Product Documentation

What's New

Feb 06, 2017

The following new and enhanced features are part of this release of the Linux VDA.

Support for Xauthority

This release provides support for Xauthority. With this functionality, cookie-based access for X Window authorization is now supported by the Linux VDA. For more information, see Configure Xauthority.

Tip

The Xauthority file can be found in the logon user’s home directory, and is used to store credentials in cookies that are used by xauth for the authentication of X sessions. Once an X session is launched, the cookie is used to authenticate connections to that specific display.

Support for IPv6

This release provides support for IPv6. With this support, the 128-bit addressing schema is now extended to the Linux VDA. For more information, see Configure IPv6.

Support for LDAPS

Support for secure LDAP (LDAPS) is implemented in this version of the Linux VDA. With this support, you can enable the Secure Lightweight Directory Access Protocol for your Active Directory managed domains to provide communication over SSL (Secure Socket Layer)/TLS (Transport Layer Security). For more information, see Configure LDAPS.

Note

When using LDAPS, you must acquire a valid certificate before you can enable secure LDAP. Consider the following guidelines when using secure LDAP certificates:

  • Certificates must be issued by an authority trusted by the Linux VDA that will use it to connect to the domain. This authority can be an enterprise certification authority, or a publicly available authority that is trusted by devices running the Linux VDA.
  • Certificates must be valid for a long period. A good rule of thumb is that they should be valid for at least 3-6 months to prevent unnecessary disruptions when a certificate expires.
  • It’s considered best practice to use a wildcard for the certificate subject name on managed domains. For example, if your domain is named ‘mydomain.com’, the certificate’s subject name should be ‘*mydomain.com’. Additionally set the DNS name to this wildcard name.
  • The secure LDAP certificate should be configured for digital signatures and key encipherment.
  • The certificate must be valid for SSL server authentication.

SSSD for domain joining

This release of the Linux VDA provides administrators with the ability to use SSSD for domain joining of Linux machines. This functionality provides access to different identity and authentication providers as opposed to using the current method of using winbind (and other methods). 

SSSD is a system daemon, whose primary function is to provide access to identify and authenticate remote resources through a common framework that can provide caching and offline support. It provides both PAM and NSS modules. For more information, see Configuring SSSD for RHEL and Configuring SSSD for Ubuntu.

Support for Ubuntu 16.04

This release of the Linux VDA now provides support for systems running Ubuntu 16.04:

  • Ubuntu Linux 16.04 Server
  • Ubuntu Linux 16.04 Desktop

NIS integration

In previous releases of the Linux VDA, NIS (Network Information Service) integration with Active Directory was considered an experimental feature. In this release, NIS as an identity provider is supported. For more information, see Integrate NIS with Active Directory.

Seamless published applications

In this release, Citrix added technical preview for seamless applications to RHEL/CentOS 7.2. No specific installation procedures are required to use this functionality. For more information, see Publish applications.

Easy install

Easy install is a technical preview feature. It helps users set up the running environment of the Linux VDA by installing the necessary packages and customizing the configuration files automatically. For more information, see Easy install.

Dependency changes

Ubuntu Linux is a brand new distribution for the Linux VDA. For SLES 11, gnome-session dependency has been removed.