DocumentationRelease Notes
Log In
Documentation

DESKTOP ACCESS CONSOLE USER GUIDE

This guide is designed to help you install the BeyondTrust access console onto your computer and understand the features of the solution. BeyondTrust Privileged Remote Access enables you to access remote endpoints by connecting to them through the BeyondTrust Appliance B Series.

Use this guide only after an administrator has performed the initial setup and configuration of the B Series Appliance as detailed in the BeyondTrust Appliance B Series Hardware Installation Guide. Once BeyondTrust is properly installed, you can begin accessing your endpoints immediately. Should you need any assistance, please contact BeyondTrust Technical Support at www.beyondtrust.com/support.

Install the access console

In any web browser, go to the URL of your B Series Appliance followed by /login and enter the username and password set by your administrator. You may be prompted to change your password the first time you log in.

From the My Account page, download and install the BeyondTrust access console. The option defaults to the appropriate installer for your operating system.

ℹ️

Note

On a Linux system, you must save the file to your computer and then open it from its downloaded location. Do not use the Open link that appears after downloading a file from some browsers.

When the installation wizard appears, follow the instructions to install the software. After installing the access console, you can choose Run BeyondTrust Access Console Now and/or Run at Startup. Then click Finish.

ℹ️

Note

If you choose Run BeyondTrust Access Console Now during installation, a login prompt appears on your screen.

Log in to the access console

After installing the BeyondTrust console, launch the access console from its directory location as defined during installation.

ℹ️

Note

By default, in Windows, you can access the console from Start Menu > All Programs > Bomgar > access.example.com, where access.example.com is the hostname of the site from which you downloaded the console.

If the Login Agreement has been enabled, you must click Accept to proceed.

At the prompt, enter your username and password.

Use passwordless login

FIDO2-certified authenticators can be used to securely log in to the desktop access console, privileged web access console, and the /login administrative interface without entering your password. You can register up to 10 authenticators.

If passwordless login has been enabled, Authenticate Using may default to Passwordless FIDO2, or it can be selected. The exact process for passwordless login depends on the type of device and manufacturer.

You can enable passwordless login and set the default authentication after logging into the /login administrative interface, by navigating to Management > Security, and then registering passwordless authenticators at My Account > Security. Administrators can view and manage passwordless login registration and usage at Users & Security > Users > Passwordless Authenticators

ℹ️

Note

Passwordless login for the desktop access console on macOS or Linux systems is supported only for roaming authenticators (such as the YubiKey hardware security keys). Platform or integrated authenticators (such as Face ID and fingerprint scanners) are not supported for the desktop access console login when using macOS or Linux systems.

Infrastructure access mode

Advanced users might prefer to use Infrastructure Access Mode. This is primarily for quick access to protocol and database tunneling, and BYOT sessions. If desired, check Launch Infrastructure Access Mode. Infrastructure Access Mode is not available on Linux systems.

ℹ️

Note

If more than one language is enabled for your site, select the language you want to use from the dropdown menu.

If two-factor authentication is enabled for your account, enter the code from the authenticator app.

Use Kerberos server

Alternatively, if your administrator has configured a Kerberos server to enable single sign-on, you can log into the console without entering your credentials. The access console remembers the last used login mechanism, whether it used local credentials, Kerberos, or another security provider.

Invited users can also enter a session key to join a shared session on a one-time basis.

Check Enable Saved Logins to have the console save your username and password. This option can be enabled or disabled from /login > Management > Security.

Once you log in, the console opens, and a BeyondTrust icon appears in your computer's system tray.

ℹ️

Note

Your administrator might require you to be on an allowed network to log in to the console. This network restriction might apply the first time you log in or every time. This restriction does not apply to access invites.

ℹ️

Note

If you forget your password, go to /login and click the Forgot Your Password? link. This is an option that is set by your administrator. If you do not have this option, please contact your administrator.

If you lose your connection, the access console attempts to reconnect for 60 seconds. If your connection is restored within this time, your access console reopens, restoring all of your open sessions. If the connection cannot be restored within this time, you are prompted to retry login or quit.

If you are logged into the access console in one location and then log in from another, your open sessions are maintained.

ℹ️

Note

To log in with an account already in use and forcibly close the connection on the other system, the setting Terminate Session If Account Is In Use must be checked on the /login > Management > Security page.

After an upgrade or at first launch of the desktop access console, a What's New dialog appears automatically upon login for all non-invited users. This dialog may be viewed at any time through the Help menu (Help > What's New) and shows new release information for current and past releases. This is a roaming preference per account, so the dialog appears just once regardless where a user signs in from.

ℹ️

Note

For more information, please see the following:


©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.