Citrix Virtual Apps and Desktops

2402 LTSR (initial release)

August 22, 2024

Contributed by:

About the release

The Long Term Service Release (LTSR) program for Citrix Virtual Apps and Desktops provides stability and long-term support for Citrix Virtual Apps and Desktops releases.

LTSRs are also available for Citrix Virtual Apps and Desktops 2203 and 1912.

This Citrix Virtual Apps and Desktops release includes new versions of the Windows Virtual Delivery Agents (VDAs) and new versions of several core components. You can:

Install or upgrade a site: Use the ISO for this release to install or upgrade core components and VDAs. Installing or upgrading to the latest version allows you to use the latest features.
Install or upgrade VDAs in an existing site: If you already have a deployment and aren’t ready to upgrade your core components, you can still use several of the latest HDX features by installing (or upgrading to) a new VDA. Upgrading only the VDAs can be helpful when you want to test enhancements in a non-production environment.

After upgrading your VDAs to this version, you do not need to update the machine catalog’s functional level. For more information, see VDA versions and functional levels.

For installation and upgrade instructions:

If you are building a new site, follow the sequence in Install and configure.
If you are upgrading a site, see Upgrade a deployment.

Citrix Virtual Apps and Desktops 7 2402 LTSR

Secure HDX (Preview)

You can now use Secure HDX, which is an Application Level Encryption (ALE) solution that prevents any network elements in the traffic path from being able to inspect the HDX traffic. For more information, see Secure HDX.

New HDX Graphics policy - Allow Windows screen lock

With the new Allow Windows screen lock policy in HDX Graphics, you now have the option to modify Windows display timeouts in a Citrix Virtual Desktop session on Workstation OS as per your requirement. For more information, see Allow Windows screen lock.

New loss tolerant mode for audio policy

Loss tolerant mode for audio is now available to allow audio delivery through the loss tolerant mode policy. For more information, see Loss tolerant mode for audio.

Signed third-party binaries

Binaries distributed by Citrix are now signed. Signed binaries indicate that they are validated by either Citrix-generated certificates or authentic third-party certificates. For more information, see Install VDAs.

Enhanced system logs for browser content redirection

With the enhancements to the system logs, browser content redirection now allows admins to monitor the feature status. For more information, see How to troubleshoot browser content redirection.

Enhanced bidirectional content redirection configuration

Previously, configuring bidirectional content redirection involved managing three distinct policies: Allow bidirectional content redirection, Allow redirection of URLs to VDA, and Allow redirection of URLs to the Client. These policies require configurations on both the server side and the client side (configured through Group Policies). Starting with this release, we have consolidated all three policies into a single, unified policy. It not only simplifies and enhances the configuration process but also eliminates the requirement for client-side configurations. For more information, see Bidirectional content redirection configuration.

HDX Reducer

You can now configure the version of the HDX compression algorithm, or Reducer, that you want to use in the session host. For more information, see HDX Reducer.

New HDX registry setting for configuring EDT timeout

You now have the option to configure EDT timeout by setting the registry. For more information, see Configure EDT timeout.

Microsoft Teams Optimization - allow-listed registry entry

Starting with Citrix Virtual Apps and Desktops 2402, you no longer need to manually configure the msedgewebview2.exe registry entry as it is now allow-listed by default.

For more information, see the Microsoft documentation.

Virtual channel allow list support for environment variables

You can now use system environment variables in the path of trusted processes. For more information, see Using system environment variables.

Citrix Secure Private Access for on-premises

Secure Private Access for on-premises and support for ZTNA and other enhancements

Citrix Secure Private Access on-premises solution enhances an organization’s overall security and compliance posture with the ability to easily deliver zero-trust access to browser-based apps (internal web and SaaS apps) using the StoreFront on-premises portal as a unified access portal to web and SaaS apps, along with virtual apps and desktops as an integrated part of Citrix Workspace. Citrix Secure Private Access on-premises is a customer-managed Zero Trust Network Access (ZTNA) solution that provides VPN less access to Internal web and SaaS applications with the following along with a seamless end-user experience:

Least privilege principle
Single sign-on (SSO)
Multifactor authentication
Device posture assessment
Application-level security controls
App protection features

For more information, see Citrix Secure Private Access for on-premises – General Availability.

Virtual Delivery Agents (VDAs) 2402 LTSR

Option to install, upgrade, or uninstall Citrix Workspace App during VDA installation, upgrade, or uninstallation

This feature allows you to choose to install, upgrade, or uninstall the Citrix Workspace App during a VDA installation, upgrade, or uninstallation in the following scenarios:

During a VDA installation, you can choose to install the Citrix Workspace App. By default, Citrix Workspace App is not installed during the VDA installation.
During a VDA upgrade, if Citrix Workspace App is not already installed in the VDA, you can choose to install Citrix Workspace App.
During a VDA upgrade, if the version of Citrix Workspace App can be upgraded, then the option to upgrade Citrix Workspace App is displayed.
During a VDA uninstallation, you can choose to not uninstall the Citrix Workspace App. By default, the Citrix Workspace App is uninstalled during the VDA uninstallation. For more information, see Select the components to install and the installation location and Command-line options for installing a VDA

WebSocket support for VDAs

Citrix Virtual Apps and Desktops now allow you to use WebSocket technology over the Citrix Brokering Protocol (CBP) to facilitate communication between VDAs and Delivery Controllers. This feature requires only the TLS port 443 for communication from the VDA to the Delivery Controller.

For more information, see WebSocket communication between VDA and Delivery Controller.

You can now support VDA updates from a local file share and specify the VDA installer location through PowerShell commands. For more information, see Support VDA updates from Local File Share.

Web Studio

Support for provisioning VMware VMs using machine profiles

When provisioning VMware VMs using the Machine Creation Service (MCS), you can now select an existing template as the machine profile, letting the VMs within the catalog inherit settings from the selected template.

The inherited settings include:

Tags placed on the template
Custom attributes
vSAN Storage policies
Virtual hardware version
vSphere Virtual TPM (vTPM)
CPU count and core per socket
NIC count

For more information, see Creating machine catalogs.

Managing prepared images with the Images node

An Images node is now available in Web Studio, letting you prepare an MCS image (prepared image) from a single source image and deploy it across various MCS machine catalogs. This node facilitates complete image lifecycle management, enabling you to create image definitions, versions, and catalogs.

Images prepared using this node can only be used in Azure and VMware environments. For detailed information on image management, see Image management (Preview).

Alternatively, you can also create catalogs with prepared images using the Machine Catalogs node. For more information, see Creating machine catalogs.

New policy validations. Additional policy validations are added. As a result, enabling policies or doing an in-place upgrade might lead to loss of policy data if invalid policy settings are present. If you create or edit the policies using a method other than Web Studio, Citrix recommends you use the latest version of the SDK and snap-in. For more information, see CTX676686.

Deprecated features

The following features and settings have been deprecated in Web Studio:

Azure environments:

Provisioning VMs using a master image from a different region has been deprecated. We recommend using Azure Compute Gallery to replicate the master image to the region where the VMs will be created.
AWS environments:

The option Apply machine template properties to virtual machines, on the Machine Catalog Setup > Machine Template page, has been deprecated. We recommend using machine profiles to specify machine properties for VMs instead.
All hypervisor and cloud service environments:

Configuring the write-back cache with only a disk cache and no memory cache has been deprecated. We recommend setting the memory cache size to a value greater than zero.

Citrix Director

Secure Private Access integration with Director (Preview)

The Secure Private Access integration with Director allows help desk admin or full admin to monitor and troubleshoot all Secure Private Access sessions in Director. To support this feature, you must use the 2402 or later versions of Director, Secure Private Access, Citrix Workspace app, and VDA.

Available actions include viewing the details of the following:

Secure Private Access active sessions for a user under the Select a Session popup > Sessions tab > Web Apps and SaaS Apps
Secure Private Access failed or blocked enumerations and failed app launches under the Select a Session popup > Denied Access tab
Session and application details view for active and failed app launches
Session and application details view for failed and blocked enumerations

For more information, see Secure Private Access integration with Director (Preview) page.

Enhanced Performance Metrics panel

The Performance Metrics panel has an enhanced visualization of the real-time metrics. When you click the Session Performance tab, along with the real time data, you can view the last 15-minutes data without waiting for the page load time. This enhancement helps to reduce mean time for resolution by enabling admins to be able to correlate multiple component performance metrics in a single view. For more information, see Performance metrics section.

Support for newer version of Microsoft Teams

Citrix Director now supports Microsoft Teams version 2.1 or earlier.

Machine Creation Services (MCS)

Image management (Preview)

With the image management functionality, MCS separates the mastering phase from the overall provisioning workflow.

You can prepare an MCS image (Prepared Image) from a single source image and use it across multiple different MCS machine catalogs. This implementation significantly reduces the storage and time costs, and simplifies the VM deployment and image update process.

The benefits of using this image management functionality are:

Generate prepared images in advance without creating a catalog.
Reuse prepared images in multiple scenarios, such as creating and updating a catalog.
Significantly reduce catalog creation or update time.

For detailed information on image management, see Image management (Preview).

Check for multiple NICs in VMware

In VMware environments, we have introduced various pre-flight checks when the hosting unit and machine profile template have multiple networks, and the -NetworkMapping parameter is used in the New-ProvScheme and Set-ProvScheme commands. For more information on the pre-flight checklist for multiple NICs, see Check for multiple NICs.

Support for creating Windows 11 VMs in GCP

You can now create Windows 11 VMs in GCP. If you install Windows 11 on the master image, then you must enable vTPM during the master image creation process. Also, you must enable vTPM on the machine profile source (VM or instance template).

This feature is applicable to:

Persistent and Non-persistent MCS machine catalogs
Only sole-tenant node group

For information on creating Windows 11 VMs on the sole-tenant node, see Create Windows 11 VMs on the sole-tenant node.

Support for creating Citrix Provisioning catalogs using MCS PowerShell commands in VMware

You can now create Citrix Provisioning catalogs using MCS PowerShell commands in VMware.

This implementation provides you the following advantages:

A single unified API to manage both MCS and Citrix Provisioning catalogs.
Have new features for Citrix Provisioning catalogs, such as, identity management solution, on-demand provisioning, and so on.

For more information, see Create Citrix Provisioning catalogs in Citrix Studio.