Skip to content


Welcome to the PPA installation and configuration guide.


For ESXi, VirtualBox or VMware Workstation you will need to download the PPA ISO.

Provision a machine with at least 2 cores, 4GB of ram and an 8GB disk.

Mount the iso and boot the machine.


Version 2.3.2


  • Speed up nested group membership for very large Active Directory deployments

Version 2.3.1


  • Fix rare race condition between backend and private key server
  • Improve resilience of the appliance when a critical error occurs

Version 2.3.0


  • Roles and granular permissions are now supported.


  • OVA image is now signed.
  • Nested AD group membership is now supported.
  • AD security groups can now be imported into the UI,
  • Improved page load speed when attaching to tasks.
  • New sidebar layout.
  • Improved data tables with filtering and ordering.


  • You can now clone the appliance in VMWare.
  • Better handling of CSRF token.


  • PostgreSQL 11
  • Docker 19.03.4
  • Alpine 3.10
  • Golang 1.13

Version 2.2.1


  • Relay and gateway will set the nobody account to never expire.
  • The admin tables will now show the correct number of rows.
  • Task tables will now correctly sort large numbers of rows.

Version 2.2.0


  • Agent support. Run tasks on remote Docker servers (including Windows).
  • Added a reporting page for an overview of the appliance.


  • Better error messages when adding a Hashicorp Vault that is uninitialised or sealed.
  • Consistency pass on user interface.
  • Tasks now time out after 15 minutes by default. This is configurable with the label.


  • Performance improvements for large numbers of historical tasks.


  • The password strength meter now only appears for a password input if you provide meter=true.

Known Issues

  • You will need to manually refresh in Chrome to see the updated user interface

Version 2.1.2


  • API gateway now no longer uses invalid latin1 characters
  • API gateway now correctly returns 407 when not authenticated
  • Space remaining now reports the unit correctly

Version 2.1.1


  • You can now specify multiple hosts for active directory (comma separated).
  • The input table has a toggle for what was selected once submitted.
  • Enable Linux page poison to secure old page data


  • Virtual machine will now correctly shutdown when triggered from VMware tools.
  • Virtual machine will automatically sync time with host on resume.
  • Self-signed certificate will not regenerate on reboot unless the IP or DNS settings have changed.
  • Users can now no longer submit an input after a task has failed.
  • UI will not time out if a task upload takes longer than 10 seconds.
  • The JWT used by the API will be regenerated after each reboot.
  • Fixed the input table reloading unnecessarily causing flickering.
  • Fixed large task upload in Chrome


  • Loopback alias has been removed.
  • Servername override in AD configuration removed. Insecure LDAPS certificates are no longer allowed.


  • Remove axios dependency (fixes CVE-2019-10742)

Version 2.1.0


  • Update Linux Kernel to 4.19.37
  • Update containerd to 1.2.6
  • Update openssh-server to 7.9
  • Update vault to 1.1.2
  • Compile with Go 1.12.4


  • Add a range of syslog events in the CEF format.
  • Add a config page to upload licences and generate techouts.


  • Add a CSV report of all tasks that have been run to the task history page.
  • Add 'Admin Login Groups' to the Configure Active Directory dialog.


  • Remote support removed now beta has concluded.