Citrix Virtual Apps and Desktops

Citrix Virtual Apps and Desktops 7 2503

May 13, 2025

Contributed by:

About the release

This Citrix Virtual Apps and Desktops release includes new versions of the Windows Virtual Delivery Agents (VDAs) and new versions of several core components. You can:

Install or upgrade a site: Use the ISO for this release to install or upgrade core components and VDAs. Installing or upgrading to the latest version allows you to use the latest features.
Install or upgrade VDAs in an existing site: If you already have a deployment and aren’t ready to upgrade your core components, you can still use several of the latest HDX features by installing (or upgrading to) a new VDA. Upgrading only the VDAs can be helpful when you want to test enhancements in a non-production environment.

After upgrading your VDAs to this version (from version 7.9 or later), you do not need to update the machine catalog’s functional level. The 7.9 (or later) value remains the default functional level, and is valid for this release. For more information, see VDA versions and functional levels.

For installation and upgrade instructions:

If you are building a new site, follow the sequence in Install and configure.
If you are upgrading a site, see Upgrade a deployment.

Documentation for supported and legacy versions

Documentations for supported versions are in Citrix Virtual Apps and Desktops.

The End of Life (EOL) version documentation PDFs are archived in Legacy Documentation.

Citrix Virtual Apps and Desktops 7 2503

Virtual Delivery Agents (VDAs)

VDA Upgrade Service (Preview)

The Citrix VDA Upgrade Service (VUS) streamlines VDA upgrades within Citrix DaaS, enhancing performance and security. Administrators can use VUS to check for updates, schedule upgrades, and monitor progress, with options for immediate or scheduled updates. Two upgrade tracks are available: Long-Term Service Release (LTSR) for stability and Current Release (CR) for the latest features.

Seamless log in from Citrix Workspace using SSO

With this feature, you can seamlessly log into the Citrix Secure Access (CSA) client present on the VDA from Citrix Workspace using Single Sign-on (SSO). This feature is applicable to both single and multi-session VDAs. For more information, see Seamless log in from Citrix Secure Access Client on VDA.

Cloud Connector Standalone Citrix Secure Ticketing Authority (STA) service

If using on-premises Site aggregation with Citrix Workspace or using Citrix Gateway Service with StoreFront, Cloud Connectors handle Secure Ticket Authority (STA) traffic for your Citrix Virtual Apps and Desktops site. The standalone STA service enables you to have more control over the delivery of STA tickets in your environment. For more information, see Cloud Connector Standalone Citrix Secure Ticketing Authority (STA) service.

Support for WebSocket VDA in LHC mode

With this feature, WebSocket connection between a VDA and delivery controller is successful even in LHC mode. For more information, see WebSocket communication between VDA and Delivery Controller.

HDX

Devices

64-bit app support for TWAIN redirection. Documents can now be scanned using 64-bit applications in HDX sessions.

FIDO2 redirection support in double-hop scenarios. Users can now authenticate to applications that use FIDO2 redirection in double-hop scenarios. The intermediate hop VDA host must have Citrix Virtual Apps and Desktops 2503 installed.

Wildcard studio policy support for custom applications using FIDO2 redirection. Admins can now configure file paths of custom in-session applications that need to use FIDO2 redirection in Studio and also use wildcard characters in file path variables.

WIA Redirection enhancements. Admins no longer need to make hooking changes to Allowlist applications to use WIA redirection. They only need to add file paths to the Allowlist registries.

Enhanced Unicode input mode support. This enhancement greatly improves the quality and provides broader keyboard layout support when using Unicode input mode.

Enhance PDF printing experience [Preview]. This enhancement expands the support of options and settings related to PDF printing to bring it up to par with other printing formats.

Optimized scanning from Linux endpoints [Preview]. This feature enhancement delivers a better scanning experience when connecting to the remote session hosts from Linux endpoints.

Graphics

Intelligent Build to Lossless feature. Intelligent Build to Lossless is an enhancement of our existing Build to Lossless feature, designed to deliver a smarter, more efficient experience. With Intelligent Build to Lossless, administrators no longer need to manually configure Build to Lossless, and is automatically applied dynamically in the session on monitors that require it. When the need subsides, Thinwire seamlessly disables it, reverting to regular encoding for optimal performance.

HDX Connectivity

EDT MTU Rediscovery. EDT MTU Discovery can now detect MTU changes during an active session and adjust the session’s MTU value as needed. For more information, see Enlightened Data Transport.

EDT timeout configuration. The configuration mechanism in Workspace app was enhanced to use the timeout setting from the VDA. This eliminates the need to configure the timeout on the client device. Additionally, the default EDT timeout was changed from 25 seconds to 10 seconds to allow for faster detection of network interruptions. For more information, see Configure EDT timeout.

HDX Direct - External. HDX Direct for external users is generally available. It allows internal client devices to establish a secure direct connection with the session host if direct communication is possible. For more information, see HDX Direct.

Rendezvous V2 support for authenticated proxy. Rendezvous now supports authenticated proxies for control traffic. For more information, see Rendezvous V2.

Secure HDX. Secure HDX is now generally available. This is an Application Level Encryption (ALE) solution that prevents network elements in the traffic path from inspecting HDX traffic. For more information, see Secure HDX.

Multimedia

Enable Audio Quality Enhancer to improve audio performance [Preview]. Starting with the 2503 version, Audio Quality Enhancer (v1) is added for Adaptive Audio.

Audio Quality Enhancer effectively manages short periods of packet loss and disruptions by intelligently reconstructing audio from previous samples, thus preventing noticeable degradation in quality. Audio Quality Enhancer optimizes audio playback and recording quality in both good and bad network conditions.

Browser Profile Sharing in Browser Content Redirection [Preview]. Browser Content Redirection (BCR) now offers a streamlined user experience with the new Profile Sharing feature, enabling VDA-side authentication and cookie sharing. This enhancement eliminates redundant logins, boosting productivity by maintaining authentication and cookie persistence across BCR sessions, even after the BCR window is closed. This seamless experience further enhances security by ensuring authentication originates from the VDA, not the client.

Example:

Previous Experience: Previously, opening an authenticated page within BCR required users to re-enter their credentials each time, breaking SSO persistence. SSO was only maintained while the BCR window remained open. Closing and reopening the window forced users to repeat the login process.
New Experience: With Profile Sharing, users are no longer prompted for credentials. SSO is seamlessly preserved from the VDA browser, providing an improved and uninterrupted experience.

Requirements for Preview

Citrix Virtual Apps and Desktops 2503
Citrix Workspace App 2503
Browser Redirection Extension 25.3.4 or later
- Microsoft Edge Extension
- Google Chrome Extension

For instructions on how to enable the feature, see Browser Content Redirection documentation

Feedback form

Web Studio

Citrix Personalization for App-V - VDA is renamed to App Packages Delivery Component in Citrix Virtual Delivery Agent

The Citrix Personalization for App-V - VDA checkbox in the additional components section during VDA installation has been renamed to App Packages Delivery Component. This component enables the management and delivery of Microsoft application packages (App-V, MSIX, App Attach as VHD, VHDX, CMFS, and Liquidware Flexapp one application packages) within your Citrix environment. This allows users to access virtualized applications delivered from the VDA.

Home page for Web Studio

Web Studio now has a home page, which provides an overview of your Citrix Virtual Apps and Desktops deployment and workloads along with information that helps you get the most from your subscription. The page comprises the following parts:

Recent. Displays a history of objects that you’ve recently accessed.
Site details. Provides an overview of your Citrix Virtual Apps and Desktops deployment. Key information includes your license type, Studio version, and the version and status of your Delivery Controllers.
Resources. Displays the numbers of deployed resources and their counts by category.
Sessions. Displays the number of desktop and app sessions launched daily over the previous seven days.
Get started. Guides you through a series of questions to help you set up your Citrix Virtual Apps and Desktops deployment.
Errors and warnings. Centrally displays errors and warnings from your Citrix Virtual Apps and Desktops deployment.

Web Studio Home page

For more information, see Home page.

Refine your Autoscale settings using historical usage

A new Autoscale settings tab called Autoscale Insights offers a comprehensive graph that visually compares your Autoscale settings and machine usage data from the previous week. With this graph, you can gain insights into the effectiveness of Autoscale settings:

Not cost-effective. Financial waste exists due to the over-provisioning of capacity.
Poor user experience. User experience is negatively impacted due to the under-provisioning of capacity.
Good balance between user experience and cost. The capacity provisioned is aligned with the historical usage.

For more information, see Analyze the effectiveness of Autoscale settings.

Set a default time zone for your site

With Web Studio, you can now choose a default time zone for your site. To do this, go to Settings > Date and Time. Web Studio uses this time zone for all time displays and scheduling, such as scheduled restart and autoscaling. This setting makes it easier to manage time and ensure time consistency across your site.

You can change the time zone for individual resources. For example, you can set a different time zone for a delivery group that serves machines in a different region. For more information, see Change user settings in a delivery group.

Improved session visibility in tag-based searches

When you search for machines by tag in the Search node, active user sessions on the matching machines now appear on the Sessions tab. This enhancement helps prevent accidental shutdowns of machines with active sessions by providing clear visibility of those sessions, improving your management efficiency.

Enhanced resource monitoring for multi-session VDAs

Web Studio now provides detailed resource utilization and capability insights for multi-session VDAs. Hover over the Load Evaluator Index column of a multi-session VDA in the Search node to view detailed metrics, including CPU, memory, disk usage, maximum number of sessions allowed, and more. The specific metrics displayed depend on the enabled policy settings.

This enhancement eliminates the need to run PowerShell cmdlets or navigate through multiple steps to switch to Monitor to gather this data, providing the same capabilities directly within Web Studio. For more information, see Machine actions and columns.

Load evaluator index in search results

Client Platform filter for policy assignments

You can now control policy assignments more precisely with a new filter Client Platform. This filter lets you assign (Allow) or exclude (Deny) policies based on the operating system of users’ devices, including Windows, macOS, Linux, iOS, Android, or HTML5. This enhancement offers greater flexibility and precision in policy assignment, ensuring a customized and uniform experience across managed and unmanaged devices.

Label configuration logs

You can now label configuration logs on the Logs > Events tab, facilitating the identifying and exporting of logs. In addition, the Logging node now offers enhanced features, including exporting logs to CSV files, advanced search, and table-style display for the Events tab. For more information, see Policy assignments.

Enhanced domain selection

A new option in the UI now allows you to enter a domain name for an exact match wherever domain selection is needed. This enhancement offers these benefits:

Faster searches: You can skip browsing large directories and get results directly and instantly.
Time savings: Eliminates full-directory loading, speeding up workflows.
Enhanced experience: Improves admin management efficiency, especially in environments with large directories.

Improved user name search in machine catalog creation

We’ve enhanced the functionality for searching for administrators by user names during machine catalog creation. Key enhancements to the Machine Catalog Setup > Enter Credentials page include:

Domain specification: A new option, Domain, is now available on that page, enabling you to narrow the search by entering the domain name or SID.
SamName search optimization: Searches using SamName are now confined to the specified domain.

These enhancements make user searches faster and more efficient.

Creating AWS VMs using machine template properties is no longer supported

Support for creating AWS VMs by capturing machine template properties has been removed as part of the transition to creating VMs using machine profiles. The Apply machine template properties to virtual machines option has been removed from the Machine Template page. Instead, you can create AWS VMs using machine profiles for a similar and more streamlined experience. For more information, see Create a machine profile-based machine catalog using Studio.

Support for delivering and power managing Red Hat OpenShift machines (Preview)

With Web Studio, you can now create connections to Red Hat OpenShift server clusters and specify these connections when creating machine catalogs. This feature enables you to locate and add existing OpenShift machines to catalogs, allowing you to deliver and power manage machines in your Red Hat OpenShift environment.

For more information, see Create connections to Red Hat OpenShift and Create OpenShift machine catalogs.

Alerting admins that power policies remain effective when disabling Autoscale

The enhancement is to remind the admins that disabling Autoscale does not affect the power policy settings for a delivery group. This feature ensures that admins are aware of the scope of Autoscale disabling and clarifies that power policies remain effective when Autoscale is turned off.

Option to reset In-Use Active Directory (AD) accounts

With Studio you can now reset machine Active Directory (AD) accounts even when the status of the machine is In Use. This is necessary because sometimes the system does not correctly detect when a machine is in a ‘tainted’ state.

Filter master images based on hosting unit regions

During machine catalog creation for the Azure platform, Web Studio can now filter out and exclude master images that belong to different regions other than the hosting unit region. This feature ensures that only images from the same region as the hosting unit are available for selection.

Optimize storage load balancing with the least load method

Previously, Machine Creation Services (MCS) used a round-robin method to distribute VMs across storage repositories, often leading to uneven storage utilization.

Studio now introduces the Optimize storage load balancing with least load method option. If you select two or more OS data storage locations during catalog creation, this option becomes available, enabling disks to be allocated to the least loaded storage repository.

This feature enhances load balancing and improves system stability, and it’s supported in XenServer, VMware, and SCVMM virtualization environments. For more information see, Storage selection.

Support for creating MCSIO-enabled MCS machine catalogs in AWS

You can now create MCSIO-enabled MCS catalogs to create MCSIO-enabled MCS machine catalogs in AWS to improve write IOPS by directing write operations to the write-back cache and to reduce the startup time when the persisting OS disk is enabled. For more information, see Machine Creation Services (MCS) storage optimization.

Improved UI performance for importing VMs from AWS

We’ve enhanced Web Studio UI performance by optimizing the process of importing VMs into Citrix Virtual Apps and Desktops from AWS. To prevent timeouts caused by fetching many AMIs, Web Studio no longer retrieves AMIs during this process.

Support for selecting launch template as machine profile for AWS

When provisioning AWS VMs using MCS, you can now select a launch template as the machine profile. Launch templates facilitate version control. For more information, see Image and machine profile.

Create delivery groups exclusively for suspend-capable VMs using Web Studio

We’ve introduced a new option in Web Studio > Create Delivery Group, Make suspend capability required for this delivery group. This option enables you to create delivery groups that contain only suspend-capable VMs, facilitating your machine power management at the delivery group level. This feature applies only to single-session OS VMs. For more information, see Create delivery groups.

Azure GPU hibernation support (Preview)

You now have the option to support hibernation for Azure machine SKUs that support GPU. For more information on supported VM sizes, see the Microsoft documentation.

Update write-back cache settings after catalog creation

You can now update the memory and disk cache size of the write-back cache for MCS catalogs after they are created with MCSIO enabled. This enhancement gives you more flexibility to adjust cache settings without recreating the catalogs.

Convert legacy MCS machine catalogs to machine profile-based catalogs in Azure, AWS, and VMware environments

With Web Studio, you can now convert non–machine profile-based machine catalogs to machine profile-based machine catalogs. This feature is available for catalogs in Azure, AWS, and VMware environments. This capability lets you upgrade legacy MCS machine catalogs to the recommended machine profile-based format without creating catalogs.

For more information, see Convert legacy MCS catalogs to machine profile-based catalogs.

Support for configuring secondary VMs scale up or scale down list for MCS-created catalogs in Azure

Web Studio now enables you to define secondary VMs to scale up and scale down the MCS-created catalogs in Azure. Based on the usage of CPU and memory resources, if the CPU or memory usage exceeds a certain threshold, the system will automatically use the secondary VMs to handle the load. Alternatively, if the usage falls below a certain level, the system will automatically shut down some VMs to conserve resources.

Service account for on-premises Active Directory machine identity management

MCS has developed a new mechanism for managing on-premises Active Directory machine identity using a service account. The service account helps to manage computer accounts in on-premises Active Directory without having to enter domain credentials every time. For information, see Service accounts for machine identity management.

New permission for orphaned resource detection

Previously, only Full Administrator or Cloud Administrator roles could perform orphaned resource detection. With the introduction of a Use Host Connection to Detect Orphaned Resources in Hypervisor permission to the Hosts category, any roles assigned with this permission can now detect orphaned resources.

For more information, see Detect Orphaned Azure resources and Retrieve a list of orphaned resources.

Support for provisioning persistent VMs on Windows Server OS using Full Copy Clone

Web Studio now supports provisioning persistent VMs on Windows Server OS using the Full Copy Clone approach. This approach improves data recovery and migration capabilities and can help reduce IOPS after machines are created.

For more information, see Select a desktop experience and Virtual machine copy mode.

Support for creating Citrix Provisioning catalogs in VMware environments using Studio

You can now create Citrix Provisioning catalogs in VMware environments using Web Studio. Previously, you had to toggle between different consoles for provisioning and management of catalogs. This feature reduces the need to toggle between consoles and allows you to handle provisioning and power management directly within Web Studio. For more information, see Create a Citrix Provisioning catalog using the Citrix Studio interface

Support for a snapshot of the disk or an OS image of the disk as a master image in the GCP

With Studio, you can now select a snapshot of the disk or an image of the disk as a master image to create an MCS machine catalog in GCP environments. The snapshot of the disk or an image of the disk can be regional and multi-regional as compared to the VM instance, which is only regional. This feature significantly simplifies the image management workflow and reduces the time and effort required for image management in GCP.

Citrix Studio

Upcoming Removal of MMC-based Studio

As part of our transition to Web Studio, the MMC-based Studio will be removed from the CR 2511 installer. This change establishes Web Studio as the single management console, providing administrators with a consistent experience, modern interface, streamlined workflows, and enhanced capabilities.

The deprecation of MMC-based Studio was first announced in the 2411 release. We recommend transitioning to Web Studio to take advantage of its updated features and intuitive design.

Citrix Director

Cost modeling for Azure workloads

The new cost modeling feature supports Azure workloads and provides recommendations based on usage patterns. Customers receive recommendations on whether Azure Reservations or Savings Plan is more suitable to provide maximum cost savings. Azure Reservations customers reserve a specific number of machines upfront at a discounted flat cost, while savings plans allow them to commit to a dollar amount for discounted rates. The feature analyzes the last 28 days of data to provide estimated recommendations. This feature helps customers save costs by making informed decisions on resource allocation.

Note:

For optimal estimates, it is recommended to use data from a stable environment over the last 28 days. Avoid using data from periods of unusual activity, such as vacations or sudden spikes in usage. Wait until your usage returns to baseline levels before taking these recommendations.

Benefits:

Provides tailored cost-saving recommendations.
Supports both reservation and savings plans.
Analyzes recent usage data for accurate insights.
Helps optimize resource allocation and reduce expenses.
Offers flexibility in selecting delivery groups, tags, VM series, and regions.

For more information, see the Cost modeling page.

Enhancements to Cost savings page

The following enhancements have been made to the Cost saving page to provide you greater flexibility and insight when managing costs:

Service provider filter supportability option: You can now filter by service providers. If a site has both cloud and on-premises workloads, you can now filter by all cloud providers, all on-premises providers, or individual providers.

Note:

The filter is applied immediately upon selection without an apply button.
Multiple delivery group selection: Previously, you can only select a single delivery group (DG) or all DGs. Now, you can select up to 15 DGs at once. If a site has fewer than 15 DGs, you can select all available DGs. You can also exclude specific DGs from the selection to view data for the remaining DGs.
Insight into failed machines: The Cost savings page now provides visibility into machines in a failed or unregistered state. The following two new fields are included:
- Failed state with no sessions: This field displays the count of machines that are in a failed state and have no active sessions.
- Unregistered with sessions: This field displays the count of machines that are in an unregistered state but still have active sessions.

You can see the count of machines in the preceding states and act based on the failure reason, time, and delivery group. The counts are clickable links that navigate to the Filters page for further actions. The count includes both single-session and multi-session machines.

Note:

Filters are preserved across page navigation.

For more information, see the Cost savings page.

Director integration with uberAgent

Citrix uberAgent is now included by default with the Citrix Virtual Apps and Desktops installation, providing enhanced monitoring capabilities and seamless integration with Citrix Director. Administrators can exclude it from installation by deselecting it on the Optional Software screen during Virtual Delivery Agent setup.

Key features and benefits

Local application usage monitoring: with Citrix uberAgent, you can monitor local application usage, and through the Director integration, the data is available directly on the Director dashboard (available with a Platinum license).

Policies to configure

After installing Citrix uberAgent, configure the following policies in Citrix Web Studio to fully integrate and use uberAgent with Director:

Enable uberAgent Data Collection Policy: When enabled, uberAgent provides insights into application usage and performance, system health, network metrics, and security analysis. This policy is disabled by default.
Enhance Director with uberAgent Data Policy: This policy enables the Director integration. So Director can process data provided by uberAgent to enhance monitoring capabilities, including monitoring of local application usage. This policy is enabled by default.

For more information, see Citrix uberAgent integration with Director.

Local application usage reporting

With this release, Citrix uberAgent is integrated with Citrix Virtual Apps and Desktops. Once Citrix uberAgent is enabled, Citrix Director helps you to monitor the usage of applications launched within virtual desktop sessions (also known as local applications).

The application usage reporting provides visibility into the most, least, and not used applications. The most used applications are presented on the Dashboard and contain curated charts to help IT admins or application admins gain insight into which local applications are heavily used and the extent of their usage. You can also find the least used and unused local application reports. This report is by default calculated for a quarter to help the admins understand which applications are candidates to be decommissioned by focusing on version level usage stats to keep their desktop images lean.

You can also export the data using Power BI integration or ODATA queries using application usage.

Prerequisites:

This feature is available only for the platinum-licensed sites.
uberAgent must be integrated with Director.

Note:

If your environment delivers the same application as both a published app and an installed app within the desktop (local app), you might see the app listed in both the published apps and local apps reports.

For more information, see Application usage monitoring.

New metrics in the Director dashboard

Citrix Director dashboard is enriched with the following two metrics to provide valuable insights for administrators:

Total connected users: Shows the number of users who had at least one connection in the last 24 hours and the last 7 days. Helps the admins to showcase adoption trends to their executives.
Citrix Workspace app versions found in your environment: Provides an overview of the Citrix Workspace app versions used across the organization. It helps in unifying the versions by showing how many devices are using different versions. You can select the All or specific OS from the Platform drop-down list.

This feature provides essential data points for administrators to monitor and manage their environments effectively.

Monitoring VDA logon duration details

Citrix Director now includes detailed information on VDA logon duration to provide visibility into the time taken to log on to the VDA. The following items are added to view the details of VDA logon duration:

VDA logon duration graph on the Trends chart: A new VDA logon duration graph is added to the Trends > Logon Performance tab. Also, the following metrics are added to the tooltip as breakdown metrics:
- AppX file associations: The time taken to associate AppX files during the new VDA session.
- AppX load packages: The time taken to load the AppX packages during the new VDA session.
These metrics are exported in PDF and CSV formats, and the chart is also included in the exported files.
Total logon duration in seconds and VDA duration in seconds on the Filter tab: These metrics are added to the Filter view, allowing you to filter session searches and custom reports.
Client and Controller Duration and VDA logon duration on the Session Logon tab: The graph on the Session Logon tab is reorganized to support the following granular durations:
- Client and Controller Duration: Time taken since the user clicked the app or desktop icon until the keyboard and mouse controls are handed over to the end user to interact with the session.
- VDA logon duration: Time taken on the VDA to create a session.
Breakdown of Shell step on the Session Logon tab: AppX file associations and AppX load packages are added as a breakdown of interactive session step on the graph on the Session Logon graph tab.

Benefits:

Accurate troubleshooting: Helps administrators accurately determine the causes of slow logons, which might be often due to deployment type, GPOs, profiles, and user interaction.
Corrective actions: Enables administrators to take corrective actions in the right areas, improving the overall user experience.

This feature is designed to improve the session logon breakdown, providing a more accurate representation of logon performance and session logon triage for the Director help desk.

For more information, see Logon process phases.

Additional metrics collection for Provisioning Service

The following details are now monitored for Provisioning Service servers:

Total Reconnect Count: Displays how many times the session got reconnected.
PXE Service: Displays the status of the Preboot Execution Environment service. This metric shows the Windows services status. The possible values are: Not running, Running, Not Installed, and n/a (with help icon).
TFTP Service: Displays the status of the Trivial FTP service. This metric shows the Windows services status. The possible values are: Not running, Running, Not Installed, and n/a (with help icon).

Administrators can configure alerts based on the health status of the PXE and TFTP services. Monitoring and alerting on these Citrix components helps reduce the impact on delivery and improves user experience. Providing critical data sets on component health aids in better troubleshooting of issues.

For more information, see Provisioning Service health metrics.

Option to extend monitoring of HDX optimization beyond Microsoft Teams

Citrix Director now adds an option to extend the monitoring of HDX optimization beyond Microsoft Teams. Previously, only Microsoft Teams was available for monitoring HDX optimization, showing whether it was optimized or not in the Session Topology screen. With this new feature, instead of Microsoft Teams, a new parameter called Real-time communications is added on the Session Topology screen. Currently, only Microsoft Teams is monitored for HDX optimization status. However, this feature provides the possibility of adding more software for monitoring beyond just Microsoft Teams in the future. This feature allows administrators to monitor and troubleshoot applications with and without HDX optimizations, providing a better user experience.

You can click View details next to the application to view additional information, such as categorization under Third-Party Optimization and HDX Optimization. For Microsoft Teams Slims core, it is part of third-party optimization. If not part of third-party optimization, then it is HDX optimized.

Key features and benefits:

Comprehensive monitoring: Monitor and troubleshoot both HDX optimized and non-optimized applications.
Detailed insights: View detailed information about the optimization status of applications.

Note:

To use this new feature, ensure that you are using the Citrix Workspace app for Windows version 2503 and VDA version 2503.

For using Microsoft Teams Slims core, you must install the Plug-in manager on the endpoint, configure the allow list for the virtual channel, and ensure that the virtual channel is open. This feature is only for HDX sessions.

For more information, see HDX optimization details.

Endpoint metrics available on the Filters tab and Custom Reports

Previously, endpoint metrics were available only in the Endpoint view at the User Details > Session Performance > Session Topology section.

With this enhancement, you can now view the following more endpoint metrics in the Director Connection or Session filters and Custom Reports:

Public IP address
ISP
Location (Country or City)
Workspace type - Citrix Workspace app (app or browser)
Access type (through Workspace or StoreFront)

This enhancement helps you to do the following:

You can select the endpoint metrics as part of column selection in the Filters tab.
You can create custom reports using the Custom Query option by selecting output columns as endpoint metrics.

Unified platform experience for Citrix Director

Citrix Director is now aligned with all other components within Citrix Cloud, providing a unified platform experience. The user interface has been refreshed with a modern look and feel, offering easier navigation and better data representation. The enhanced interface is intuitive and designed to help users easily comprehend the data needed to monitor and troubleshoot Citrix sessions.

Session auto reconnect details in Filters view and Session Performance tab

You can now view session auto reconnect details in both the Filters > Sessions tab and the Session Performance tab. This enhancement allows you to quickly access and analyze the number of auto reconnects in a session.

Filters view:

To display the new Session Auto Reconnect column, go to Choose Columns and select Session Auto Reconnect in the Filters > Sessions tab.
A drilldown provides additional information such as Session Reliability or Auto Client Reconnect, timestamps, Endpoint IP, and Endpoint Name of the machine where Citrix Workspace app is installed. This information was previously available in the Trends tab. For more information, see the Historical trends page.

Session Performance tab:

You can now view session auto reconnect details in the Last 48 hr tab of the Session Performance tab.
The graph displays the number of Total Session Reconnects, Auto Client Reconnects, and Session Reliability Reconnects.

The auto reconnect information helps you to view and troubleshoot network connections with interruptions and analyze networks for a seamless experience.

Director action enhancements

Citrix Director introduces new features to improve the user experience and provide better control over actions. This update includes the addition of a progress bar for actions and support to limit action scope based on user roles.

Action progress bar

With this enhancement, when any action is in progress, such as a power control function (for example, restart), you see a status of the action and a dialog box when the action is completed. This feature is applicable to all actions in the Filters tab. However, the status bar is not available for single actions.

The progress bar shows that the outcomes of bulk actions performed. Currently, customers do not know whether their action succeeded or failed and on how many sessions. This enhancement provides clarity on actions performed.

This enhancement allows the addition of custom roles to limit what the admin can see and control. The new custom role limits the ability to select bulk actions such as logoff, disconnect, or message. This control is necessary to prevent unintentional or malicious mass actions on users.

With these enhancements, you can effectively manage and control actions within Citrix Director, ensuring a more secure and efficient environment.

For more information, see Custom role to limit bulk action option for user actions.

Provision to set site level alerts for Provisioning Service and Delivery Controller

Previously, when there were multiple servers from a single site, you received multiple alerts, one for each server. With this enhancement, administrators now have the option to:

Configure Provisioning Service alerts based on the Provisioning Service site or individual Provisioning Service servers.
Configure Delivery Controller alerts based on the Delivery Controller site or individual Delivery Controller servers.

This enhancement allows you to send alerts at the site level, rather than at the individual server level.

To set a single alert for a single site, navigate to the Advanced Alert Policies and select the scope as required. For example, in the case of Provisioning Service, when you select All Provisioning Service, even if the site has two servers, you receive only a single alert. This alert is a site-level alert.

With this enhancement, once the alert is set, you see the number of servers with alerts along with the site name on the Citrix Alerts page. Clicking the number takes you to the Infrastructure Monitoring tab, displaying only the servers that had alerts. This targeted notification, with a detailed list of components causing the alert, helps reduce alert overload.

For more information, see Alerts for infrastructure monitoring.

Integration with webhook

Citrix Director now integrates with Webhook. Using this feature, you can select the required tool from the Alerting and ITSM section on the Integrations and data exports page and then click Get Started. This page gives you reference links to create the tools specific channel and webhook URL, which is the first step. Once the first step is completed, you can create webhook profiles.

You can also create webhook profiles in the Integrations and data exports > Developer tools page of Citrix Director. You can find steps and resources to integrate the following alerting and ITSM tools with Citrix Director:

Slack
Microsoft Teams
ServiceNow

This feature helps you to send alert notifications to the preceding third-party applications that have incoming webhook URLs configured.

Key features:

New integration tiles for Slack, Microsoft Teams, ServiceNow, and other supported platforms.
Navigation to First Time User page for each integration.
Create or Edit webhook configuration page with UI workflow to provide the webhook URL, headers, body, and test the webhook configuration and save it.
List the webhook profiles created and provide the capability to edit, delete the webhook profiles.
Map created webhook profiles with the advanced alert policies.

For more information, see Integrations with alerting and ITSM tools.

Scout

Scout supports collecting data from Provisioning Service sites

Previously, Scout supported only the local Provisioning Service machine. With this release, Scout now supports multiple Provisioning Service servers within a Provisioning Service site. This enhancement allows for more comprehensive data collection and monitoring across your entire Provisioning Service environment.

Key features and benefits:

Expanded support: Scout now supports multiple Provisioning Service servers in a site, providing a more holistic view of your environment.
Improved performance and stability: This release addresses several issues to enhance overall performance and stability.
Enhanced user interface: The UI of Scout has been improved for a better user experience.

These updates ensure that administrators can more effectively monitor and troubleshoot their Provisioning Service environments, leading to improved performance and reliability.

Scout integration with FAS

Previously, Scout was not integrated with the Federated Authentication Service (FAS), which prevented the collection of information from it. With this release, Scout is now integrated with FAS. This feature is available by default and allows Scout to detect and recognize FAS as a Citrix machine type similar to VDA, StoreFront, and so on.

Key features and benefits:

Unified data collection: Scout can now collect FAS AOT logs using the Collect option.
Enhanced troubleshooting: Use the Trace & Reproduce option to enable and retrieve CDF logs and additional FAS configuration information.
Improved monitoring: Ensures a unified data collection experience for FAS server machines.

Note:

Currently, Scout on the FAS server doesn’t support the “Health Check” for diagnosing FAS configuration issues.

uberAgent

uberAgent Integration with Citrix Virtual Apps and Desktops

Key features and benefits

Enhanced monitoring capabilities: uberAgent provides deep insight into application usage and performance, system health, network metrics, and security analytics.
Flexible configuration options: uberAgent offers flexible configuration options to send data to customer backends such as Splunk, Elastic Search, Azure Monitor, Microsoft ADX, or Apache Kafka.

Policies to configure

After installing Citrix uberAgent, configure the following policies in Citrix Web Studio to fully integrate and use uberAgent with Citrix Virtual Apps and Desktops:

Enable uberAgent Data Collection Policy: When enabled, uberAgent provides insights into application usage and performance, system health, network metrics, and security analysis. This policy is disabled by default.
Enhance Director with uberAgent Data Policy: This policy enables the Director integration. So, Director can process data provided by uberAgent to enhance monitoring capabilities, including monitoring of local application usage. This policy is enabled by default.
uberAgent Configuration Archive Path: This policy specifies the path to a directory containing an uberAgent configuration archive. By default, the path is empty.
uberAgent License Path: This policy specifies the path to a directory containing at least one uberAgent license. By default, the path is empty.

This integration ensures that administrators can effectively monitor and manage their Citrix environments, providing a better user experience and improved system performance.

Machine Creation Services (MCS)

Support for Citrix-managed OpenShift plug-in (Preview)

With this feature, Citrix manages your Red Hat OpenShift workloads through a Citrix-managed OpenShift plug-in. With this plug-in, you can create hosting connections and hosting units to your OpenShift cluster, create catalogs, and power manage machines in the catalog using PowerShell commands. For more information, see:

Migrate existing MCS provisioned catalogs to prepared image machine catalog

With this feature, you can convert an existing MCS catalog provisioned from master image to a catalog using a prepared image. For information on prepared image, see Image management.

However, you cannot revert to the legacy catalog after migration. Currently, this feature is applicable to Azure and VMware virtualization environments. For information on the steps to migrate, see Migrate existing MCS provisioned catalogs to prepared image machine catalog.

Migration of non-persistent VMs in VMware

Previously, in the VMware environment, you could migrate only the persistent VM disks from one storage to another storage. With this feature, you can migrate the non-persistent VM disks from one storage to another storage using the Move-ProvVMDisk PowerShell command. You can migrate: OS Disk, Identity Disk, and Write-back Cache (WBC) disk.

For more information, see Storage migration of VMs.

Enable trusted launch of existing persistent and non-persistent catalogs

With this feature, you can update an existing non-Trusted Launch persistent and non-persistent machine catalog to a catalog enabled with Trusted Launch.

To successfully create or update a machine catalog with Trusted Launch, you must use a machine profile. However, if you use a master image enabled with Trusted Launch and a machine profile not enabled with Trusted Launch, you get a warning message because of the mismatched Trusted Launch configuration between master image and machine profile.

For more information, see Machine catalogs with trusted launch.

Cross-account provisioning in AWS

There are scenarios where the Delivery Controllers would like to be placed in a separate AWS account (primary account) from that of their MCS-provisioned machine catalog (secondary accounts). To support such scenarios, this feature uses VPC peering and cross-account access using IAM roles to make provisioning across different AWS accounts possible for enterprises managing multiple AWS accounts.

With VPC peering, you can have your Delivery Controllers, and provisioned VMs in different regions or accounts be able to communicate among each other.

With cross-account access using IAM roles, you allow the primary account (Delivery Controller account) to assume an IAM role to access AWS resources in the secondary account (machine catalog VMs).

For detailed information, see Cross account provisioning.

Support for backup SKU list for VMs in AWS

Public clouds can sometimes run out of capacity for a specific EC2 instance type (Primary SKU). If the primary VM configuration is not available, then the VM cannot start resulting in loss of time and business disruption.

With this feature, in the AWS virtualization environment, you can provide a list of backup EC2 instance types (Backup SKUs that can be On-demand instances) using PowerShell that MCS can fall back to in case of capacity-related issues. MCS tries to fall back on the backup EC2 instance types in the order that is provided by you in the list. In case MCS fails to fall back on all backup EC2 instance types provided, you get an error message. This feature is applicable to both persistent and non-persistent MCS machine catalogs.

For more information, see Backup SKU list for VMs.

Validate host connection in an Azure secret environment

With this feature, you can validate if a host connection has the required permissions in an Azure secret environment using a PowerShell command Test-HypHypervisorConnection. To successfully get the validation result, you must create or update an existing host connection to have a custom property AuthenticationObjectId. This property stores the Object ID of the service principal tied to the hosting connection.

For more information, see Validate host connection in Azure secret environment.

Citrix-managed HPE Moonshot plug-in installed by default

The Citrix-managed HPE Moonshot plug-in is installed automatically while upgrading or installing Citrix Virtual Apps and Desktops version 2503. See HPE Moonshot virtualization environments.

Support for NVMe-only SKUs in Azure

Previously, MCS supported only SCSI storage controller type. With this feature, MCS also supports the NVMe storage controller type to support the new VM SKUs on Azure. For information on NVMe, see the Microsoft documentation General FAQ for NVMe. For information on creating an MCS machine catalog using a service offering that:

supports both SCSI and NVMe, see Create a catalog using a service offering that supports both SCSI and NVMe
supports only NVMe, see Create a catalog using a service offering that supports only NVMe

Flexible storage location option for VMs

Previously, VM allocation began from a fixed Storage Service (SR), such as SR1, and progressed sequentially through SR2, SR3, and so on. And, for some cases, the storage load is not evenly distributed across storages.

This feature gives you the ability to balance VM allocation across different storage service using the following methods:

Enhanced current round robin allocation method: Instead of always starting from the same fixed SR, MCS now begins the allocation from the SR right after the last used SR.
Least load-based allocation method: Places the VMs on the least current load, determined by comparing the total number of VMs on each SR within the same machine catalog. For example, if a machine catalog contains 100 VMs distributed as follows: 20 VMs on SR1, 30 VMs on SR2, and 50 VMs on SR3, the new VMs are allocated to SR1 first. This method ensures that the load across SR1, SR2, and SR3 is balanced. You can use this method by adding a custom property Name=”StorageBalanceType`” Value=”VMCountBasedLeastLoad while creating or updating a host connection.

This feature is:

Applicable to only OS disk storage.
Applicable to all on-premises hypervisors (VMware, XenServer, and Hyper-V)
Not applicable to the existing VMs

For information on creating or updating an existing host connection with the load-based allocation option, see Flexible storage location option for VMs.

Support for Boot Integrity Monitoring in Azure

With this feature, in Azure virtualization environments, you can enable Boot Integrity Monitoring for MCS machine catalog VMs (persistent and non-persistent VMs) using a machine profile (VM or template spec) that has GuestAttenstation extension installed. Boot Integrity Monitoring is only supported for Trusted Launch and Confidential VMs that use Secure Boot and virtual Trusted Platform Module(vTPM).

If your VM has Secure Boot and vTPM enabled, and GuestAttestation extension installed, Microsoft Defender for Cloud can remotely validate that your VM boots correctly. This monitoring is called Boot Integrity Monitoring. For more information on boot integrity monitoring, see Boot integrity monitoring overview.

For information on creating a catalog enabled with boot integrity monitoring, see Boot Integrity Monitoring.

Support for creating MCSIO enabled MCS machine catalog in AWS

In the AWS environment, you can now create MCS Storage Optimization (MCSIO) enabled non-persistent catalog using PowerShell commands. To create such a catalog, you must install the MCSIO driver while installing or upgrading the VDA. By default, that driver is not installed. For more information on creating the catalog, see MCSIO enabled catalog.

Match UEFI boot program to Citrix Provisioning version for MCS created Citrix Provisioning catalogs

The Citrix Provisioning server uses a BDM disk, which contains a UEFI boot program. This feature allows generation of BOOTX64.EFI file alongside the PVSBOOT.INI file when creating a Citrix Provisioning catalog using MCS. As a result, target devices can boot from the latest boot settings file, ensuring that target devices align with the Citrix Provisioning version.

Autoscale

Use Autoscale to hibernate VMs

The power management is now enhanced to support hibernation of VMs through Autoscale configurable settings. Use the PowerShell commands Get-BrokerDesktopGroups, New-BrokerDesktopGroups, or Set-BrokerDesktopGroups to set the following positive value to the parameter AutoscaleScaleDownActionDuringPeak (during peak) or AutoscaleScaleDownActionDuringOffPeak (during off peak) to define the power actions:

0: Shut down the VMs when scaling down
1: Suspend (hibernate the VMs) when scaling down

VMs not capable of hibernation are shut down.

Autoscale powers on hibernated VMs

With this feature, in Azure, Autoscale can power on hibernated multi-session Remote Desktop Services (RDS) and shared single-session VMs with no sessions on it during peak time. The VMs can be of MCS and non-MCS machine catalogs.

Application

Limit the visibility of applications on Workspace and Desktop

By default, packaged applications are visible everywhere. With this feature, you can now control whether packaged applications must appear in Workspace or deployed to the users’ VDI Desktop sessions using Powershell. For more information, see Limit the visibility of applications on Workspace and Desktop.