - Missing Login Prompt on Headless Linux System with Jump Client KB0023017 - How to gather ping and diagnostic stats via the Access or Representative Console KB0023393 - Privileged Remote Access 26.1 navigation name changes KB0023434 - Unable to open Representative Console or Access Console "error reading license file" KB0023438 - Unable to select any Jump (Asset) Groups when creating Jump Client installer KB0023447 - Active session screen sharing stops working after several minutes KB0023460 - Error: An error occured installing this update [pre-upgrade-10] when upgrading to 26.1.1

The following articles were published last week. New Knowledge Base Articles: KB0022130 - Unable to use Sudo commands. Client licensing error - No space left on device