Citrix Workspace app 2402 LTSR for Windows - Initial release
Learn about new features and enhancements available for Citrix Workspace app 2402 LTSR for Windows.
Important::
- Citrix Enterprise Browser can be used with Citrix Workspace app LTSR as a compatible component. However, it isn’t installed by default. To install Citrix Enterprise Browser, add install switch
InstallEmbeddedBrowser=Y
orAddlocal
parameterCitrixEnterpriseBrowser
as part of the command-line installation.- For information on insatllation of Browser Content Redirection, see Browser Content Redirection.
What’s new in 2402 LTSR
The following is a list of features that are available in Citrix Workspace app 2402 LTSR for Windows.
Note:
For information on new add-ons and packaging changes, see New Add-ons and packaging.
-
- Sustainability initiative for cloud hybrid launch
- Enhanced domain pass-through for single sign-on (Enhanced SSO)
- Support for advanced NetScaler policies for Storebrowse on Windows
- Version upgrade for Chromium Embedded Framework
- Install Microsoft teams VDI plug-in for Citrix
- Share system audio in meetings (Technical Preview)
- Hide Troubleshooting option for end users
-
App Protection
- Citrix Endpoint Analysis
- Citrix Enterprise Browser
-
- Introducing new installer for Citrix Workspace app
- Support for Activity Manager in cloud stores
- Automatic selection of video codec
- Loss tolerant mode for audio
- Synchronize multiple keyboards at session start
- Improved performance of BCR
- Version upgrade for Chromium Embedded Framework
- Important update on App Protectionfile and driver names
- Enhancement to background blurring and effects for Microsoft Teams optimization with HDX
- Citrix Enterprise Browser
- Improved user experience and session reload time
- Improved watermark design
- Support for custom browser extension
- Simplified SSO for Web and SaaS apps through the Global App Configuration service
- Manage pass-through authentication in Citrix Enterprise Browser
- Enhanced capabilities on monitoring end user activities
-
2309
- Additional .NET prerequisites
- Improved virtual apps and desktops launch experience
- Addition of the Troubleshooting option in the system tray of Citrix Workspace app
- Sustainability initiative from Citrix Workspace app
- Commands to configure keyboard layout synchronization using command-line interface
- Command to cleanup and install Citrix Workspace app
- Optimized Microsoft Teams updates
- App Protection
- Citrix Enterprise Browser
-
- Added support for playing short tones in optimized Microsoft Teams
- Citrix Enterprise Browser
- 2303
- 2302
-
- Client App Management
- Auto-update version control
- Force login prompt for Federated identity provider
- Improved reconnection experience after connection lease file expiry
- Support for default installation of App Protection
- App Protection enhancement: Screen capture detection and notification
- Desktop Viewer optimization
- Citrix Enterprise Browser
-
- Background blurring for webcam redirection
- App Protection enhancements for web and SaaS apps on Windows 11
- Limiting video resolutions
- Rebranding Citrix Workspace Browser
- Open all web and SaaS apps through the Citrix Enterprise Browser
- Supporting auto-update of Citrix Workspace app on VDA
- Citrix Enterprise Browser (formerly Citrix Workspace Browser)
- 2206
- 2204.1
2402 LTSR (Initial release)
Sustainability initiative for cloud hybrid launch
Note:
This feature was previously available for native launches (cloud and on-premises) from Citrix Workspace app 2309 version onwards.
From Citrix Workspace app 2402 version, this feature is available for hybrid launches on cloud. After this feature is enabled, a prompt appears to sign out from the desktop session when a user closes a virtual desktop. This feature helps conserve energy if there are Windows OS policies that are used to shut down VMs when no users are logged in. You can also customize the text that appears on the Save energy screen. For more information, see Sustainability initiative for cloud hybrid launch.
Enhanced domain pass-through for single sign-on (Enhanced SSO)
Previously, Citrix Workspace app for Windows supported only SSON or domain pass-through authentication for single sign-on to Citrix Virtual Apps and Desktops environments using user credentials. This authentication enables the user to authenticate to the domain on their device and use their virtual apps and desktops without having to reauthenticate again.
With this release, Citrix Workspace app supports enhanced domain pass-through which is a new method of SSO. It leverages Kerberos authentication instead of user credentials. Users can now sign in to Citrix Virtual Apps and Desktops and to StoreFront using integrated windows authentication.For more information, see Enhanced domain pass-through for single sign-on (Enhanced SSO).
Support for advanced NetScaler policies for Storebrowse on Windows
Citrix Workspace app for Windows now supports advanced policies on NetScaler Gateway with Storebrowse. The supported authentication protocol is LDAP authentication. Storebrowse is a command-line utility that interacts between the client and the server. It’s used to authenticate all the operations within StoreFront and with Citrix Gateway. For more information, see Storebrowse.
Note:
The nFactor authentication protocol isn’t supported with Storebrowse on Windows.
Install Microsoft Teams VDI plug-in for Citrix
You can now install Microsoft Teams VDI plug-in during the installation of Citrix Workspace app using one of the following options.
Note:
For version compatibility with VDI and configuration details, see Microsoft Teams 2.1 supported for VDI/DaaS and New Teams VDI requirements.
Share system audio [Technical Preview]
You can now share the audio playing on your VDA with participants in a meeting. Select the Include computer sound option to make your meetings more engaging. You need to enable this feature via registry by setting HKEY_CURRENT_USER\Software\Citrix\HDXMediaStream\EnableSystemAudio (DWORD)
to 1
.
For end users, this option is not enabled by default, they must turn it on before sharing their screen.
Limitations
- Audio cannot be shared using this feature when sharing the screen with RAVE and BCR redirected apps or tabs.
- This feature is supported only on published desktops.
Note:
This feature is available only after future update roll-out from Microsoft Teams.
Hide Troubleshooting option for end users
Admins can now hide the troubleshooting options for their end users using the GPO editor. Once this setting is enabled, the troubleshoot option which was previously visible to the end users on the system tray is hidden. For more information, see Hide Troubleshooting option for end users.
Deprecation of PNAgent support
Starting from this release, support for XenApp Services URLs (also known as PNAgent) for connecting to stores is deprecated. Use Citrix Workspace app to connect to stores using the store URL. For reference, see:
- Deprecation page in the Citrix Workspace app for Windows documentation.
- Deprecation notices page in StoreFront documentation.
Version upgrade for Chromium Embedded Framework
The version of the Chromium Embedded Framework (CEF) is upgraded to 120. This version upgrade helps to resolve security vulnerabilities.
App Protection
Screen Capture Allow List
If Citrix Workspace app, virtual apps and desktops, or SaaS apps are enabled with the App Protection Anti-screen capture policy, then you can’t capture their screens using any screen-capturing tool.
However, starting from the Citrix Workspace app for Windows 2402 release, the Screen Capture Allow List feature enables you to add an app to the screen capture allow list. This feature enables you to use the allow listed app and capture the screen of the resource enabled with the App Protection Anti-screen capture policy. For more information, see Screen Capture Allow List.
Process exclusion list
When you launch any process or application on your device, App Protection DLLs are injected into each process if the App Protection is enabled. Sometimes, this might cause the process or application not to work due to compatibility issues with the DLL.
Starting from the Citrix Workspace app for Windows 2402 release, you can add any process to the Process exclusion list to avoid the injection of the App Protection DLL into that particular process and recover from any compatibility issues caused by the presence of App Protection DLLs. For more information, see Process exclusion list.
USB Filter Driver Exclusion List
Sometimes, when you’re using specialized external keyboards such as gaming keyboards with the Citrix Workspace app, the App Protection USB Filter Driver might cause compatibility issues and block you from using the keyboard.
Starting from the Citrix Workspace app for Windows 2402 release, the USB Filter Driver Exclusion List feature allows you to exclude any USB device that has compatibility issues with the Citrix Workspace app using the device Vendor ID and Product ID. For more information, see USB Filter Driver Exclusion List.
Citrix Enterprise Browser
This release of Citrix Enterprise Browser is installed with Citrix Workspace app for Windows 2402, and it’s based on the Chromium version 122.
Security indicator when visiting websites
Citrix Enterprise Browser now displays a security indicator on the address bar when users visit any websites. The indicator aims to inform users about the security aspects of the websites, such as whether it’s an internal site or if there are any potential security restrictions. The indicator provides more information when you click it. The indicator appears on the Enterprise browser by default, and it enhances the user experience.
Citrix Enterprise Browser introduces additional settings in the Global App Configuration service
Additional settings have been added into the Global App Configuration service (GACS) for configuring Citrix Enterprise Browser.
- Enable autofill address - Allows administrators to enable or disable the autofill suggestions for addresses.
- Enable autofill credit card - Allows administrators to enable or disable the autofill suggestions for credit card information.
- Auto launch protocols from origins - Allows administrators to specify a list of protocols that can launch an external app from the listed origins without prompting the user.
- Enable command-line flag security warnings - Allows administrators to display or hide security warnings, which appear when potentially dangerous command-line flags try to launch the Enterprise Browser.
- Manage default cookies setting - Allows administrators to manage cookies for a website.
- Manage default pop-ups setting - Allows administrators to manage pop-ups from a website.
- Extension install sources - Allows administrators to specify valid sources for users to install extensions, apps, and themes.
- Disable lookalike warning pages - Allows administrators to specify the preferred domains where lookalike warning pages don’t display when the user visits pages on that domain.
- Enable payment method query - Allows administrators to enable websites to check whether the users have saved payment methods.
- Manage saving browser history - Allows administrators to manage the saving of Enterprise browser history.
- Manage search suggestion - Allows administrators to enable or disable search suggestions in the Enterprise browser’s address bar.
- Enable export bookmark - Allows administrators to enable an option to export the bookmarks in the Enterprise Browser.
- Force ephemeral profiles - Allows administrators to clear or persist user profile data when users close the Enterprise Browser.
For more information, see the Manage Citrix Enterprise Browser through Global App Configuration service page in the Citrix Enterprise Browser documentation.
For more information on example JSON data, see Example JSON data.
Citrix Endpoint Analysis
With this release, the EPA Client is bundled with Citrix Workspace app installer. To install the client, Citrix Workspace app must be installed with the command line option InstallEPAClient
.
Example: ./CitrixworkspaceApp.exe InstallEPAClient
Note:
EPA is not installed by default.
In this release, the EPA version packaged is 23.11.1.20.
Feature included from previous releases
This release supports features that were included in Citrix Workspace app for Windows version from 2204.1 to 2311.1 as listed below.
2311.1
The following features are added in this release:
- Introducing new installer for Citrix Workspace app
- Support for Activity Manager on cloud stores
- Automatic selection of video codec
- Loss tolerant mode for audio
- Synchronize multiple keyboards at session start
- Improved performance of BCR
- Version upgrade for Chromium Embedded Framework
- Important update on App Protection file names
-
Citrix Enterprise Browser
- Improved user experience and session reload time
- Improved watermark design
- Support for custom browser extension
- Simplified SSO for Web and SaaS apps through the Global App Configuration service
- Manage pass-through authentication in Citrix Enterprise Browser
- Enhanced capabilities on monitoring end user activities
Note:
Starting with Citrix Workspace app for Windows version 2311.1, Internet Explorer-based browser content redirection is deprecated. The alternate option is to use Google Chrome-based browser content redirection.
Introducing new installer for Citrix Workspace app
The user interface of the Citrix Workspace app installer is revamped to give a modern, easy outlook, and a better user experience. By default, the new installer is enabled.
Prerequisites:
.Net Desktop Runtime 6.0.20 or later is an additional pre-requisite for the new installer. For other requirements, see System requirements section.
The new installer is enabled by default. For more information, see User interface based installation.
Note:
Starting with Citrix Workspace app for Windows 2311.1 version, the
TrolleyExpress
is replaced withCWAInstaller-<date and timestamp>
. For example, the log is recorded atC:\Program Files (x86)\Citrix\Logs\CTXWorkspaceInstallLogs-20231225-093441
.
Support for Activity Manager on cloud stores
Citrix Workspace app for Windows supports the Activity Manager feature. This feature lets end users view and interact with all their active apps and desktop sessions in one place. To view active sessions in the Activity Manager, click the Activity Manager icon. You can perform the following actions on an app or desktop by clicking the respective ellipsis(…) button from the Activity Manager:
- Log out: Logs out from the current session. All the apps in the session are closed, and any unsaved files are lost.
- Disconnect: The remote session is disconnected but the apps and desktops are active in the background.
- Restart: Shuts down your desktop and start it again.
- Shutdown: Closes your disconnected desktops.
- Force quit: Forcefully power off your desktop if there is a technical issue.
- Click the X button to terminate the active app session from the Activity Manager.
For more information, see Activity manager.
Note:
This feature is available in Citrix Workspace app for Windows only if the new Workspace experience is enabled.
Automatic selection of video codec
With this release, Citrix Workspace app for Windows now automatically detects the best video codec to use. During installation of the Citrix Workspace app for Windows, the decoding capabilities of the endpoint are evaluated. Based on this information, Citrix Workspace app for Windows selects the best codec to use with the VDA when the session starts. The order in which the video codecs are evaluated is as follows:
- AV1
- H.265
- H.264
This feature is available when the Use video codec for compression policy is set to one of the following:
- Use when preferred
- For the entire screen
- For actively changing regions
For more information on the Use video codec for compression policy, see Use video codec for compression.
The automatic selection only applies to YUV 4:2:0 variants of these codecs. YUV 4:2:0 uses less bandwidth compromising quality. If the Visual Quality policy setting is set to Build-to-Lossless or Always Lossless and if the Allow Visually Lossless policy is set to enabled, the automatic selection of the video codec is disabled and instead YUV 4:4:4 H.264 or H.265 is used.
For more information on these policies, see the following:
This feature is enabled by default.
For more information, see Automatic selection of video codec.
H.265
Citrix Workspace app supports the use of the H.265 video codec for hardware acceleration of remote graphics and videos. H.265 video codec must be supported and enabled on both the VDA and Citrix Workspace app.
Starting with Citrix Workspace app 2311.1, this feature is enabled automatically with the introduction of the Automatic selection of video codec feature.
For more information, see the H.265 documentation.
AV1
Citrix Workspace app supports the use of the AV1 video codec for hardware acceleration of remote graphics and videos. AV1 video codec must be supported and enabled on both the VDA and Citrix Workspace app.
Starting with Citrix Workspace app 2311.1, this feature is enabled automatically with the introduction of the Automatic selection of video codec feature.
For more information, see the AV1 documentation.
Loss tolerant mode for audio
With this release, Citrix Workspace app supports Loss tolerant mode (EDT lossy) for audio redirection. This feature improves the user experience for real-time streaming when users are connecting through networks with high latency and packet loss.
You need to use VDA version 2311 or later. By default, this feature is enabled on Citrix Workspace app for Windows. However, it is disabled on VDA.
For more information, see the Loss tolerant mode for audio documentation.
Synchronize multiple keyboards at session start
Previously, only the active keyboard on the client was synchronized with VDA after the session started in full-screen mode. In this scenario, if you configured Sync only once - when session launches on your Citrix Workspace app, and you had to change to a different keyboard, you have to manually install the keyboard on your remote desktop. Similarly, if you configured Allow dynamic sync on your Citrix Workspace app, you have to move to windowed mode, change the keyboard on your client, and then move back to full-screen mode.
With this release, all available keyboards on the client are synchronized with VDA after the session starts in full-screen mode. You can select the required keyboard from the list of installed or available keyboards on the client after the session starts in full-screen mode.
For more information, see the Synchronize multiple keyboards at session start documentation.
Improved performance of BCR
Previously, BCR used client-side disk space cache and the cached information wasn’t deleted during an upgrade. This setting resulted in higher disk space usage over time and inconsistent behavior while a page is redirected using BCR.
With this release, to resolve this issue, BCR uses an in-memory cache. This enhancement helps to improve the performance of BCR.
This feature is disabled by default.
For more information, see Improved performance of BCR.
Version upgrade for Chromium Embedded Framework
The version of the Chromium Embedded Framework (CEF) is upgraded to 117. This version upgrade helps to resolve security vulnerabilities.
Important update on App Protection file and driver names
Starting with Citrix Workspace app for Windows 2311.1, the following file and driver names are updated as follows:
Existing name | New name |
---|---|
EntryProtect.dll |
ctxapdotnet.dll |
entryprotect.sys |
ctxapdriver.sys |
epclient32.dll |
ctxapclient32.dll |
epclient64.dll |
ctxapclient64.dll |
epinject.sys |
ctxapinject.sys |
epusbfilter.sys |
ctxapusbfilter.sys |
entryprotectdrv |
ctxapdriver |
epinject6 |
ctxapinject |
These files are installed at %ProgramFiles(x86)%\Citrix\ICA Client
by default.
If you’ve added any of the preceding file or driver names to the allow list in your environment, update the allow list.
Enhancement to background blurring and effects for Microsoft Teams optimization with HDX
Starting with Citrix Workspace app version 2311.1, you can select the following options for background blurring and effects:
- No background effect
- Select Background Blurring
- Select Background Image
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 119.1.1.60, based on Chromium version 115. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Citrix Enterprise Browser introduces additional settings in the Global App Configuration service
Additional settings have been added into the Global App Configuration service (GACS) for configuring Citrix Enterprise Browser. For more information, see Manage Citrix Enterprise Browser through GACS.
Security indicator when visiting websites
Citrix Enterprise Browser now displays a security indicator on the address bar when users visit any websites. The indicator aims to inform users about the security aspects of the websites, such as whether it is an internal site or if there are any potential security restrictions. The indicator provides more information when you click it. The indicator appears on the Enterprise browser by default, and it enhances the user experience.
Improved user experience
Previously, Citrix Enterprise Browser displayed a reconnection modal when you attempted to perform an action after your session expired. Starting with Citrix Workspace app for Windows version 2311.1 (which corresponds to the Chromium version 119.1.1.60), there is no longer a reconnection modal. Instead, a loading icon now appears on the browser tab when you attempt to perform any action after your session expires.
Improved watermark design
Citrix Enterprise Browser now has a new watermark design that is less intrusive and provides a better user experience.
Support for custom browser extension
Citrix Enterprise Browser has expanded its extension capabilities. Previously, only extensions from the Chrome Web Store were permitted. Citrix Enterprise Browser now allows you to add custom extensions securely. Administrators can configure custom extensions as part of the mandatory list. End users can access and use these extensions either via citrixbrowser://extensions
or by clicking the Extensions option under the More button as needed. For more information on how to configure the custom extensions, see Mandatory custom extension.
Simplified SSO for Web and SaaS apps through the Global App Configuration service
Previously, single sign-on (SSO) was configured for Citrix Enterprise Browser using the PowerShell module. Now, this simplified SSO feature allows you to configure SSO in Citrix Enterprise Browser by using a newly introduced setting in the Global App Configuration service (GACS). Administrators can use this new setting to enable SSO for all web and SaaS apps in Citrix Enterprise Browser. This method eliminates the need for the complex PowerShell module. For more information on how to manage SSO through GACS, see Manage single sign‑on for Web and SaaS apps through the Global App Configuration service.
Note:
We recommend you to restart Citrix Workspace app when you modify the Citrix Enterprise Browser settings in GACS. However, you can also wait for the automatic refresh to complete. For more information on the sync duration of policies fetched from GACS, refer Frequency of settings update.
Extending simplified single sign-on functionality to StoreFront
The single sign-on (SSO) feature is now available for StoreFront, which assures a unified SSO experience. This new capability eliminates the need for users to authenticate separately when accessing apps through StoreFront. To facilitate this SSO feature, use the same Identity Provider (IdP) for both Web and SaaS apps, and for StoreFront. For more information on how to manage SSO through GACS, see Manage single sign‑on for Web and SaaS apps through the Global App Configuration service.
Manage pass-through authentication in Citrix Enterprise Browser
Pass-through authentication (PTA) is a feature of Azure AD Connect. PTA is an authentication method where the user credentials are passed from the client machine to the server. You never see it as it happens on the back end. In this method, the client machine directly communicates with the authentication server to validate the user’s credentials. PTA is typically used when your client machine and the authentication server trust each other, and your client machine is considered to be secure. For more information on Microsoft Azure AD pass-through authentication, see Microsoft Entra seamless single sign-on.
To facilitate pass-through authentication, you need the Windows Accounts extension to interact with applications that require Azure AD-based access within the Enterprise Browser. Administrator need to configure this Windows Accounts extension as part of the mandatory list under ExtensionInstallForcelist. For more information on the configuration of mandatory extensions, see Mandatory extension.
Enhanced capabilities on monitoring end user activities
Previously, administrators were unable to monitor end user activities such as App accessed and Traffic type. Starting with Citrix Workspace app for Windows 2311.1 (corresponding to Chromium version 119.1.1.60), you can now monitor these details as well.
- App accessed: Enterprise Browser provides information about all the apps accessed by the end user, provided the app is listed in the policy document.
- Traffic type: Enterprise Browser provides information about whether data is sent directly or through Secure Private Access authentication.
To monitor the end user activities from the Enterprise Browser, use the Citrix Analytics service using your Citrix Cloud account. After signing in to Citrix Cloud, navigate to Analytics > Security > Search. There, you can refer to Apps and Desktops under the Self-Service Search section. For more information on Citrix Analytics, see Getting started.
2309.1
What’s new
This release addresses issues that help to improve overall performance and stability.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 117.1.1.13, based on Chromium version 117. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
2309
What’s new
Note:
From this release onwards, ensure that the Microsoft Edge WebView2 Runtime version is 117 or later. We recommend you to install the latest version to get newer functionalities and security-related fixes.
The following features are added in this release:
- Additional .NET prerequisites
- Improved virtual apps and desktops launch experience
- Addition of the Troubleshooting option in the system tray of Citrix Workspace app
- Sustainability initiative from Citrix Workspace app
- Configure keyboard layout synchronization using command-line interface
- Command to cleanup and install Citrix Workspace app
- App Protection
- Citrix Enterprise Browser
Additional .NET prerequisites
In addition to .NET Framework 4.8, Citrix Workspace app requires the x86 version of.NET Desktop Runtime 6.0 for both x86 and x64 systems with admin privileges. For more information, see .NET requirements.
Improved virtual apps and desktops launch experience
Note:
From Citrix Workspace app version 2305.1 and later, this feature is generally available for cloud stores and from 2309 for on-premises stores.
Previously, the launch progress dialog box wasn’t intuitive to the users. It made the users assume that the launch process isn’t responding and they closed the dialog box, as the notification messages were static.
The improved app and desktop launch experience is more informative, modern, and provides a user-friendly experience on Citrix Workspace app for Windows. This feature helps to keep the users engaged with timely and relevant information about the launch status.
For more information, see Improved virtual apps and desktops launch experience.
Addition of the Troubleshooting option in the system tray of Citrix Workspace app
The Troubleshooting option is introduced to improve the user experience and to easily proceed with the troubleshooting. You can right-click on the Citrix Workspace app icon in the system tray that is placed in the bottom-right corner of your screen and then select Troubleshooting to access it.
The options available under Troubleshooting are:
- Send Feedback
- Collect Logs
- Check Configuration
- Reset App Data
- Help
Send feedback on Citrix Workspace app
The Send feedback option allows you to inform Citrix about any issues that you might run into while using Citrix Workspace app. You can also send suggestions to help us improve your Citrix Workspace app experience.
For more information, see Addition of the Troubleshooting option in the system tray of Citrix Workspace app.
Sustainability initiative from Citrix Workspace app
When this feature is enabled, a prompt appears to sign out from the desktop session when a user closes a virtual desktop. This feature might help conserve energy if there are Windows OS policies that are used to shut down VMs when no users are logged in.
For more information, see Sustainability initiative from Citrix Workspace app.
Commands to configure keyboard layout synchronization using command-line interface
Previously, you could configure keyboard layout synchronization using the GUI or by updating the configuration file only. With this release, the new commands are introduced to configure keyboard layout synchronization using the command-line-interface.
For more information, see Configure keyboard layout synchronization using command-line interface.
Command to cleanup and install Citrix Workspace app
Use the /CleanInstall
command to cleanup any leftover traces such as files and registry values from a previous uninstall and then freshly install the new version of the Citrix Workspace app.
For example:
CitrixWorkspaceApp.exe /CleanInstall
<!--NeedCopy-->
Optimized Microsoft Teams updates
Upcoming Microsoft Teams Single-Window EOL
On January 31, 2024, Microsoft will retire the Microsoft Teams support for Single-window UI when using VDI Microsoft Teams optimization and support only the Multi-Window experience. You must use a version of Citrix Virtual Apps and Desktops and Citrix Workspace app that support the Multi-Window feature to continue using certain optimized Microsoft Teams functionalities. For more information, see Upcoming Microsoft Teams Single-Window EOL.
Deprecation announcement of the SDP format (Plan B) from WebRTC
Citrix is planning to deprecate the current SDP format (Plan B) support from WebRTC in future releases. You must use a version of Citrix Workspace app that supports the Unified Plan to continue using certain optimized Microsoft Teams functionalities. For more information, see Deprecation announcement of the SDP format (Plan B) from WebRTC.
App Protection
Important update on file names
In a future release for Citrix Workspace app for Windows, the following file names will be updated as follows:
Existing file name | New file name |
---|---|
EntryProtect.dll |
ctxapdotnet.dll |
entryprotect.sys |
ctxapdriver.sys |
epclient32.dll |
ctxapclient32.dll |
epclient64.dll |
ctxapclient64.dll |
epinject.sys |
ctxapinject.sys |
epusbfilter.sys |
ctxapusbfilter.sys |
entryprotectdrv |
ctxapdriver |
epinject6 |
ctxapinject |
These files are installed at %ProgramFiles(x86)%\Citrix\ICA Client
by default.
If you’ve added any of the preceding file names to the allow list in your environment, update the allow list.
Policy tampering detection
Policy tampering detection feature prevents the user from accessing the Virtual App or Desktop session if the App Protection anti-screen capture and anti-keylogging policies are tampered. If policy tampering is detected, the virtual app or desktop session will be terminated displaying the following error message:
Note:
This feature will be available only after the release of the upcoming version of Citrix Virtual Apps and Desktops.
For more information about the policy tampering detection feature, see Policy tampering detection.
Full desktop sharing capability from the VDA with Citrix Workspace app
Previously when App Protection is enabled, desktop sharing is disabled for Optimized Microsoft Teams as App Protection doesn’t allow you to capture the screen.
From Citrix Workspace app for Windows 2309 version and later, desktop sharing is enabled for Optimized Microsoft Teams even if App Protection is enabled.
For more information, see Compatibility with HDX optimization for Microsoft Teams.
App Protection with DoubleHop scenario
App Protection features aren’t supported in a double hop scenario. Double hop means a Citrix Virtual Apps or Virtual Desktops session running within a Citrix Virtual Desktops session. You were allowed to launch virtual apps and desktops enabled with App Protection policies in a double hop scenario. However, the App Protection features weren’t applied.
Now, a Windows Group Policy is introduced which allows you to block opening virtual apps and desktops enabled with App Protection policies in a double hop scenario. For more information about enabling the Block DoubleHop Launch setting, see Enable Block DoubleHop Launch setting.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 117.1.1.9, based on Chromium version 117. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Authentication through Citrix Enterprise Browser
Previously, if the authentication token for Citrix Workspace app expired, you weren’t able to use the Enterprise Browser. You had to switch to Citrix Workspace app and reauthenticate to continue using the Enterprise Browser.
Starting with the Citrix Workspace app for Windows 2309 version (which corresponds to the Chromium version 117.1.1.9), you can authenticate within the Enterprise Browser itself only when the store remains the same. It ensures authentication to Citrix Workspace app as well. In addition, this feature provides a seamless login experience.
Note:
- This feature applies to Workspace stores.
2307.1
What’s new
This release addresses issues that help to improve overall performance and stability.
2307
What’s new
Added support for playing short tones in optimized Microsoft Teams
Earlier, with the secondary ringtone feature enabled, short tones such as beeps or notifications were playing repeatedly. For example, the tone that was played when a guest joins the Microsoft Teams meeting was repeated. The only workaround was to quit and restart Microsoft Teams. This issue resulted in a poor end-user experience.
With this release, Citrix Workspace app supports playing the short tones as desired. This support also enables the secondary ringtone feature.
Prerequisites:
Update to the latest version of Microsoft Teams.
Note:
The preceding feature is available only after the roll-out of a corresponding update from Microsoft Teams. Check the documentation update and the announcement in CTX253754.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 112.1.1.24, based on Chromium version 112. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Citrix Enterprise Browser shortcut
Starting with the Citrix Workspace app for Windows 2307 version, an administrator can configure and control the presence of the Citrix Enterprise Browser shortcut on the Start menu.
Note:
By default, this setting is enabled for Workspace stores.
Configuration
An IT administrator can configure the presence of the Citrix Enterprise Browser shortcut in one of the following ways:
- Group Policy Object (GPO)
- Global App Configuration Service (GACS)
- web.config.file.
Notes:
- All the configuration methods have equal priority. Enabling any one of them enables the shortcut.
- If you haven’t configured the shortcut but have one or more Workspace stores, the shortcut gets automatically enabled.
- For end users, the Citrix Enterprise Browser shortcut appears if the user makes it as a favorite app irrespective of the configuration.
To disable this feature for Workspace stores, administrators must apply the following settings in any one of the following:
- set the CEBShortcutEnabled attribute to false in the
web.config
file.- disable the Enable Citrix Enterprise Browser shortcut property in GPO and GACS.
Using Group Policy Object
Administrators can use the Enable Citrix Enterprise Browser shortcut property to control the display of the Citrix Enterprise Browser shortcut on the Start menu.
Note:
Configuration through GPO is applicable on Workspace and StoreFront.
To enable the Citrix Enterprise Browser shortcut, do the following:
- Open the Citrix Workspace app Group Policy Object administrative template by running
gpedit.msc
. - Under the Computer Configuration node, go to Administrative Templates > Citrix Components > Citrix Workspace > Citrix Enterprise Browser.
- Select the Enable Citrix Enterprise Browser shortcut option.
For more information on how to use the GPO, see the Group Policy Object administrative template page.
Global App Configuration service (GACS)
Navigate to Workspace Configuration > App Configuration > Citrix Enterprise Browser and enable Enable Citrix Enterprise Browser shortcut.
For more information on how to use the GACS UI, see the User interface article in the Citrix Enterprise Browser documentation.
Note:
This way of configuration is applicable on Workspace and StoreFront.
web.config file:
Enable the attribute CEBShortcutEnabled under the properties.
<properties>
<property name="CEBShortcutEnabled" value="True" />
</properties>
<!--NeedCopy-->
Note:
Configuration through
web.config
is applicable on StoreFront.
Using web.config:
To enable the Citrix Enterprise Browser shortcut, do the following:
- Use a text editor to open the web.config file, which is typically at
C:\inetpub\wwwroot\Citrix\Roaming directory
. -
Locate the user account element in the file (Store is the account name of your deployment) For example:
<account id=... name="Store">
-
Before the
</account>
tag, navigate to the properties of that user account and add the following:<properties> <property name="CEBShortcutEnabled" value="True" /> </properties> <!--NeedCopy-->
Following is an example of the web.config
file:
<account>
<clear />
<account id="d1197d2c-ac82-4f13-9346-2ee14d4b0202" name="F84Store"
description="" published="true" updaterType="Citrix" remoteAccessType="None">
<annotatedServices>
<clear />
<annotatedServiceRecord serviceRef="1__Citrix_F84Store">
<metadata>
<plugins>
<clear />
</plugins>
<trustSettings>
<clear />
</trustSettings>
<properties>
<property name="CEBShortcutEnabled" value="True" />
</properties>
</metadata>
</annotatedServiceRecord>
</annotatedServices>
<metadata>
<plugins>
<clear />
</plugins>
<trustSettings>
<clear />
</trustSettings>
<properties>
<clear />
</properties>
</metadata>
</account>
<!--NeedCopy-->
2305.1
What’s new
Improved virtual apps and desktops launch experience
Note:
This feature is generally available for cloud stores and it is in technical preview for on-premises stores.
Previously, the launch progress dialog box wasn’t intuitive to the users. It made the users assume that the launch process isn’t responding and they closed the dialog box, as the notification messages were static.
The improved app and desktop launch experience is more informative, modern, and provides a user-friendly experience on Citrix Workspace app for Windows. This feature helps to keep the users engaged with timely and relevant information about the launch status. The notification appears in the bottom-right corner of your screen.
Users can view meaningful notifications about the launch progress, instead of just a spinner. If a launch is in progress and the user attempts to close the browser, a warning message is shown.
Starting with Citrix Workspace app for Windows 2305.1, this feature is enabled by default in cloud sessions.
You can enable this feature using the registry key for the StoreFront (on-premises) session. For more information, see Improved virtual apps and desktops launch experience.
Tracking Storebrowse command status
You can track the execution status of a Storebrowse command in a file. To track the success status, provide a unique file name with the -f launch
command. This command generates a file with the name that you have provided. The failure status is present in the ica.error
file, which is created automatically.
Note:
Ensure that you add an
.ica
extension to the file name with-f launch
command. Otherwise, the file isn’t generated.
The files to track both success and failure are present at %LOCALAPPDATA%\citrix\selfservice\cache
and you can monitor these files as needed.
This enhancement is enabled by default.
Following is an example to use the launch command with -f
option:
-launch -f <uniqueFileName.ica> "launchcommandline"
For example:
SelfService.exe storebrowse -launch -f uniqueFileName.ica -s store0-5c3ec017 -CitrixID store0-5c3ec017@@a9a8e3ac-099d-4577-b84e-e33d0695df39.Notepad -ica "https://cwawiniwstest.cloudburrito.com/Citrix/Store/resources/v2/YTlhOGUzYWMtMDk5ZC00NTc3LWI4NGUtZTMzZDA2OTVkZjM5Lk5vdGVwYWQ-/launch/ica" -cmdline
<!--NeedCopy-->
Support for modern authentication methods for StoreFront stores
Citrix Workspace app 2305.1 for Windows support modern authentication methods for StoreFront stores. You can authenticate to Citrix StoreFront stores using any of the following ways:
- Using Windows Hello and FIDO2 security keys. For more information, see Other ways to authenticate.
- Single sign-on to Citrix StoreFront stores from Azure Active Directory (AAD) joined machines with AAD as the identity provider. For more information, see Other ways to authenticate.
- Workspace administrators can configure and enforce Azure Active Directory conditional access policies for users authenticating to Citrix StoreFront stores. For more information, see Support for Conditional access with Azure AD.
To enable this feature, you must use Microsoft Edge WebView2 as the underlying browser for direct StoreFront and gateway authentication.
Note:
Ensure that the Microsoft Edge WebView2 Runtime version is 102 or later.
You can enable modern authentication methods for StoreFront stores using the Global App Config service and Group Policy Object (GPO) template. For more information, see the Support for modern authentication methods for StoreFront stores section.
Support for more than 200 groups in Azure AD
With this release, an Azure AD user who is part of more than 200 groups can view apps and desktops assigned to the user. Previously, the same user wasn’t able to view these apps and desktops.
Note:
Users must sign out from Citrix Workspace app and sign in back to enable this feature.
App Protection
Enhancement on anti-keylogging
With this enhancement, anti-keylogging is enabled on the authentication and self-service plug-in (SSP) screens if one of the following criteria is met:
-
You have enabled App Protection using one of the following:
- Select the Start App Protection checkbox during installation.
- Start the App Protection component using the
startappprotection
command line parameter.
-
If you haven’t selected the Start App Protection checkbox or used the
startappprotection
command line parameter during the installation, then the anti-keylogging protection is enabled after launching the first protected resource.
Note:
The Global App Configuration service (GACS) and Group policy objects (GPO) settings override the preceding behavior. For example, if you’ve disabled the GACS or GPO policy for these screens, the anti-keylogging is not enabled on the authentication and SSP screens.
Important update on file names
In a future release for Citrix Workspace app for Windows, the following file names will be updated:
- EntryProtect.dll
- entryprotect.sys
- epclient32.dll
- epclient64.dll
- epinject.sys
- epusbfilter.sys
- entryprotectdrv
- epinject6
These files are installed at %ProgramFiles(x86)%\Citrix\ICA Client\
.
If you’ve added any of these file names to the allow list in your environment, update the allow list when the new file names are announced.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 105.1.1.27, based on Chromium version 105. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Support for browser extensions
You can add extensions that are provided by your administrator to the Citrix Enterprise Browser in a secure way. An administrator can deploy, manage, and control the extensions. End users can view and use the extension under citrixbrowser://extensions
as required. For more settings, see Global App Configuration Service.
For more information on how to configure, see Support for browser extensions.
Modification in SPA policy implementation on internal Web and SaaS apps
This feature enhances the security policies implementation on Web and SaaS apps. When a webpage and iframes within the webpage have different policies, we now have a stricter policy implementation where a union of all policies is applied on the entire webpage, including the iframes. However, the watermark is applied to the webpage only.
Use the Global App Config service to manage Citrix Enterprise Browser
The administrator can use the Global App Configuration service (GACS) for Citrix Workspace to deliver Citrix Enterprise Browser settings through a centrally managed service.
The Global App Configuration service is designed for administrators to easily configure Citrix Workspace and manage the Citrix Workspace app settings. This feature allows admins to use the Global App Configuration Service to apply various settings or system policies to the Citrix Enterprise Browser on a particular store. The administrator can now configure and manage the following Citrix Enterprise Browser settings using APIs or the GACS Admin UI:
- “Enable CEB for all apps” - Makes the Citrix Enterprise Browser the default browser for opening web and SaaS apps from the Citrix Workspace app.
- “Enable save passwords” - Allow or deny end users the ability to save passwords.
- “Enable incognito mode” - Enable or disable incognito mode.
- “Managed Bookmarks” - Allow an administrator to push bookmarks to the Citrix Enterprise Browser.
- “Enable developer tools” - Enable or disable developer tools within the Enterprise Browser.
- “Delete browsing data on exit” - Allow the administrator to configure what data the Citrix Enterprise Browser deletes on exit.
- “Extension Install Force list” - Allow the administrator to install extensions in the Citrix Enterprise Browser.
- “Extension Install Allow list” - Allow the administrator to configure an allowed list of extensions that users can add to the Citrix Enterprise Browser. This list uses the Chrome Web Store.
For more information, see Use Global App Configuration service to manage Citrix Enterprise Browser.
Notes:
- The name and value pair are case-sensitive.
- All the browser settings in Global App Configuration Service are under the following categories:
{
"category": "browser",
"userOverride": false,
"assignedTo": [
"AllUsersNoAuthentication"
]
}
<!--NeedCopy-->
- The administrator can apply the settings to unmanaged devices as well. For more information, see the Global App Configuration Service documentation.
User interface
To configure Citrix Enterprise Browser through the GACS Admin UI, do the following:
-
Sign in to citrix.cloud.com with your credentials.
Note:
Refer to the Sign Up for Citrix Cloud article for step-by-step instructions to create a Citrix Cloud account.
-
Upon authentication, click the menu button in the top left corner and select Workspace Configuration.
The Workspace Configuration screen appears.
-
Click App Configuration > Citrix Enterprise Browser.
You can now configure, modify, and publish Citrix Enterprise Browser feature settings.
For more information, see Use Global App Configuration service to manage Citrix Enterprise Browser.
2303
What’s new
Configure path for Browser Content Redirection overlay Browser temp data storage
Starting with Citrix Workspace app 2303 version, you are requested to configure temp data storage path for the Chromium Embedded Framework (CEF) based browser.
For more information, see Configure path for Browser Content Redirection overlay Browser temp data storage.
Support for modern authentication methods for StoreFront stores
Citrix Workspace app 2303 for Windows support modern authentication methods for StoreFront stores. You can authenticate to Citrix StoreFront stores using any of the following ways:
- Using Windows Hello and FIDO2 security keys. For more information, see Other ways to authenticate.
- Single sign-on to Citrix StoreFront stores from Azure Active Directory (AAD) joined machines with AAD as the identity provider. For more information, see Other ways to authenticate.
- Workspace administrators can configure and enforce Azure Active Directory conditional access policies for users authenticating to Citrix StoreFront stores. For more information, see Support for Conditional access with Azure AD.
To enable this feature, you must use Microsoft Edge WebView2 as the underlying browser for direct StoreFront and gateway authentication.
Note:
Ensure that the Microsoft Edge WebView2 Runtime version is 102 or later.
You can enable modern authentication methods for StoreFront stores using the GPO template. For more information, see the Support for modern authentication methods for StoreFront stores section.
Improved experience for optimized Microsoft Teams video conference calls
Starting with this release, by default simulcast support is enabled for optimized Microsoft Teams video conference calls. With this support, the quality and experience of video conference calls across different endpoints are improved by adapting to the proper resolution for the best call experience for all callers.
With this improved experience, each user might deliver multiple video streams in different resolutions (for example, 720p, 360p, and so on) depending on several factors including endpoint capability, network conditions, and so on The receiving endpoint then requests the maximum quality resolution that it can handle thereby giving all users the optimum video experience.
Note:
This feature is available only after the roll-out of an update from Microsoft Teams. For information on ETA, go to https://www.microsoft.com/ and search for the Microsoft 365 roadmap. When the update is rolled-out by Microsoft, you can check CTX253754 for the documentation update and the announcement.
Enhancement to App Protection: Anti-DLL Injection
As part of App Protection, we now have a security enhancement that helps to protect the Citrix Workspace app from certain unauthorized dynamic-link libraries (DLL) or untrusted modules. If such untrusted modules are injected, the Citrix Workspace app detects these interventions and stops the modules from loading.
The anti-DLL injection can be enabled for the following components:
- Citrix Auth Manager
- Citrix Workspace app UI
- Citrix Virtual Apps and Desktops
For more information, see the App Protection documentation.
Disclaimer:
This capability works by filtering access to required functions of the underlying operating system (specific API calls required to load DLLs). Doing so means that it can provide protection even against certain custom and purpose-built hacker tools. However, as operating systems evolve, new ways of loading DLLs can emerge. While we continue to identify and address them, we cannot guarantee full protection in specific configurations and deployments.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 109.1.1.29, based on Chromium version 109. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Secure Private Access support for StoreFront
As an administrator, you can now configure Web and SaaS apps in StoreFront using a Secure Private Access solution. After the administrator configures the app, end users can open the Web and SaaS apps using Citrix Enterprise Browser with enhanced security.
For more information, see Secure Private Access for on-premises in the Citrix Secure Private Access documentation.
2302
What’s new
Improved virtual apps and desktops reconnection experience
This release provides an enhanced user experience while reconnecting to virtual apps and desktops from which you got disconnected.
When Citrix Workspace app attempts to refresh the disconnected Citrix Workspace app or start new virtual apps or desktops as a part of the Workspace Control feature, the following prompt appears:
This prompt appears only when the show reconnection prompt to reconnect sessions is set to true in the Global App Configuration service.
Click Restore to reconnect to open new and disconnected virtual apps and desktops. If you want to start only newly selected apps and desktops, click Cancel.
You can also select Remember my preference to apply the selected preference for the next login.
The preceding new Restore session? prompt appears only if:
- the user tries to start an app belonging to a workspace store,
- admin policies or app config settings are not configured for the Workspace Control feature,
- Workspace Control Reconnect options are set to default on the client.
Note:
Reconnect settings in the Reconnect Options takes precedence over the preferences set in the dialog box. For more information, see the Configure reconnect options using Advanced Preferences dialog.
Client App Management for Zoom plug-in
You can now manage the Zoom plug-in using Client App Management capability.
For more information, see Client App Management for Zoom plug-in.
Updated audio device selection behavior for optimized Microsoft Teams
Starting with this release, when you change the default audio devices in the sound settings on the endpoint, the optimized Microsoft Teams in the Citrix VDI changes the current audio devices selection to match the endpoint defaults.
However, if you make an explicit device selection in Microsoft Teams, your selection takes precedence and does not follow the endpoint defaults. Your selection is persistent until you clear the Microsoft Teams cache.
App Protection enhancement
Starting with this release, Citrix Workspace app for Windows allows you to configure App Protection for Authentication and Self-Service plug-in using the Global App Configuration. Previously, you were able to configure these components only using the Group Policy Object.
If you enable the anti-keylogging and the anti-screen capturing functionality using the Global App Configuration service, they are applicable to both Authentication and Self-Service plug-in.
Note:
The Global App Configuration service configurations don’t apply for virtual apps, virtual desktops, web apps, and SaaS apps. These resources continue to be controlled using the Delivery Controller and Citrix Secure Private Access. For more information, see the configure section in the App Protection documentation.
For more information, see the App Protection enhancement section.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 108.1.1.97, based on Chromium version 108. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Open all web and SaaS apps through the Citrix Enterprise Browser
In this release of the Enterprise Browser (in Citrix Workspace app for Windows), all internal web apps and external SaaS apps available in the Citrix Workspace app open in Citrix Enterprise Browser.
Option to start Citrix Enterprise Browser from within Citrix Workspace app
Previously, you can open the Citrix Enterprise Browser from the Citrix Workspace app after opening a web or SaaS app.
Starting with this release, you can open the Citrix Enterprise Browser from the Citrix Workspace app directly without requiring you to open a web or SaaS app. This feature provides easy access to the Citrix Enterprise Browser and doesn’t require any configurations from administrators. This feature is available by default.
Note:
The end user must have entitlement to at least one web or SaaS app through Secure Private Access.
2212
What’s new
Note:
From this release onward, ensure that the Microsoft Edge WebView2 Runtime version is 102 or later. For more information, see System requirements and compatibility.
Client App Management
Citrix Workspace app 2212 for Windows now offers Client App Management capability that makes the Citrix Workspace app a single client app required on the end point to install and manage agents such as the Secure Access Agent and End Point Analysis (EPA) plug-in.
With this capability, administrators can easily deploy and manage required agents from a single management console.
For more information, see Client App Management.
Auto-update version control
Administrators can now manage the auto-update version for the devices in the organization.
Administrators can control the version by setting the version in the maximumAllowedVersion property in the Global App Config Service.
Example JSON file in Global App Config Service:
{
"category": "AutoUpdate",
"userOverride": false,
"assignedTo": [
"AllUsersNoAuthentication"
],
"settings": [
{
"name": "Auto Update plugins settings",
"value": [
{
"pluginSettings": {
"upgradeToLatest": false,
"deploymentMode": "InstallAndUpdate",
"stream": "Current",
"maximumAllowedVersion": "23.03.0.49",
"minimumAllowedVersion": "0.0.0.0",
"delayGroup": "Fast"
},
"pluginName": "WorkspaceApp",
"pluginId": "1CDF566D-B2C7-47CA-802F-6283C862E1D6"
}
]
}
]
}
<!--NeedCopy-->
When the version is set, Citrix Workspace app on the user’s device is automatically updated to the version specified in the maximumAllowedVersion property.
Notes:
- Currently all the parameters mentioned in the preceding JSON file are mandatory. You must provide values for the
upgradeToLatest
setting and themaximumAllowedVersion
setting based on the requirement of your organization. However, for the remaining parameters, you can use values similar to the example JSON file.- To achieve auto-update version control,
upgradeToLatest
setting in the Global App Config Service must be set to false. If this setting is true,maximumAllowedVersion
is ignored.- Do not modify the pluginId as this ID is mapped to Citrix Workspace app.
- If the administrator hasn’t configured the version in the Global App Config Service, Citrix Workspace app is updated to the latest available version by default.
Force login prompt for Federated identity provider
Citrix Workspace app now honors the Federated Identity Provider Sessions setting. For more information, see Knowledge Center article CTX253779.
You no longer need to use the Store authentication tokens policy to force the login prompt.
Improved reconnection experience after connection lease file expiry
Previously, there was no notification to the end user when the connection lease file and authentication token expired.
Starting from this release, you are prompted with an error message and a consent dialog box. The consent dialog box appears only when you have resources running in the session. If there are no resources running, only an error dialog box appears. You are signed out without being prompted with the consent dialog box.
You can click Sign Out to sign out from the current Citrix Workspace app session or click Cancel to continue with the session.
Note:
Save your data before clicking Sign Out.
Support for default installation of App Protection
App Protection component is now installed by default during the Citrix Workspace app installation.
The Enable app protection checkbox that appears during the installation is replaced with Start App Protection after installation.
When you select this checkbox, App Protection starts immediately after the installation.
Note:
If you do not enable this checkbox, App Protection automatically starts upon the first start of a protected resource or component for customers who have entitled to App Protection.
You can also start the App Protection component using the /startappprotection
command line parameter. However, the previous /includeappprotection
switch is deprecated.
Note:
Previously, anti-screen capture and anti-keylogging capabilities were enforced by default for Citrix authentication and Citrix Workspace app screens. However, starting from 2212, these capabilities are disabled by default and need to be configured using the Group Policy Object. For information on the GPO configuration, see Enhancement to App Protection configuration.
App Protection enhancement: Screen capture detection and notification
Starting from this release, you can view a notification when a possible attempt of screen capture is made on any protected resources. For information on the resources protected by App Protection, see What does App Protection protect?
The notification appears when there is an:
- attempt to take a screenshot or record video through a screen-capturing tool.
- attempt to take a screenshot through the Print Screen key.
Note:
The notification appears only once per running instance of the screen capture tool. The notification appears again if you relaunch the tool and attempt screen capture.
Desktop Viewer optimization
This release optimizes the Desktop Viewer experience by reducing the launch time by 5 seconds. The Desktop Viewer toolbar opens quickly and might display the default Windows session sign-in screen. Administrators can hide this experience by configuring the following registry to introduce some delay in milliseconds:
- Location: HKEY_CURRENT_USER\SOFTWARE\Citrix\XenDesktop\DesktopViewer
- Name: ExtendConnectScreenMS
- Type: DWORD
- Value: 00000000 (Delay in Milliseconds)
Note:
The registry configuration is optional.
Citrix Enterprise Browser
Note:
From Citrix Workspace app for Windows version 2210, the Open all web and SaaS apps through the Citrix Enterprise Browser feature is disabled.
This release includes Citrix Enterprise Browser version 107.1.1.13, based on Chromium version 107. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
-
Set Citrix Enterprise Browser as the work browser
You can now configure Citrix Enterprise Browser as a work browser to open all work links. You can select an alternate browser to open non-work links.
A work link is a link that is associated with the web or SaaS apps that are configured by the administrator for the end user. When a user clicks any link within a native application, if it’s a work link, it’s opened through the Enterprise Browser. If not, it’s opened through the alternate browser that the end-user selects.
For more information, see Set Citrix Enterprise Browser as the work browser.
2210.5
What’s new
This release addresses issues that help to improve overall performance, security, and stability.
Enhancement to auto-update
Citrix Workspace app now supports auto-update when Proxy auto-configuration (PAC) and Web Proxy Auto-Discovery Protocol (WPAD) detection is enabled.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 105.2.1.40, based on Chromium version 105. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
2210
What’s new
Background blurring for webcam redirection
Citrix Workspace app for Windows now supports background blurring for webcam redirection. You can enable this feature by selecting the Preferences > Connections > Enable background blur checkbox.
App Protection enhancements for web and SaaS apps on Windows 11
This App Protection enhancement optimizes the experience and security capabilities for web and SaaS app users on Windows 11. This enhancement is available via the Citrix Enterprise Browser for Secure Private Access customers.
Limiting video resolutions
Administrators who have users on lower-performance client endpoints can choose to limit incoming or outgoing video resolutions to decrease the impact of encoding and decoding video on those endpoints. Starting from Citrix Workspace app 2010 for Windows, you can limit these resolutions using client configuration options.
Note:
Users running with restricted resolutions impact the overall video quality of the conference because the Microsoft Teams server will be forced to use the lowest-common-denominator resolution for all conference participants.
Call constraints are disabled by default on the client with Citrix Workspace app 2210. To enable, administrators must set the following client-side configurations in the HKEY_CURRENT_USER\SOFTWARE\Citrix\HDXMediaStream:
Name | Type | Mandatory | Accepted Values |
---|---|---|---|
EnableSimulcast | Int | YES | 1–3 (Set it to 1) |
MaxOutgoingResolution | Int | YES | 180,240,360,540,720,1080 (Microsoft Teams supported Resolutions) |
MaxIncomingResolution | Int | YES | 180,240,360,540,720,1080 (Microsoft Teams supported Resolutions) |
MaxIncomingStreams | Int | YES | 1–8 |
MaxSimulcastLayers | Int | YES | 1–3 (set it to 1) |
MaxVideoFrameRate | Int | NO | 1–30 |
MaxScreenshareFrameRate | Int | NO | 1–15 |
All keys are DWORDs.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 105.1.1.27, based on Chromium version 105. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
Rebranding Citrix Workspace Browser
Citrix Workspace Browser is now Citrix Enterprise Browser. The custom scheme is now changed from citrixworkspace:// to citrixbrowser://.
Implementing this transition in our products and their documentation is an ongoing process. Your patience during this transition is appreciated.
- The product UI, in-product content, and the images and instructions in the product documentation will be updated in the coming weeks.
- It is possible that some items (such as commands and MSIs) might continue to retain their former names to prevent breaking existing customer scripts.
- Related product documentation and other resources (such as videos and blog posts) that are linked from this product documentation might still contain former names.
Open all web and SaaS apps through the Citrix Enterprise Browser
From this release, all internal web apps and external SaaS apps available in the Citrix Workspace app open in Citrix Enterprise Browser.
Note:
From Citrix Workspace app for Windows version 2210, the Open all web and SaaS apps through the Citrix Enterprise Browser feature is disabled.
Supporting auto-update of Citrix Workspace app on VDA
You can now enable the auto-update feature on VDA by creating the following registry value:
On a 32-bit machine:
- Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\ICA Client\AutoUpdate
- Registry Value: AllowAutoUpdateOnVDA
- Registry Type: REG_SZ
- Registry Data: True
On a 64-bit machine:
- Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\AutoUpdate
- Registry Value: AllowAutoUpdateOnVDA
- Registry Type: REG_SZ
- Registry Data: True
Citrix Enterprise Browser (formerly Citrix Workspace Browser)
This release includes Citrix Enterprise Browser version 103.2.1.10, based on Chromium version 103. For more information about the Citrix Enterprise Browser, see the Citrix Enterprise Browser documentation.
-
Citrix Enterprise Browser Profiles
Profiles help you keep personal information such as history, bookmarks, passwords, and other settings separate for each of your Citrix Workspace accounts. Based on your Workspace store, a profile is created, allowing you to have a unique and personalized browsing experience.
Note:
After you upgrade to version 103.2.1.10 and sign in to the device for the first time, only your previously saved passwords are removed. When you sign in to the device using a different store for the first time, all your previously saved data is lost.
2207
What’s new
Background blurring and effects for Microsoft Teams optimization with HDX
Citrix Workspace app for Windows now supports background blurring and effects in Microsoft Teams optimization with HDX.
You can either blur or replace the background with a custom image and avoid unexpected distractions by helping the conversation stay focused on the silhouette (body and face). The feature can be used with either P2P or conference calls.
Note:
This feature is now integrated with the Microsoft Teams UI/buttons. MultiWindow support is a prerequisite that requires a VDA update to 2112 or higher. For more information, see Multi-window meetings and chat.
Limitations:
- Admin and user-defined background replacement isn’t supported.
- The background effect doesn’t persist between sessions. When you close and relaunch Microsoft Teams or VDA is reconnected, the background effect is reset to off.
- After the ICA session is reconnected, the effect is off. However, the Microsoft Teams UI shows that the previous effect is still On by a tick mark. Citrix and Microsoft are working together to resolve this issue.
- The device must be connected to the internet while replacing the background image.
Note:
This feature is available only after the future update roll-out from Microsoft Teams. When the update is rolled-out by Microsoft, you can check Knowledge Center articleCTX253754 and the Microsoft 365 Public roadmap for the documentation update and the announcement.
Improved auto-update experience
The auto-update feature automatically updates the Citrix Workspace app to the latest version without the need for any user intervention.
Citrix Workspace app periodically checks and downloads the latest available version of the app. Citrix Workspace app determines the best time to install based on user activity not to cause any disruptions.
When the installation is complete, the following notification appears:
If the Citrix Workspace app can’t find the right time to install the updates in the background, a notification prompt appears.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 102.1.1.14, based on Chromium version 102.
Note on Citrix Workspace app update
While updating Citrix Workspace app for Windows from the previous version to 2207, the user is prompted to sign in. The sign-in is prompted only for the workspace store.
2206
What’s new
Improved graphics performance
Citrix Workspace app 2206 introduces significant performance improvements for Intel integrated GPUs:
- Graphics GPU consumption has been reduced, improving overall performance.
The following issues are fixed:
- Low frames per second after playing a video on the Intel 10th Generation GPU or higher.
- Brightness difference in Build-To-Lossless or for Actively Changing Regions on Intel and AMD GPUs.
Enabling DPI matching
Starting with Citrix Workspace app 2206 for Windows, DPI matching is enabled by default. This means Citrix Workspace app attempts to match display resolution and DPI scale settings of the local Windows client to the Citrix session automatically. As part of this change, the High DPI option available under Advance Preferences in Citrix Workspace app is no longer available.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 101.1.1.12, based on Chromium version 101. For features or bugs fixes in the Citrix Enterprise Browser, see What’s new in the Citrix Enterprise Browser documentation.
2205
What’s new
Note:
From this release onward, ensure that the Microsoft Edge WebView2 Runtime version is 99 or later. For more information, see System requirements and compatibility.
Change to Citrix Casting
Previously, Citrix Casting was enabled by default during the Citrix Workspace app installation. Starting from this release, Citrix Casting is enabled only if you run Citrix Workspace app installer with the /IncludeCitrixCasting
command during installation.
When you update Citrix Workspace app, the Citrix Casting gets updated automatically. For more information on Citrix Casting, see Citrix Casting.
Quick access to resources
Starting from this release, you can get quick access to your recently used apps and desktops. Right-click on the Citrix Workspace app icon in the taskbar to view and open the recently used resources from the pop-up menu.
Sign out custom web store upon Citrix Workspace app exit
When the signoutCustomWebstoreOnExit
attribute is set to True, closing the Citrix Workspace app signs you out of custom webstores. You can configure the signoutCustomWebstoreOnExit
attribute in Global App Configuration Service.
For more information, see Global App Configuration Service documentation.
Support to open Citrix Workspace app in maximized mode
Starting from this release, you can choose to open the Citrix Workspace app in maximized mode. Instead of maximizing the Citrix Workspace app manually every time, you can set the maximise workspace window
property in the Global App Configuration Service to enable the Citrix Workspace app to open in the maximized mode by default.
For more information about the Global App Configuration Service, see Getting Started.
Storebrowse support for Workspace
Citrix Workspace app for Windows now provides Storebrowse support to self-service that enables Storebrowse users to access Cloud and Workspace features.
Note:
- This feature provides Storebrowse support with single sign-on only.
- The prerequisites mentioned in System requirements and compatibility must be available to use this feature.
For more information, see Storebrowse for Workspace.
Citrix Enterprise Browser
-
This release includes Citrix Enterprise Browser version 99.1.1.8, based on Chromium version 99. For features or bugs fixes in the Citrix Enterprise Browser, see What’s new in the Citrix Enterprise Browser documentation.
-
Citrix Workspace app now alerts you about closing active browser windows, when you do any of the following in the Citrix Workspace app:
- Sign out from a store
- Switch to a different store
- Add a new store
- Delete the current store
2204.1
What’s new
Audio redirection enhancement
Improved audio echo cancellation support for all audio codecs including Adaptive audio and all legacy audio codecs.
Citrix Enterprise Browser
This release includes Citrix Enterprise Browser version 98.1.2.20, based on Chromium version 98. For features or bugs fixes in the Citrix Enterprise Browser, see What’s new in the Citrix Enterprise Browser documentation.
Microsoft Teams optimization
- App Protection and Microsoft Teams enhancement: Microsoft Teams supports incoming video and screen sharing when Citrix Workspace app for Windows with App Protection enabled is on Desktop Viewer mode only. Published apps in seamless mode don’t render incoming video and screen sharing.
Legacy documentation
For product releases that have reached End of Life (EOL), see Legacy documentation.
Third-party notices
Citrix Workspace app for Windows might include third-party software licensed under the terms defined in the following document:
Citrix Workspace app for Windows Third-Party Notices (PDF download)