Recently active topics

We have several systems that, when viewing analytics/events there is no event activity reported on these systems. Yet if we view them in our RMM tool we see plenty of activity that should be appearing in analytics/events. What would be the best steps to take to address this issue?

Hi team,We have onboarded WINSCP as application in Beyondtrust password safe (cloud).  We are facing one challenge here where after application is launched using functional account , how can user transfer file from his local machine to RDS server. As WINSCP is launched to connect to target linux server , I want to understand since the file will be at user local machine , how can user move it to target linux system.I am sending the winscp application screen shot for reference . Awaiting response. Thanks in advance .Regards,Imran Aliyani

We are using a SmartRule with the Selection Attribute Criteria “Directory Attribute Match” using the employeeID attribute to map privileged account as dedicated account for a user only. This all works fine but we are worried if somehow the source system (e.g. AD) is messing with the data of this attribute employeeID, e.g. deleting the value (e.g. AD Admin not aware of that field, doing cleanup, etc.) or being tampered. This privileged acount then would be exposed to all the users (with access to that Managed Account group). How can this be prevented or found/reported which accounts may have an issue. I understand data quality is key here but with such a highly security related topic of privileged accounts one always has to assume that the source (AD) might be wrong and counter-measures must be possible on both side (source and consumer, i.e. PasswordSafe)

A client, and myself, all have the same error on our Azure connector: Unable to access Platform Environments: Insufficient privileges. Unable to access Platform Admin Applications: Insufficient privilegesIs anyone else seeing this issue? Bit of coincidence that we have this in three seperate sites. 

Hi Team,We’ve a use case as mentioned below:a user initiated a web jump from BT PRA to vSphere portal and was logged in successfully. Within the vSphere portal, user selects a VM wherein vSphere gives 2 types of logins- 1.Remote & 2.Web Console. User selects web console access which then launches a new tab within the Jump Item requiring password to be entered again. The key option is disabled and looking for suggestions to enable it.  

Team, Please suggest if there’s a way in Active passive setup to pull the report of last RDP login date for the privilege users on specific managed system? 

So, I’ve attempted this multiple times and took a short break to clear my head. Cannot seem to get this wrapped up, and it’s a necessity. Hi, I’m Robert and I’m a Security Engineer for my company. Part of my portfolio is Enterprise Software Management via Intune. I manage all software deployments for the company on a tenant level, using assignment groups to make certain apps available to pertinent groups. Over the past 3 years, I’ve learned a lot where Intune deployments and the Windows OS intersect. I’m still on the learning path, but I’m figuring out the nuances, the lowest common denominators and getting better at troubleshooting issues. This is where things get complicated: 100% of my experience in this arena is Windows 10 / Windows 11 based. And we now have a very small fleet (<10 devices) of Mac devices for our Marketing team. Now, I’ve tried everything I can find online, but the documentation on how to pull this off via Intune is scarce and incomplete. Reddit has been the mos

Hello Beekeeper Community,I’m curious to hear how others handle the following:Onboarding:easy: AD query, smart rules, and we have managed account. Offboarding:When a managed account deleted from AD , the password can’t locate the user. Also, there doesn’t seem to be a smart rule capability to identify which accounts are in Password Safe and which are not, to help with automated cleanup and management.How do you manage this process? Any tips or best practices would be appreciated!Regards,Maulik

Hi everyone,The end users are experiencing delay and slowness when taking RDP sessions through Password Safe on-prem. Usually they have to read logs and commands and the slow and delayed screen output is becoming a hassle for them, resulting in a very poor user experience.After some researching, I found a commonality in the solution that it an issue with the client’s network, however, they are not ready to accept it.According to them, when they take RDP directly from the U-series appliance, the session is much better but from the Web UI, it’s very delayed and slow.Has anyone here encountered an issue like this, if yes, how did you solve it.Thanks in advance.

Hi Beekepr ,  Does Password safe support password rotation base on managed asset /application session instead of time-based interval. Regards,Maulik

Hello team, could someone please share the prerequisites what we required to further onboard and the key information we need to request from the customer regarding this Azure? Below, I have outlined the relevant scenarios. Customer Mentioned: This is an Cloud SaaS Password Safe, Users are in Azure EntraID and servers are Domain-Joined. I have collected these below KB's :Configuration SAML Azure EntraID - https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sys_kb_id=dd8ff4a91b019e946fe95287624bcb37 EntraID FA MA - https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sys_kb_id=aad9352747511e50b77b3ddbd36d4384 Attached Asset requirement sheet.Thansk!

Employees with EPM installed are having issues printing with Excel and I cant seem to figure out what is holding that up when printing works fine with everything else. 

Hi  I would like to see if we can block commands in CMD for Windows Platform.If yes, how can we do a sample would help for building it.RegardsNaveen

The following articles were published last week. New Knowledge Base Articles: KB0023090 - What does Patch HELP-11956 do? KB0023092 - Unable to deploy Jump Clients through Zone Proxies error "HTTP: Failed response code: 403" KB0023098 - Can OpenID Connect be used for authenticating Jump Items in a session? KB0023103 - Remote Support or Privilege Remote Access freezes repeatedly after upgrading an environment with failover configured

The following articles were published last week. New Knowledge Base Articles: KB0023090 - What does Patch HELP-11956 do? KB0023092 - Unable to deploy Jump Clients through Zone Proxies error "HTTP: Failed response code: 403" KB0023098 - Can OpenID Connect be used for authenticating Jump Items in a session? KB0023103 - Remote Support or Privilege Remote Access freezes repeatedly after upgrading an environment with failover configured

The following articles were published last week. New Knowledge Base Articles: KB0023078 - Error when installing EPM-W - The system administrator has set policies to prevent this installation KB0023096 - Performance issues with EPM-W and Symantec

The following articles were published last week. New Knowledge Base Articles: KB0021516 - Entra ID mapping fails when using a Smart Rule based on employeeNumber KB0021799 - SSH to Paltoalto 7.1 fails with Access denied. Changing password fails: A supplied password or user name is incorrect. Account verification failed KB0023010 - Azure Connector unable to pull servers from a resource group - Scan connector fails to load results resource not found KB0023023 - Resource Broker not showing in the Default Resource Zone - A connection attempt failed KB0023086 - Functional Account test fails after switching to passive node "Error: Unexpected error occurred: Bad Gateway" KB0023089 - Reset the administrator account of the appliance and the local machine RDP account KB0023091 - How to update a Password Safe Cloud Resource Broker with the latest Microsoft .NET security patch release KB0023095 - At

I have a very unexpected behavior in my environment.I have multiple desktop applications and web applications created using both PS Automate and AutoIT.Sometimes a user tries to launch Application X, but instead Application Y is launched, and the wrong credentials are supplied.I need to know how to troubleshoot this issue.

Hi All, I am onboarding Toad in BeyondTrust Password Safe. If anyone has done this before, could you please share the .ini or .au3 file you used for passing connection details? Thanks in advance. 

I’m trying to see if it’s possible to utilize an SSH client manager like SuperPutty or mRemoteNG for managing SSH sessions that use SAML authentication.  We can not use the Direct Connect feature due to SAML being token based.  Any guidance would be greatly appreciated.

Hello Everyone,I’m working on password rotation for a custom (unsupported) application using the BeyondTrust Password Safe Cloud REST API. Before proceeding, I want to confirm whether such an application can be integrated for automated password rotation.Can someone clarify:What technical criteria or parameters must a custom application support in order to be compatible with Password Safe Cloud’s REST API-based password rotation?For example: Required authentication methods? Connectivity or protocol requirements? Ability to expose credentials or respond to rotation workflows? Any mandatory fields/settings needed in Password Safe for custom platforms? Any limitations or known restrictions for cloud API rotations? Any guidance or examples from your experience would be greatly appreciated.Thanks!

Has anyone else experienced issues with Windows Search or indexing not functioning properly following the latest patch? We've observed that removing the PAM agent seems to restore search and indexing functionality.Has anyone else seen similar behavior or found a workaround?

Hello,We have a on-demand rule for Command prompt for a set of users . This rule allows running of child processes with Basic Admin token for Windows Command Prompt - Run-As-Admin action.For same set of users , when they try to install another application using Run-As-Admin option , based on quick-start rules it gets Admin token which gets applied to child processes as well. But at one point in installation Command Prompt is launched by the installer , this results in additional prompt for the user . Logs show that it is hitting the Command Prompt on-demand rule. I think as the application is triggering the Command Prompt and it has application name as parent process, it should ideally get the admin token and not hit the CMD on-demand rule ?

Hi All,I'm provisioning a new on-prem BeyondTrust Password Safe to test the reporting and analytics features on BeyondInsight 25.1.1.The issue is that the Domain section shows 'This list contains no data,' which prevents me from proceeding with report generation.Did I miss a necessary configuration step? Any help with this issue is appreciated.Thanks.