Fudo Enterprise 5.5.8 might be classified as a minor update, but under the hood, it brings significant improvements that enhance security, system stability, and convenience. This release enhances password management, authentication mechanisms, logging accuracy, and system reliability while also removing outdated features to prepare for future versions.
What’s New in Fudo Enterprise 5.5.8?
A Smarter Way to Manage Local Windows Passwords
One of the most significant improvements in Fudo Enterprise 5.5.8 is the ability to change local Windows account passwords using a domain account via WinRM password changer.
Why does this matter?
Previously, admins had to log into each system with local credentials or set up external tools for password management. Now, Fudo allows password changes using domain authentication, simplifying password rotation policies and reducing security gaps from stale or weak local passwords. If your security model involves frequent credential changes for compliance reasons, this feature saves time, reduces risks, and strengthens your access control strategy.
RADIUS Authentication: Now More Consistent with Active Directory
Fudo Enterprise now appends the Active Directory domain name to usernames during RADIUS authentication, making communication of user credentials more consistent with Active Directory-based environments.
What does this change?
Previously, users authenticated through RADIUS only with their usernames, which could lead to conflicts or inconsistencies when handling multi-domain environments. Now, if a user is synchronized with LDAP or has a manually set AD Domain, their credentials will be automatically formatted as:
{username}@{domain}
Important: This change may impact existing authentication flows, so before upgrading, double-check RADIUS configurations to ensure continued compatibility.
OCR That Works for More Users Around the World
If your organization relies on OCR (Optical Character Recognition) for session analysis, this update brings extended language support. Fudo can now recognize text in:
- Armenian
- Georgian
- Azerbaijani
- Kazakh
- Kyrgyz
- Malayalam
- Bengali
- Vietnamese
Why does this matter? If your team operates in CIS, APAC, or South Asia, this means more accurate session logs, better text capture in screen recordings, and improved compliance with language-specific security policies.
Standardized Keyboard Layouts in User Access Gateway
Admins can now set a global keyboard layout for all users accessing the User Access Gateway. If your users have ever struggled with misconfigured keyboard inputs during a session, this new setting ensures they don’t have to manually adjust their layout every time they log in.
This is particularly useful in:
- Multi-region deployments with different default layouts
- Environments with strict keyboard input compliance
- Cases where a mismatch between local and remote keyboard settings caused login issues
- The setting is configurable in the Resources tab and users can change predefined layout in the User Access Gateway.
System-Wide Improvements That Make a Difference
Fudo 5.5.8 isn’t just about adding new features. It also improves how the system handles logs, notifications, and authentication processes.
- Log Exports Are Now Chronological – Sorting logs has always been an essential part of security audits. With this update, logs export in order from oldest to newest, so you can track events more easily.
- Less Disruptive Notifications – Status messages now appear in the lower-right corner, making them less intrusive when performing critical tasks.
- Secure Certificate Uploads – When entering passwords during HTTPS certificate uploads, they are now masked, preventing accidental credential exposure.
These may seem like small tweaks, but for IT admins managing security policies, these refinements reduce errors, streamline operations, and prevent unnecessary risks.
What Got Fixed?
Beyond the new features, this update addresses the issues that could impact system operational effectiveness.
Authentication and User Management Fixes
- Implemented a fix to automatically trim leading and trailing whitespaces from the Login field when creating an account, ensuring a valid login string.
- Prevents saving objects (Accounts, Servers, Safes, Users) with spaces in names – This ensures cleaner data and fewer unexpected errors.
Session and Stability Fixes
- Fixed random HTTP session drops caused by unexpected TigerVNC messages – If users ever randomly lost access during a session, this was likely the cause.
- Account lists in User Access Gateway now load properly without needing a refresh – Making admin work smoother.
- Fixed a critical bug where machines could become unbootable if restarted during initial replication – If you rely on Fudo in high-availability environments, this is a must-have fix.
Security and Monitoring Enhancements
- Updated smartHealth SNMP monitoring – Now reports only two statuses: ok (1) – Everything is fine, and failed (2) – Something needs attention.
- Fixed email notifications for session approval requests – Admins and security teams now receive reliable notifications when approving session checkouts.
- Fixed SSH authentication for forward accounts – Ensures smooth authentication flows when using a forward account, bastion listener, and the ‘Authentication against server’ option.
What’s Being Phased Out
This release continues the transition away from outdated features first announced in Fudo Enterprise 5.5. If you are upgrading from any version earlier than 5.5 (such as 5.4.12 or older) – consider these changes before proceeding.
- Fudo Officer 1.0 is no longer supported → Move to Fudo Officer 2.0.
- Mobile Token authentication has been discontinued → Remove it before upgrading, or the upgrade will fail.
- CyberArk Enterprise Password Vault is no longer supported → Switch to CyberArk Credential Provider.
- Ticketing system integration is no longer available.
- Unencrypted external password repositories (HTTP/LDAP) are no longer allowed → Update to HTTPS/LDAPS before upgrading.
Additionally, Fudo Enterprise 5.5 is the last version supporting:
- Transparent and Gateway modes for listeners (Move to Proxy/Bastion modes)
- Application-to-Application Password Manager (AAPM) (Use APIv2 instead)
- APIv1 (Rewrite scripts using APIv2)
- DHCP (Will be removed in the next release)
If your organization depends on any of these features, plan your transition before upgrading.
Upgrade Checklist: What to Do Before Updating
- Run a Pre-Upgrade Check. Use “Run Check” in the admin panel to detect any potential conflicts before upgrading.
- Check Your Authentication Flow. RADIUS and LDAP may behave differently post-upgrade. Ensure no login disruptions.
- For Clustered Environments: Upgrade the Slave Node First. This maintains synchronization during the process.
- Ensure You Are Running at Least Fudo 5.4.11. If you’re on an earlier 5.4.x version, upgrade to 5.4.11 first before moving to 5.5.x.
Conclusion
Fudo Enterprise 5.5.8 is more than just a maintenance update—it strengthens security, improves authentication mechanisms, and ensures greater system stability. By addressing long-standing issues and refining key features, this release enhances both security and usability for administrators and end users alike.
For existing users, this update is an opportunity to optimize authentication settings, improve session reliability, and ensure compliance with evolving security standards. Review the changes, check for deprecated features, and plan your upgrade accordingly to avoid disruptions.
If you’re new to Fudo Enterprise, now is the perfect time to explore how it can help streamline privileged access management, reduce security risks, and simplify compliance. Contact us with any questions, or request a demo to see how Fudo can fit into your security strategy.
