Want the full details? Click the link below!
Version 26.03.1 of Netwrix Privilege Secure for Discovery is now available. This hotfix resolves two bugs affecting EDR configuration and OAM scanning, corrects a text display issue in the EDR settings page, and ships two targeted improvements: Docker credentials now stored securely using GPG encryption, and Fluentd syslog output now resolves hostnames automatically.
Upgrade Support for Version 26.03.1
We have streamlined the upgrade process for Netwrix Privilege Secure for Discovery to ensure all users can move to our latest supported version.
Direct Upgrade Paths:
- From 25.12.x: Direct upgrade to 26.03.1.
- From 2.22.x: Direct migration to 26.03.1 is now supported.
Why upgrade? We are focusing our ongoing development on a single, unified version. Upgrading to 26.03.0 ensures your environment remains on the primary maintenance path, benefiting from the latest stability improvements and security updates.
Bug Fixes
| ID | Description |
|---|---|
| 432701 | OAM Force Reset Loop — Fixed an issue where the force_reset flag set during initial OAM account creation was never cleared after a successful forced password reset. This caused the forced-reset code path to execute on every subsequent scan. In environments with a third-party Windows password filter DLL (registered under HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages), this surfaced as a repeated STATUS_PASSWORD_RESTRICTION error (code 9999) on every rescan. |
| 432248 | CarbonBlack EDR Configuration Validation — Fixed an issue where CarbonBlack EDR configuration was not properly tested for validity when adding a new EDR provider from the Configure > Server page. |
| 424910 | EDR API Base URL Text Trimming — Fixed a bug where the API Base URL field in the EDR configuration page was incorrectly trimming input values on save. The full entered value is now preserved. The field also displays the full text on hover when the value is longer than the visible input width. |
Improvements
| ID | Description |
|---|---|
| 424058, 419558 | Secure Docker Credential Storage (Docker Credentials Helper) — NPS-D now uses docker-credential-pass with GPG encryption to store Docker registry credentials on Ubuntu deployments. Credentials are encrypted at rest instead of being stored in plain configuration files. Setup is automated as part of the deployment and upgrade flow. Documentation |
| 424509 | Hostname/IP Configuration in Syslog Output — Fluentd now automatically uses the host server’s hostname in syslog header fields, replacing Docker container IDs (e.g., a3f2b1c4d5e6) that previously appeared in SIEM logs and made host correlation difficult. The hostname defaults to the node’s OS hostname via Docker Swarm. Administrators can override it by setting the S1_NODE_HOSTNAME environment variable on the host. Documentation |
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended… | Contact Support |
| If you have a question you’d like to ask other experts… | Create a discussion in the community: Privilege Secure > Discussions & Questions |
| If you have a feature request… | Let our product team know directly: Privilege Secure > Ideas |
| If you have something cool to show… | Show everyone what you built: Privilege Secure > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!