Product documentation
Citrix Workspace app for Windows
Current Release 2402 LTSR 2203.1 LTSR 1912 LTSR
View PDF

Features in Technical Preview

April 22, 2024
Contributed by: 
S C S

Features in Technical Preview are available to use in non-production or limited production environments, and to give customers an opportunity to share feedback. Citrix does not accept support cases for features in technical preview but welcomes feedback for improving them. Citrix might act on feedback based on its severity, criticality, and importance.

List of features in Technical Preview

The following table lists the features in the technical preview. To provide feedback for any of these features, fill out the respective forms.

Title Available from version Feedback form (Click the icon)
Share system audio 2403 Feedback form
Support for TLS protocol version 1.3 2311.1 Feedback form
Enhanced domain pass-through for single sign-on 2309 Feedback form
Client App Management for WebEx plug‑in 2303 Feedback form
Quick Launch of Disconnected Desktops 2209 Feedback form
Local App Protection 2210 Feedback form
Support for an enhanced single sign-on (SSO) experience for web and SaaS apps 2204.1 Feedback form

Share system audio

You can now share the audio playing on your VDA with participants in a meeting. Select the Include computer sound option to make your meetings more engaging. You need to enable this feature via registry by setting HKEY_CURRENT_USER\Software\Citrix\HDXMediaStream\EnableSystemAudio (DWORD) to 1. For end users, this option is not enabled by default, they must turn it on before sharing their screen.

Include computer sound

Limitations

  • Audio cannot be shared using this feature when sharing the screen with RAVE and BCR redirected apps or tabs.
  • This feature is supported only on published desktops.

Note:

This feature is available only after future update roll-out from Microsoft Teams.

Support for TLS protocol version 1.3

This feature is in technical preview from 2311.1 release.

Starting with this release, Citrix Workspace app supports Transport Layer Security protocol (TLS) version 1.3.

Note:

This enhancement requires VDA version 2303 or later.

This feature is disabled by default. To enable it, do the following:

  1. Open the Registry Editor using regedit on the Run command.
  2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\TLS1.3.
  3. Create a DWORD key by the name EnableTLS1.3 and set the value of the key to 1.

Limitation:

  • Connections using Access Gateway or NetScaler Gateway Service attempts to use TLS 1.3. However, these connections fallback to TLS 1.2 because Access Gateway and NetScaler Gateway Service doesn’t support TLS 1.3 yet.
  • Direct connection to a VDA version that doesn’t support TLS 1.3 fallback to TLS 1.2.

Enhanced domain pass-through for single sign-on

This feature is in technical preview from 2309 release.

Previously, Citrix Workspace app for Windows supported only SSON or domain pass-through authentication for single sign-on to Citrix Virtual Apps and Desktops environments using user credentials. This authentication enables the user to authenticate to the domain on their device and use their virtual apps and desktops without having to reauthenticate again.

For more information on this feature, see Introducing enhanced domain pass-through for single sign-on – Technical Preview.

This approach of domain pass-through using user credentials has the following limitations:

  • Doesn’t support passwordless authentication with modern authentication methods such as Windows Hello or FIDO2. An additional component called the Federated Authentication Service (FAS) is required for single sign-on (SSO).
  • Installation or upgrade of Citrix Workspace app with SSON enabled requires a reboot of the device.
  • Requires Multi Provider Router (MPR) notifications to be enabled on Windows 11 machines.
  • Must be on the top of the list of network providers order.

With this release, Citrix Workspace app supports enhanced domain pass-through which is a new method of SSO. It leverages Kerberos authentication instead of user credentials and helps to overcome the previously mentioned limitations. Now user can sign in to Citrix Virtual Apps and Desktops and to StoreFront using integrated windows authentication.

Note:

This feature isn’t supported on 32-bit Windows 10 and on Windows Server 2016.

System requirements:

  • Citrix Workspace app 2309 or later
  • Citrix Virtual Apps and Desktops 2308 or later

Supported VDA OS versions:

  • For multi-session:

    • Windows Server 2019
    • Windows Server 2022

  • For single-session:

    • Windows 10 version 22H2
    • Windows 11 version 22H2

Prerequisites:

  • The client or endpoint must be connected to the domain.
  • Requires a direct line of sight of Active Directory.

StoreFront and DDC settings

Setup a domain pass-through environment using the following settings:

Note:

You can skip this step if you have already configured the domain pass-through in your environment.

  1. When Citrix Workspace app is configured on the StoreFront:

    1. Open StoreFront Studio.
    2. Go to Store > Manage Authentication methods.
    3. Enable Domain pass-through.

Or,

  1. When using Citrix Workspace app through the browser:

    1. Open StoreFront.
    2. Open Stores > Receiver for Websites > Manage Authentication methods.

    3. Enable Domain pass-through.

      Enable domain pass-through -StoreFront

  2. Enable Enhanced domain passthrough for single sign on policy on DDC.

    VDA policy

  3. Click OK.

VDA settings

  1. Navigate to Computer Configuration\Administrative Templates\System\Credentials Delegation on VDA.

  2. Enable Remote host allows delegation of non-exportable credentials windows policy on VDA.

    VDA policy

  3. Reboot the VDA machine.

Client settings

  1. Ensure that the client machine is domain joined.
  2. Ensue that the client machine is 64-bit.
  3. Open Group Policy Editor.
  4. Navigate to Computer Configuration\Administrative Templates\Citrix Components\Citrix Workspace\User Authentication.

  5. Configure the Enhanced Domain passthrough for single sign-on group policy.

    client policy

    Client policy enabled

  6. Modify the Internet Options settings on the client.

Note:

You can skip this step if you have already configured the domain pass-through in your environment.

  1. Add the StoreFront server to the list of trusted sites using Internet Options. To add:

    1. Open Internet Options from the Control Panel > Network and Internet.
    2. Click Security > Local Intranet and click Sites. The Local Intranet window appears.
    3. Click the Advanced tab.
    4. Add the URL of the StoreFront FQDN with the appropriate HTTP or HTTPS protocols.
    5. Click Close and OK.

  2. Modify the User Authentication settings in Internet Explorer. To modify:

    1. Open Internet Options from the Control Panel > Network and Internet.
    2. Click Security tab > Local Intranet.
    3. Click Custom level. The Security Settings – Local Intranet Zone window appears.
    4. In the User Authentication pane, select Automatic logon with current user name and password.

    User authentication pane

  3. Click OK.

You can provide feedback on this feature via the Podio form.

Client App Management for WebEx plug‑in

This feature is in technical preview from 2303 release.

Starting with the 2303 version, download, install, and auto‑update of the WebEx plug‑in is supported and handled the same way as the Zoom plug‑ins. The following Global App Configuration setting needs to be onboarded for the store/account to use this feature:


{
    "serviceURL":
    {
        "url": "https://storefront.acme.com:443"
    },
    "settings":
    {
        "description": "Install and update plugins",
        "name": "Install and update plugins",
        "useForAppConfig": true,
        "appSettings":
        {
            "windows":
            [
                {
                    "assignedTo":
                    [
                        "AllUsersNoAuthentication"
                    ],
                    "category": "AutoUpdate",
                    "settings":
                    [
                        {
                            "name": "Auto Update plugins settings",
                            "value":
                            [
                                {
                                    "pluginId": "C03BAE37-F3AC-4D63-8BC1-3C9CD2BC9E8D",
                                    "pluginName": "WebEx VDI AutoUpgrade Plugin",
                                    "pluginSettings":
                                    {
                                        "delayGroup": "Fast",
                                        "deploymentMode": "InstallAndUpdate",
                                        "detectRule": "UpgradeCode:{AA2AACDC-D30B-433F-A602-3E25975010A6}",
                                        "isBlocking": false,
                                        "isFTU": false,
                                        "maximumAllowedVersion": "3.1.0.24263",
                                        "minimumAllowedVersion": "0.0.0",
                                        "stream": "Current",
                                        "upgradeToLatest": true
                                    }
                                }
                            ]
                        }
                    ],
                    "userOverride": false
                }
            ]
        }
    }
}

<!--NeedCopy-->

You can provide feedback on this feature via the Podio form.

Quick Launch of Disconnected Desktops

This feature is in technical preview from 2209 release.

By enabling this feature, you can open your previously disconnected desktops instantly. Once this feature is enabled, Citrix Workspace app launches the disconnected sessions in hidden mode. The session is instantly presented as soon as you launch the desktop.

Quick launch of disconnected desktops

You can register for this technical preview by using the Podio form.

Local App Protection

This feature is in technical preview from 2210 release.

App Protection offers enhanced security to defend our customers against Keyloggers, accidental and malicious screen capture at endpoints. Currently, App Protection capabilities are only offered for Workspace resources. With Local App Protection, App Protection capabilities are extended to local apps on endpoints. Starting with Citrix Workspace app 2210 for Windows, App Protection can be applied to local apps on Windows devices.

You can register for this technical preview by using this Podio form.

Support for an enhanced single sign-on (SSO) experience for web and SaaS apps

This feature is in technical preview from 2204.1 release.

This feature simplifies the configuration of SSO for internal web apps and SaaS apps while using third-party identity providers (IdPs). The enhanced SSO experience reduces the entire process to a few commands. It eliminates the mandatory prerequisite to configure Citrix Secure Private Access in the IdP chain to set up SSO. It also improves the user experience, provided the same IdP is used for authentication to both the Citrix Workspace app and the particular web or SaaS app being launched.

You can register for this technical preview by using this Podio form.

Technical Preview to General Availability (GA)

Service or feature General availability version
Introducing new installer for Citrix Workspace app 2311.1
Loss tolerant mode for audio 2311.1
Improved virtual apps and desktops launch experience 2309
Sustainability initiative from Citrix Workspace app 2309
Features in Technical Preview
April 22, 2024
Contributed by: 
S C S
April 22, 2024
Contributed by: 
S C S

In this article

Site feedback | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.