BeyondTrust update broke our RDM's saved server list and Console list
BeyondTrust update broke our RDM's saved server list and Console list
Hi,
Our Security Department updated BeyondTrust from version 6.9 to 7.1 and afterwards most of our saved servers come up with this error:
Our Security contact opened a ticket with BT and they reported that there were several API changes made between the versions and it's possible that RDM needs to have an update for these to work. However, I do have a few VMs that do work. Not many compared to the total list of servers I manage, but a few. And it doesn't matter if they are new, old, same VLANs, etc...there is nothing in them that has any type of similarity or correlation that I can spot. Also, the other method of accessing these servers through BT, using the Web method, works fine. I can see all of the servers in the list from our access on the BT website. However, if I refresh the console here, I do not see any of the servers that are missing. It's like RDM is not pulling our full list at all. I have upgraded RDM to version 2020.3.19.0.
RDM error.png
All Comments (12)
Hello,
We are in discussion with BeyondTrust to get onboarded to their partnership program as explain by Maurice here
https://forum.devolutions.net/topics/33888/did-the-beyondtrust-connection-types-get-remove-from-newer-rdm-version#146842
We are waiting for the agreement to update our implementation.
Best regards,
Jeff Dagenais
Any update to this? The wolves in my group are restless and of course I've had to bypass the BT connections which isn't making our Security Department too happy (as you can imagine :P )
Hello,
We have been accepted in the BeyondTrust partnership program. We are currently working on updating our servers internally so that we can start the development soon.
Unfortunately, I cannot provide you an exact date when BeyondTrust will no longer be deprecated, but we will post back here when it will be the case.
Best regards,
Jeff Dagenais
Hi,
The removal of the Deprecated flag is already in our code base for our 2021.1 cycle, so it will be in the first beta build.
As far as MFA, its our top priority in the coming weeks. As Jeff said, we are attaching a new BT appliance to one of our hypervisors, I just need time to set it up and deliver it to engineering. I will do what I can so that it appears when we deliver 2021.1 for General Availability.
Maurice
Checking back in to see if there's an update. Management is asking (as is our Security Department because, you know "Security" lol). Any update I can provide both areas? Thanks.
I don't know if you offer users the option to test versions you are working on, but I generally live off of using BT integrated inside of RDM as I patch our servers and use RDM/BT to fix various patching issues. I'd be willing to make a copy of my RDM config files and test any issues if you need testers for this.
I am interested to know what the status is. Any update?
Second question. does beyondtrust integration require enterprise? I assume so, thus I'm waiting to verify that integration is working before I download the 30day trial.
I have to go through hoops to get software installed on my work desktop.
Hello,
This issue was related the introduction of paging in the BT API, this was done quite far back. The other issue that was pending is to support MFA workflows, and this is in the latest release, where we struggle is to test these improvements out.
Setting up SAML integration to test further is where I'm currently at. The APi is simple and it should work across multiple different scenarios, but its really tough for us to perform integration testing with all topologies.
Sorry for the lack of guarantee. How is your BT configured for authentication / MFA?
Maurice
Currently, we’re using PingID but only in limited usage for critical servers such as ones that are required for PCI/DSS. Otherwise, we’re just using BT with nothing else enabled. I know our security department is getting antsy with the lack of information here because we came forward with this solution a couple of years ago and as SysAdmins, we felt their solution of having to go into a web portal to RDP to servers one at a time with no multi-tabbed solution was time consuming and non-productive for us. So I am really hoping this gets resolved soon.
when you say "this gets resolved soon", exactly what is not working for you?
Maurice
when you say "this gets resolved soon", exactly what is not working for you?
We're still getting this error which is still indicative of the original issue we had when we reported the issue when it first started. Is there anything else we need to do to resolve this? I just updated the version to 2021.1.26.0. When I double click the BT enabled RDP session, I get the error below. I have not changed anything about the BT enabled session. that we have configured inside of RDM.
Error.png
Hello,
Why dont we jump on a remote session, please drop us a note a ticket@devolutions.net with a subject of Maurice, we will send you a booking link to schedule a session at your convenience
Maurice
Hello,
We've updated our BeyondTrust Password Safe implementation to support their new API.
This will be included in version 2021.2.5.0.
Regards
Jonathan Del Signore