Skip to main content

Unanswered questions

39 Topics
E
egemenApprentice
asked in Windows & MacOS
Epm-W delete policy

For EPM Windows, is there any way to remove the policy on endpoint agent.I want the turn them into first no policy “monitoring” state in certain conditions. thinking about changing the smart rule. I gave empty smart rule to the machine but latest policy on it remains there.Can I do it on smart rules or something without and rdp? Or I always need to delete the xml under Program Data?

203
J
11 days ago
R
RahulBApprentice
asked in General
How to manage local scan account and functional account step by step

Hello Everyone, I can understand the logic behind the automatic password rotation of local functional account even if we have new server onboarded using same first functional account credentials, but it is untested. i am trying to test it and update it once done. Regarding the Local scan account i actually do not have any idea that how can we manage it (Using enable scanner on managed account i know but what if we have onboarded 100 servers and now we need to scan 100 more and the scan account is using old credentials on remaining 100 servers also if i need to perform the scanning on old scanned assets?)There are lots of questions in my mind regarding the management of local scan accounts.Please feel free everyone to share your recommendations………………………….

792
R
11 days ago
S
samiRising Star
asked in General
PRA Questions

Hi Everyone.I am new to PRA and have few questions that I would like to clarify. Appreciate your feedback on these.When we have PRA Cloud and On-Prem Jump Cluster deployed. Does the Jump clients communicate to PRA cloud via the Jump Points or they make a direct outbound connection to PRA cloud by default?    Typically each Jump Point handles around 25 concurrent connections? Are they also storing any session recordings locally? typically what should be the specifications for the Jump server for a mid size org like (CPU, Mem and Disk)? Is there any sizing calculator that we can use or some assumptions to take into consideration when determining the resources required for sizing the Jump Point?   If we have AWS and On-Prem servers, Can we do segregation for Jump Points? Like for Azure environment, deploy a Jump cluster there that would be specifically used to access servers deployed in Azure and Deploy another On-Prem Jump cluster that would be typically used to access servers deployed o

452
P
BeyondTrust Employee
15 days ago
B
bpkothariNewcomer
asked in General
Prevention of sensitive info ON Workforce Password Manager UI

On user interface there are many fields which allows users to enter clear text info. We have seen users adding passwords, secrets, credentials entering these fields which also get stored as clear text in DB. We want to stop / prevent users submitting such info from UI. 1) How do we configure / control this? 2) How do we change label of such fields to warn users not to enter such info 3) How do we add a custom banner to warn / alert users not to enter sensitive info anywhere in WPM / Secret Safe / Password Safe? We were able to add similar banner in ERPM PI. We need such customization for Password Safe / WPM and Secret Safe.

381
N
BeyondTrust Employee
21 days ago
B
bpkothariNewcomer
asked in General
Migration of Personal Vault from ERPM PI to Workforce Password

We are moving from ERPM PI to Workforce Password Manager (24.2.1.104). To have easy adoption of WPM, its important for us to provide some migration utility from PI to WPM during initial setup. It will be really bad for us to go back to end users telling we are moving to new product and now you migrate your own accounts to new product after using ERPM PI for years. What are the various options (partial or full migration). We need this to plan adoption strategies.

141
P
BeyondTrust Employee
21 days ago
M
Mauro MarquesNewcomer
asked in General
Best practice

Hello,Want to ear you from your experience about one point. Context:Group with 20k computers spread out in diferente business units (countries).Cybersecurity: centralized team for all the group.Helpdesk: each business unit (country) have their own team (some from an external provider and some other it’s internal technicians), with a dedicated IT manager. Those helpdesk teams have a quite huge turnover of people, over the time. Considering that (if I’m not mistaken) only administrator role can have the possibility to add/remove users from Group Policies, what is the best approach/what your experience tells?:Concentrate the administrator role only to cybersecurity team members? Problem/dificulty I see: it put all the heavy work of add/remove users (as I mentioned, there’s a huge turnover on helpdesk teams) to Cybersecurity team. Give administrator role to people on each business unit side (for example to the managers of each helpdesk teams)? Problem/difficulty I see: it give administrat

631
R
BeyondTrust Employee
22 days ago
E
egemenApprentice
asked in Windows & MacOS
Poweshell script for creating EPM policies

Is there anyone worked on some kind of powershell script to generate policies, application groups etc.?Trying to create some policy automic policy making process. 

572
AdamS
BeyondTrust Employee
25 days ago
R
RidwaanKApprentice
asked in Buzz Board
MFA for Local UVM account BTADMIN

Question to the Beekepers forum , ON the UVM we have a local account BTADMIN . The question is it is possible to have some sort of MFA or Authenticator token  to be generated when ever we use the BTADMIN to log into the UVM. The request is to enhance the monitoring or usage of the when the account is used to logon locally to the UVM

392
R
25 days ago
P
prakash.rApprentice
asked in General
Is there a database for BeyondTrust Password Safe latest Vulnerabilities?

Hi there,I'm trying to get the latest vulnerabilities for BeyondTrust Password Safe (PS). I found this link: https://www.beyondtrust.com/trust-center/security-advisories, but the last advisory for Password Safe seems to be almost six months old.Is there a database or mailing list/RSS feed that provides more up-to-date vulnerability information for this solution?

562
P
26 days ago
E
EdenNCITApprentice
asked in General
Remote Support 24.3.1 Upgrade Pending

We have 50+ jump clients that are showing in an Active [Upgrade Pending] state and are inaccessible.  The devices are on the network, pingable, and I’m able to open a remote PowerShell session on them using enter-pssession, however, they’re not completing the jump client upgrade process. I’ve been able to get a few to complete the upgrade after forcing multiple reboots.  In two cases I had to gain physical access and uninstall the old client and manually install the new one.Is anyone else seeing these issues?

82313
C
28 days ago
R
rimeda201Apprentice
asked in General
RDS Error on application

Hello, i’ve created an application via Remote Desktop Services using AutoIT that use $CmdLine[1] and $CmdLine[2] for user and password, when will execute on CMD with “C:/locate.exe user password” work’it, but, execute direct with double click appear the message “Array variable has incorrect number of subscripts or subscript dimension range exceeded” and same thing happen when i execute within Password Safe… whats happen? Theoretically, Password Vault will enter the user and password automatically...

952
R
29 days ago
L
lineTrailblazer
asked in General
Integrate SQL management studio with credential injection on PRA

Jump SQL management studio with credential injection on PRA

612
L
29 days ago
R
RidwaanKApprentice
asked in Buzz Board
Fortinet Firewall cluster onboarding

Hello Beekepers I have a question with regard to Fortinet Firewall onboarding. We have Firewalls in HA that have 1 active and 1 passive device using a single IP  so basically these devices are clustered. Can Password safe onboard the devices that utilize a single IP. We found that we can only onboard the active node and not the passive node. Has anyone seen this before and how did you onboard

432
R
29 days ago
G
GrantNewcomer
asked in General
Mass install & uninstall

We just got upgraded to 24.3.1 and noticed the jump client installer is different. There doesn’t seem to be a KEY_INFO anymore. Also looks like the client gets installed to the C:\Program Files instead of C:\ProgramData too.  Is there updated documentation on installation and uninstalling in a mass deployment?

861
P
BeyondTrust Employee
29 days ago

Badge Earners

  • BCSE: Privileged Remote Access
    Kragballehas earned the badge BCSE: Privileged Remote Access
  • BCA: Password Safe
    kgujashas earned the badge BCA: Password Safe
  • BCIE: Password Safe
    kgujashas earned the badge BCIE: Password Safe
  • BCIE: Password Safe
    Vinoth Rajahas earned the badge BCIE: Password Safe
  • BCA: Remote Support
    Pablo Salashas earned the badge BCA: Remote Support
Show all badges
Terms & ConditionsCookie settings