What’s new

A goal of Citrix is to deliver new features and product updates to Workspace Environment Management (WEM) service customers when they are available. New releases provide more value, so there is no reason to delay updates. Updates are rolled out to the service release approximately every three weeks.

This process is transparent to you. Updates are applied to Citrix internal sites initially, and are then applied to customer environments gradually. Delivering updates incrementally in waves helps ensure product quality and maximize availability.

In general, updates to the documentation are made available before new features and product updates are accessible to all customers.

For information about the service level goal for the WEM service for cloud scale and service availability, see Service Level Goals. To monitor service interruptions and scheduled maintenance, see the Service Health Dashboard.

March 2021

Discover Citrix Cloud Connectors from the CVAD service

This release introduces a policy setting titled Discover Citrix Cloud Connector from CVAD service. If you have not yet configured Cloud Connectors for the agent, use the setting to control whether the agent discovers Cloud Connector information from the relevant Citrix Virtual Apps and Desktops (CVAD) service deployment. The agent then connects to the corresponding Cloud Connector machines automatically. For more information, see Step 3: Configure group policies (optional).

Support for the Windows 10 2009 template

We added support for the Windows 10 2009 (also known as 20H2) template introduced in Citrix optimizer. You can now use WEM service to perform template-based system optimizations for Windows 10 2009 machines. In addition, we have updated all existing templates to reflect changes introduced in the latest standalone Citrix optimizer. For information about using Citrix optimizer, see Citrix optimizer.

Brand-new home page

This release replaces the home page of the WEM administration console with a quick-start page that provides information necessary for you to get started with the WEM service. Follow the on-screen instructions to start configuring your WEM deployment. To reopen the quick-start page, click Quick Start (available in the ribbon) in the upper-right corner of the console. For more information, see Get started with your Workspace Environment Management service.

Profile Management

Workspace Environment Management service now supports all versions of Profile Management through 2103. Also, the following new options are now available in the Administration Console > Policies and Profiles > Citrix Profile Management Settings interface:

  • Enable Local Cache for Profile Container
    • Available on the Profile Container Settings tab.
    • If enabled, each local profile serves as a local cache of its profile container.
  • Enable multi-session write-back for profile containers
    • Available on the Advanced Settings tab.
    • Replaces Enable multi-session write-back for FSLogix Profile Container of previous releases to accommodate multi-session write-back support for Citrix Profile Management profile containers.
  • Enable Profile Streaming for Folders
    • Available on the Streamed User Profiles tab.
    • If enabled, folders are fetched only when they are being accessed.

For more information, see Citrix Profile Management Settings.


  • For logging level changes to take effect immediately, the WEM agent might access certain registry keys very frequently, thus affecting performance. [WEM-11217]

  • With an action group assigned to multiple users or user groups, if you unassign it from a user or user group, the assignment might not work as expected. For example, you assign an action group to two user groups: Group A and Group B. If you unassign the action group from Group A, the action group is unassigned from Group B rather than Group A. [WEM-11459, WEMHELP-75]

  • When you configure an environment variable (Actions > Environment Variables), attempts to use the $Split(string,[splitter],index)$ dynamic token might fail. The issue occurs because the dynamic token does not support multi-line strings. [WEM-11915]

January 2021

Microsoft Sync Framework 2.1 deprecation

Microsoft Sync Framework 2.1 reached End of Life on January 12, 2021. WEM has removed the legacy sync service based on that framework and instead uses a new sync framework, Dotmim.Sync, an open-source sync framework. How does this change impact you?

  • If you use WEM agent version 1911 or later, this change does not require action on your part.
  • If you use WEM agent version earlier than 1911, upgrade the agent to 1911.

WEM agent integration with the Citrix Virtual Apps and Desktops product software

The WEM agent is integrated with the Citrix Virtual Apps and Desktops product software, letting you include the WEM agent when installing a Virtual Delivery Agent (VDA). This integration is reflected in the Citrix Virtual Apps and Desktops 2012 product software and later. For more information, see Install VDAs.

Support for condition-based assignment of Group Policy settings

  • Starting with this release, you can make Group Policy settings conditional by using a filter to contextualize their assignments. A filter comprises a rule and multiple conditions. The WEM agent applies the assigned Group Policy settings only when all conditions in the rule are met in the user environment at runtime. Otherwise, the agent skips those settings when enforcing filters. For more information, see Contextualize Group Policy settings.

  • Minimum agent version required: 2101.1.0.1

Privilege elevation

  • This release introduces the privilege elevation feature. The feature lets you elevate the privileges of non-administrative users to an administrator level necessary for some executables. As a result, those users can start those executables as if they are members of the administrators group.

    The feature enables you to implement rule-based privilege elevation for specific executables. The following rule types are available:

    • Path. Applies the rule to an executable according to the executable file path.
    • Publisher. Applies the rule according to publisher information.
    • Hash. Applies the rule to identical executables as specified.

    You can configure how a rule behaves according to the type of the operating system. You can also configure whether a rule takes effect at a particular time or within a particular time range. You assign a rule on a per user or per user group basis. For more information, see Privilege elevation.

  • Minimum agent version required: 2010.2.0.1


  • The privilege elevation feature might fail to work properly. The issue occurs with the following versions of the WEM agent: 2010.2.0.1, 2011.1.0.1, and 2101.1.0.1. The issue occurs because the certificate used to sign the Citrix WEM software has expired. To work around the issue, uninstall the relevant WEM agent, install the latest WEM agent, and then restart the agent host. [WEM-11918]

  • While the WEM agent performs application processing during logon, Windows might display the Problem with Shortcut dialog box, prompting end users to delete a shortcut that no longer works properly. The issue occurs when the item to which the shortcut refers has been changed or moved. [WEM-10257, CVADHELP-15968]

  • When using the application security feature, you see a green checkmark next to a user or user group in the Assigned column of the Assignments section in the Edit Rule or Add Rule window. The green checkmark icon does not necessarily indicate that the rule is assigned to that user or user group. Only a user or user group with a blue background is the one to which the rule is assigned. [WEM-10047]

What’s new in earlier releases

For What’s new in earlier releases, see What’s new history.

What’s new