Skip to main content

Windows & MacOS

A localized space to talk about EPM, specifically for Windows And Mac OS's.

  • 153 Topics
  • 445 Replies
153 Topics
B
Community Manager
BeyondTrust CommunicationsCommunity Manager
published in Windows & MacOS
Monthly Buzz - May - Endpoint Privilege Management

How the Full-Stack Approach to PAM Builds Least Privilege Defense-in-Depth For many years, including 2025, the analyst community has recommended Privileged Access Management (PAM) for human and non-human identities as a crucial discipline to mitigate modern identity attack vectors. Organizations face increasingly sophisticated threats that target all forms of identities and accounts—especially those with privileged access. Privileged accounts hold the proverbial keys to the kingdom and provide access to critical systems, sensitive data, and the overall administrative control of the entire enterprise. When any account is left overprivileged or unmanaged, attackers can exploit a single compromised identity to move laterally, escalate privileges, and execute ransomware or exfiltrate data. In a hypothetical example of a high-profile breach, an attacker that has leveraged administrator credentials somewhere in the attack chain can disable security tools, encrypt systems across the network,

90
B
Community Manager
M
mlajoieRising Star
asked in Windows & MacOS
Add certificates to macOS

We get the following error when trying to add a trusted certificate to the keychain from terminal:  SecCertificateAddToKeychain: Write permissions error We’ve tried with sudo and with that we get the following error after being prompted by the OS for an admin user name and password:  SecTrustSettingsSetTrustSettings: The authorization was denied. Any insights into how we can add certificates to the keystore would be greatly appreciated.  Thank you!  

475
C
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in Windows & MacOS
Endpoint Privilege Management (Windows/Mac) - Knowledge Article Publications (May 19 - May 26)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0022408 - Not able to validate settings for ServiceNow in JIT Access Settings KB0022429 - MSI installs using Package Manager fail "Error 1618 (Another installation is already running)" KB0022448 - Endpoint App compatibility for 24.5 - Endpoint App missing on some clients KB0022462 - EndpointUtility freezes when run from elevated cmd or PowerShell

80
GloriaB
BeyondTrust Employee
M
mlajoieRising Star
asked in Windows & MacOS
Elevate Acrobat.exe

We have acrobat.exe wanting to launch in an elevated mode.  It is hitting the ‘add basic admin’ rule in our low flex workstyle.  We have a message attached to this that allow for admins to input their credentials.  This works.  The problem is that adobe seems to want to launch acrobat.exe elevated for updates.  I don’t know that it’s a good idea to always launch adobe in an elevated mode so is there a better way to control this behavior?  Any thoughts or ideas are greatly appreciated.

433
H
BeyondTrust Employee
Josh Bristow
Josh BristowVeteran
asked in Windows & MacOS
PMC Analytics - Parent Process

Maybe I’m missing it, but is there an easy way to filter the view to only show events that were generated because the rule matched on parent process. I’d like to weed out all the spawned child events from the view. I do believe this was possible in the v1 of analytics.

131
tclowater
BeyondTrust Employee
J
Jeffrey S.Apprentice
asked in Windows & MacOS
GIT Project asks for credentials and fails when fetched through EPM-W elevated Visual Studio

Hi everyone, I have users unable to clone repos from our Git repos using Microsoft Visual Studio using elevated permissions. Same issue that KB0020044 describes. That KB says to update to EPM-W 24.1 and the issue would be fixed, but I’m still having this issue. Does anyone have users that use Visual Studio and Git in this manner? Is it working for them and if so, did you have to do anything special to get it to work? Thanks!

41
tclowater
BeyondTrust Employee
Y
Yuvaraj NApprentice
asked in Windows & MacOS
How to get the installation file PMC Settings XX.pkg and BI Settings XX.pkg

How to get the installation file PMC Settings XX.pkg and BI Settings XX.pkg for installing in Mac machine?

61
P
BeyondTrust Employee
J
JiaweiApprentice
asked in Windows & MacOS
Blocking Ability to Rename a Speciifc File

Hello, Right now I have a content rule in place to block modification of a certain file. It blocks the ability to edit but I can rename the file with a High Flex Workstyle. Is there a way to lock down the ability to rename that file via explorer in the High Flex Workstyle? Thanks,Jiawei 

442
J
H
Harjinder SinghApprentice
asked in Windows & MacOS
Package Manager Components vs Intune/MS Endpoint Manager Apps clash

Does anyone else have this issue, during deployment of PMC Package Manager in Intune Autopilot & MS Endpoint Manager OS Provisioning, it downloads the 2 components, the client and the cloud adapter and then when other Intune/MECM MSI packages are coming in, there is error 1618 (Another installation is already running), this can happen vice versa, depending which tool runs the MSI first, Package Manager or Intune/MECM. We are currently thinking of getting rid of Package Manager and use these deployment tool to install these 2 components, so such a clash doesn't happen. But if anyone else has better ideas, most welcomed.

373
H
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in Windows & MacOS
Endpoint Privilege Management (Windows/Mac) - Knowledge Article Publications (May 12 - May 19)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0022186 - Warning occurs when copying files to Azure File Share when EPM-W is running KB0022226 - Azure Files incompatibility with EPM-W features using Alternate Data Streams (ADS) KB0022370 - Domain authentication fails when pre-Windows-2000 domain names aren't supported KB0022376 - EPM-M limitation with Network Link Conditioner tool KB0022378 - What is the difference between elevation and allowing an application? KB0022392 - How to block specific application installs via Homebrew using EPM-M KB0022403 - Issue with computer or adapter IDs (GUIDs) being overwritten

70
GloriaB
BeyondTrust Employee
A
Anil ReddyApprentice
asked in Windows & MacOS
Demonstrate in the policy where the additional options are located, which enable the event logging for other EPM versions.

HI All, Can you please provide me any one for the answer step by step. thanks and looking for your support.

353
MikeK
M
MichaelDVeteran
asked in Windows & MacOS
EPMfW v 25.2 prompting for elevation (Task manager, regedit, console items)

Good day.  We have been testing EPMfW v25.2 in our environment for a little bit and thought we had some good progress…. until we starting increasing our deployment.  Post upgrade with 25.2, we are seeing many instances where users are being prompted for a challenge/response code or to elevate (depending on workstlye) when launching simple items like registry editor or task manager.  None of these require elevation when launch as a standard user in any policy we’ve deployed.   However we have numerous instance of this happening.  version prior 25.2 weren’t doing this and it seems that 25.2.40.0 isn’t doing this either.  There are some vague hints at something occurring when reviewing release notes in 25.2.11.0 https://docs.beyondtrust.com/epm-wm/changelog/privilege-management-for-windows-25-2-11-release-notes.   I’ve opened a case but thought I’d inquire here as well.  Anyone facing these types of issues?

424
J
C
cmscottRising Star
asked in Windows & MacOS
Connect from MMC to BI error

After installing PrivilegeManagementPolicyEditor_x64_v25.2.40.0.exe on workstation, I am tying to connect to the BI appliance.I went into the BI appliance and created a new Installer Activation Key. Entered key details, Beyond Insight Server and Workgroup Name.  For BeyondInsight Server, “test” successful.  However, once I select “connect”, get “Failed to connect. Please check server details.” BT Self Signed certificate with clientinstaller installed on client machine "C:\Program Files\Avecto\Privilege Guard Client\EndpointUtility.exe" /bi /c /debugBeyondInsight Connection Settings:Connection Method. . : OAuth (Configured)URL. . . . . . . . . : https://xxxx/EventCollectorInstall Identifier . : xxxxxxxWorkgroup. . . . . . : BeyondTrust WorkgroupTesting connection...Unexpected communication error.Error 0 : An error occurred while sending the request.Error 1 : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.Error 2 : The remote c

402
C
A
AngelaApprentice
asked in Windows & MacOS
How to switch between the policy distribution models for EPM-W

Can someone please assist with how to switch between policy distribution models?I am trying to prepare for the EPM-W lab assessment, and one of the items states: Explain how to switch between the policy distribution models.I have searched my notes from the training, the BeyondTrust Knowledge Base, support documentation, and all online resources I could find, including this forum, but I have not found any information on how to switch between the different policy distribution models.Can someone provide information on how that would be done or where I can locate specific information on this?Thank you in advance.

1143
P
BeyondTrust Employee
A
Anil ReddyApprentice
asked in Windows & MacOS
How the process of adding exclusions and clearly explain which settings would need to be altered

HI Team, I am trying to configuring the EPM for windows .Can any one please provide me the process of exclusions. Thanks. 

573
J
A
Anil ReddyApprentice
asked in Windows & MacOS
Give a brief overview of each EPM edition?

Hi All, Can you please help me on the above query answer if possible share with over view of the each epm edition discerption. Thanks

481
H
BeyondTrust Employee
GloriaB
BeyondTrust Employee
GloriaBBeyondTrust Employee
published in Windows & MacOS
Endpoint Privilege Management (Windows/Mac) - Knowledge Article Publications (Apr 28 - May 5)Weekly KB Publications

The following articles were published last week. New Knowledge Base Articles: KB0022227 - Debugging or other developer tools cause elevation prompt "developer tools access is trying to take control of another process" KB0022280 - BeyondInsight EPM Reporting issue - Transparent details pane when in "Match System Theme" KB0022288 - What does the ManageSystemProcesses registry key do? KB0022290 - EPM-M limitation with MAMP Pro KB0022295 - How to create replacement definitions for PGNetworkAdapterUtil, PGPrinterUtil and PGProgramsUtil KB0022296 - EPM-M limitation with Keychain Access KB0022297 - JetBrains Toolbox update fails using EPM-M elevation KB0022299 - EPM-M and Xcode compatibility KB0022302 - Is there a way to view all application types at once in EPM Analytics? KB0022303 - What does "Yes" vs "No" mean when filtering for "Admin Required" in EPM analytics ?

120
GloriaB
BeyondTrust Employee
A
Anshuman PatidarNewcomer
asked in Windows & MacOS
Manual Policy Refresh Issue

Hi, We have an issue of manual policy from PMC console is not getting refreshed to latest version when trying to manually refresh the policy. Although all looks good on PMC console, if I try to manually refresh a policy on a machine in PMC console it will say that system is on latest assigned policy, I will also get a message that system is on latest revision but when I check in BT icon > right click the policy is still on older version.Automatic policy refresh works fine that is when system check-in with PMC console on its own the latest policy is applied without any issue.I have test policy group where the policy refresh is working perfectly fine only production policy group we are facing this issue.If anyone of you has encountered this issue, it will great help if you can suggest what could be the possible reason.  

871
MikeK
A
Anil ReddyApprentice
asked in Windows & MacOS
the difference between elevation of an application versus allowing an application

Hi All, Can any one please provide me the difference between elevation of application and allowing an application. Thanks

351
J
M
MichaelDVeteran
asked in Windows & MacOS
EPMfW: U-Series (on prem) API for Response codes

Hi I’m trying to confirm if there’s any API/REST documentation around generating response codes for on-prem U-Series BeyondInsight instances.   I know in the cloud we have additional options but at this moment looking for U-Series API calls for generating response codes. 

191
H
BeyondTrust Employee
C
cmscottRising Star
asked in Windows & MacOS
public cert for oauth on EPM on prem

HelloThe epm on prem KB0021155 states in order to use oauth for client agent configuration, the BeyondInsight appliance must have a publicly trusted certificateThe term publicly trusted is vague. Can the publicly trusted certificate be an organization signed cert from thei domain? If not, what examples of publicly trusted certificates?

552
C
B
Community Manager
BeyondTrust CommunicationsCommunity Manager
published in Windows & MacOS
Monthly Buzz - April - Endpoint Privilege Management - Windows and Mac

New Just-in-Time Admin Access Release 24.7 introduces Just-in-Time (JIT) Admin Access, designed to enhance productivity while maintaining least privilege. This important new feature now allows users to request temporary local admin permissions directly through the EPM endpoint app, making it easier to manage scenarios not yet covered by existing policies. Admins can approve or deny requests, set session durations, and monitor privileged actions during a session to ensure full auditability and compliance. Integration with IT Service Management (ITSM) tools like Jira −via webhooks integration−provide even more flexibility in managing access requests.  Watch the following YouTube link for a walkthrough on how to set this up in PM Cloud:  Interested in learning more?  See the following post in our BeeKeepers Community for additional information along with our technical documentation. Latest Available Version:Endpoint Management Cloud 25.2– February 2025Endpoint Management for Windows 25.2.

500
B
Community Manager
C
cmscottRising Star
asked in Windows & MacOS
On-PREM (BI) EPM integration - How to browse AD Users/Groups

Does the Web Policy Editor in a U-Series have the capability to browse AD via BI (i.e. Directory Credentials)?  EPM Cloud is not an option. 

262
M
B
bt101Veteran
asked in Windows & MacOS
app parameters for PRA - BT Desktop Agent based app launch and cred injection

Hello! is there any documentation that includes example parameters/strings that should be used while launching apps using PRA BT desktop agent. Admin guide has details of configuration options but nothing further e.g. example strings. I am able to connect to RDP using first set of  credentials , at one time was able to launch web browser but later started seeing error in chat windows that says file name/path could not be found. 

292
B
A
AdamSaNewcomer
posted in Windows & MacOS
Best Practices of application policies - macOS

Hello! First time poster here, hope everyone’s doing well.I have a couple of questions regarding the macOS application policies, hopefully someone can lend me a hand and help out :) My BT EPM for Mac is currently set to ‘listening mode’ - it reports back on our users application usage [what’s installed, what’s opened, what’s being used etc.]. I want to use it to create policies on applications that should be ‘allowed’ or ‘disallowed’ based on different factors. The questions are as follows:When adding a policy based on a reported application, the in-built ‘add to policy’ button gives me two automatically assigned arguments: URI and Publisher. Could someone explain, what an URI is? Is it ok to use that as an argument regarding if an application should be allowed for usage? My first though was that it’s the applications unique ID - the bundle ID - but that’s not it after further insight. Is there a way to have an argument that uses the Bundle ID of an application? for example: com.micros

321
M

Badge Earners

  • BCSE: Identity Security Insights
    CDashhas earned the badge BCSE: Identity Security Insights
  • BCA: Password Safe
    Martin_Acostahas earned the badge BCA: Password Safe
  • BCA: Endpoint Privilege Management - Mac
    jchewhas earned the badge BCA: Endpoint Privilege Management - Mac
  • BCA: AD Bridge
    safaey.atefhas earned the badge BCA: AD Bridge
  • BCIE: Privileged Remote Access
    Enrique-Corehas earned the badge BCIE: Privileged Remote Access
Show all badges
Terms & ConditionsCookie settings