DocumentationAPI ReferenceRelease Notes
Documentation
Start typing to search…

Advanced configuration

After you complete the steps in the Getting Started with U-Series Appliance article, you’re ready to move on to advanced configuration. This article walks you through those next steps and helps you fine‑tune your setup.

Advanced post configuration steps.

Key management service support

After installation and configuration, if your server does not automatically discover the Key Management Service (KMS) server, you may receive a Windows activation failed message. Specify the KMS key and IP address again.

You can replace our key with a known Volume License Key and then call into your KMS server to count against your total (number of licenses).

To activate your volume license key:

  1. From the left sidebar, under Software and Licensing, click Product Licensing.
  2. Click the Microsoft tab, and select the KMS (Key Management Service) option, which displays two fields to complete.
  3. Enter your Volume License Key.
  4. Enter the KMS (Key Management Service) that will validate and track the license. This is only valid on appliances created as volume images.
  5. Click Activate Windows.
ℹ️

For more information, see Why did Windows activation fail on my EC2 Windows instance?.

Update running instances for the Amazon U-Series Appliance deployment

The U-Series Appliance available in the Marketplace is based on an AWS Windows AMI that is configured by BeyondTrust. This includes drivers and configurations that support the AWS instance types available when the AMI was built. Over time, these drivers may require updating, as Amazon does not force an update to running virtual machines. BeyondTrust is working on a method of delivering these drivers directly to your U-Series Appliance, and notifying you of the need to update (which requires a reboot of your U-Series Appliance). Until that update method is available, we fully support manually updating these drivers as per the AWS guidance, as documented in the below sections.

Prior to updating any drivers, we recommend taking a snapshot of your running instance.

Take a snapshot / back up your AWS instance

When working in virtual environments, we recommend periodic backups of the virtual machine. We also recommend creating a backup prior to any updates that affect the operating systems of the virtual machine.

Back up application data on a U-Series Appliance as follows:

  1. From the Network > RDP and Console Access page in the U-Series Appliance management console, slide the Enable RDP and Appliance Console Access to enable remote desktop and console access.
  2. Using RDP, connect to your U-Series Appliance to shut it down gracefully.
  3. Open the Amazon EC2 console.
  4. From the navigation pane, select Instances.
  5. Find the instance that represents your U-Series Appliance and right-click it.
  6. Select Connect.
  7. Click Download Remote Desktop File to connect to the U-Series Appliance.
  8. Use your U-Series Appliance credentials to sign in.
  9. From the Windows Start menu Power options, click Shut down.
  10. Refresh your EC2 console periodically until the Instance State column changes to Stopped.
  11. Right-click the instance, select Image, and then select Create Image. Provide an image name and description.
ℹ️

There might be costs associated with the storage of the image. BeyondTrust is not responsible for any incurred costs, and it is your responsibility to manage any costs associated with image backups. If a backup is recommended during an upgrade, you can delete the backup after the upgrade is determined to be successful.

  1. After the image is created, right-click the instance, and then select Instance State > Start to restart your U-Series Appliance.
ℹ️

For more information, see Configure RDP.

🚧

Important information

At this time, we do not recommend using the AWS Systems Manager console and the SSM Agent for updating instances. BeyondTrust packages and distributes updates using the Security Update Package Installer.

The Elastic Network Adapter (ENA) drivers (Update AWS ENA drivers) and the NVMe drivers (Update AWS NVMe drivers) only apply to instance sizes that use the Nitro hypervisor (A1, C5, C5d, C5n, M5, M5a, M5d, p3dn.24xlarge, R5, R5a, R5d, T3, and z1d). Of these, we only recommend using M5, M5a, and R5 instances, so you only need to update these drivers if you deploy a U-Series Appliance to one of these three instance types.

We recommend updating the following drivers:

Update AWS PV drivers

  1. Connect to your instance and log in as the local administrator.
  2. To verify the version of the driver, open Control Panel and select Programs and Features.
  3. Look for AWS PV Drivers in the list of installed programs. The version number appears in the Version column. Alternatively, you can verify the driver version currently installed by running the following Windows PowerShell command:
Get-ItemProperty HKLM:\SOFTWARE\Amazon\PVDriver
  1. Check to see if you have the latest version in the AWS PV Driver Package History table. If no value is returned by the above command or if it is not listed in Programs and Features, update the driver.
  2. Download the latest driver package to the instance, or run the following PowerShell command:
PS C:\>invoke-webrequest https://s3.amazonaws.com/ec2-windows-drivers-downloads/AWSPV/Latest/AWSPVDriver.zip -outfile $env:USERPROFILE\pv_driver.zip expand-archive $env:userprofile\pv_driver.zip -DestinationPath $env:userprofile\pv_drivers
  1. Extract the contents of the folder and then run AWSPVDriverSetup.msi.
  2. After running the MSI file, the instance automatically reboots and then upgrades the driver. The instance is not available for up to 15 minutes.
  3. After the upgrade is complete and the instance passes both health checks in the Amazon EC2 console, you can verify that the new driver was installed by connecting to the instance using Remote Desktop and running the command provided in step 1.
ℹ️

To download the latest driver package, click https://s3.amazonaws.com/ec2-windows-drivers-downloads/AWSPV/Latest/AWSPVDriver.zip.

Update AWS ENA drivers

This procedure applies to M5, M5a, and R5 instances only.

  1. Connect to your instance and log in as the local administrator.
  2. Click the Windows Start menu button, and type Device Manager (Enter) to open the Device Manager.
  3. Under Network Adapters, right-click Amazon Elastic Network Adapter and select Properties.
  4. On the Driver tab, verify the driver version that is installed. Verify the version installed against the Amazon ENA Driver Versions list.
  5. Download the latest driver to the instance.
  6. Extract the files from the zip archive.
  7. Install the driver by running the install.ps1 PowerShell script as administrator.
  8. If the installer does not reboot your instance for you, restart the instance.
ℹ️

To download the latest driver package, click https://s3.amazonaws.com/ec2-windows-drivers-downloads/ENA/Latest/AwsEnaNetworkDriver.zip.

Update AWS NVMe drivers

This procedure applies to M5, M5a, and R5 instances only.

  1. Connect to your instance and log in as the local administrator.
  2. Click the Windows Start menu button, and type Device Manager (Enter) to open the Device Manager.
  3. Under Storage Controllers, right-click AWS NVMe Elastic Block Storage Adapter and select Properties.
  4. On the Driver tab, verify the driver version that is installed. Verify the version installed against the AWS NVMe Driver Version History list.
  5. If you need to update, download the latest driver package to the instance.
  6. Install the driver by running dpinst.exe.
  7. You may get disconnected from RDP when the update runs and the instance reboots.
ℹ️

Update the EC2Config application

  1. To verify the version of EC2Config, launch an instance from your AMI and connect to it.
  2. In Control Panel, select Programs and Features.
  3. Look for Ec2ConfigService in the list of installed programs. The version number appears in the Version column.
  4. Consult the EC2Config Version History to determine if you need to update.
  5. To update, download and extract the EC2Config installer.
  6. Run EC2Install.exe and follow the prompts.

Update the EC2Launch application

As of the 2020-R1 image, BeyondTrust does not configure or use EC2Launch, but it may be used in future releases. For this reason, we do not recommend manual updates. If you have a need to use or upgrade EC2Launch, contact BeyondTrust Technical Support.

Updated about 5 hours ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.