New Features 11.10.210

Citrix

• Updated Citrix Workspace App to version 2405.
  Available Citrix Workspace Apps in this release: 2405 (default), 2402, and 2010

Changed

• The default value of the parameter ica.authman.kiosksfuienhanced has been changed to true and thus corresponds to the value of Citrix.

Added

• [Technical Preview] Provision to manage multiple proxy servers
  You can use multiple proxy servers that allow the HDX sessions to select appropriate proxy servers for accessing specific resources.

Extend parameter range ica.allregions.proxytype with "Script".

• [Technical Preview] Multiple webcam resolutions support
  Webcam streaming supports all webcam resolutions that are available on the client side.

Citrix NSGClient

• Updated Citrix EPA Client to version 24.10.1

RD Web Access

• Added IGEL RDP3-based RD Web Access incl. support of seamless app(s).

VMware Horizon

• Updated Horizon Client to version 2406

• Added support for Horizon next-gen (v2) API
  If server URL of Horizon session matches the host name pattern defined in vmware.view.v2_host, next-gen API will be used for this session.

Network

• Added ACME client - for usage of HTTP-01 challenge.

Registry keys

• This determines whether the feature is enabled as a whole:

• The rest are members of instances of network.acmeclient.cert%. Instance 0 is available from the start.

• This is the name of the subdirectory of /wfs/acme_certificates/ where data for the respective instance is stored - only letters, digits, underscores, dashes and dots are allowed:

• The following are names (space-separated) for which a certificate shall be requested. In the case of success each will appear as subject alt name, the first one also as the common name (This is true at least with the Smallstep CA with default settings). %H will be replaced by hostname -f, %h by hostname -s.

• This is the ACME server URL (something like https://my- stepca.example.com/acme/acme/directory):

• This is for verifying the ACME servers certificate (installing any such certificate on the system is beyond the scope of the ACME client):

• This may be necessary for creating an account on the ACME server:

• The following is the length of the client key for which a certificate will be requested. Those with ecc-prefix mean ellipic curve keys, the remaining ones RSA keys.

• This is the number of days between expiry checks:

• This is the period before the certificates' expiry in which renewal attempts are performed:

• This is the debug level for acme.sh:

• The resulting client.cert and client.key can be used for EAP/TLS and EAP/PEAP/TLS via Ethernet and WLAN.
  Example:
  Assume the above is configured with directory="default" and EAP/TLS is wanted.
  On the respective setup panel the following should be configured then:
  EAP Type: TLS
  Validate Server Certificate/CA Root Certificate: for verifying the RADIUS server's certificate, a separate topic
  Manage certificates with SCEP (NDES): no
  Client Certificate: /wfs/acme_certificates/default/client.cert
  Private Key: /wfs/acme_certificates/default/client.key
  Identity: , will be automatically derived from the client certificate's subject
  Private Key Password:

• Added Wake on LAN support via USB-C-to-LAN adapters

• Activated by enabling any of the Wake on LAN settings of LAN Interfaces

• Only Wake on LAN from Suspend is supported

• Updated Lenovo FCC Unlock Tool to version 2.4

IGEL Agent for Imprivata

• Updated iia to 0.6.2igel1728370169 (content of IAFI 1.1.0).

Imprivata

• Updated Imprivata bootstrap loader to fix CVE-2022-37454.

• Updated PIE bootstrap loader to 23.2.0.711883

HID

• Added new registry keys to influence mouse acceleration settings:

Cisco JVDI Client

• Updated Cisco JVDI to version 15.0.0

Cisco Webex

• Updated Webex VDI to version 44.8.1.30603
  Added support for AVD
  Fixed two critical issues (Crash, Audio for Webex Calling)

• Updated Webex Meetings VDI to version 44.6.5.1, available versions: 44.6.5.1, 43.6.8.4 and 42.10.8.14.

Base system

• Removed support for BioSec BS Login Hand Vein Sensor due to technical reasons (necessary removal of QT4).

• Updated grub bootloader to 2.12 version.

• Updated StepOver Client to version 2.4.3

Firmware update

• Added progress notification shown during migration from OS 11 to OS 12.

zoomvdi

• Updated Zoom VDI Client to version 6.1.12. Available versions in this release: 6.1.12.25370, 5.17.13.25060 and 5.17.6.24660.

Hardware

• Improved hardware detection of supported LG devices.

• Validated support for Intel i226, 2.5Gbps ethernet card (copper and fiber) for HP t755 devices.
  Validated support for Allied Telesis 2914SP Gbps PCIe network adapter with SFP Port for HP t755 devices.

TC Setup (Java)

• Upgraded TC Setup to version 12.6.1

• Added deviceTRUST and Cisco Webex VDI options to Sessions > AVD > AVD Sessions > AVD Session > Plugins page.

Remote Management

• Improved migration from OS 11 to OS 12.
  Upgrade of the remote management protocols is invoked as a separate step returning a specific reason in case of failure.

Fabulatech

• Updated Fabulatech USB redirection to version 6.2.0.9

• Added interfaces parameter to configure Fabulatech USB redirection to redirect certain interfaces only. The value is a space separated list of interface indices. The interfaces parameter is available in IGEL registry. After creation of device rule with VID and PID for the related device, the IGEL registry under rdp.usbredirection.devicepolicy.product_rule0.interfaces must be used to configure the interface indices to redirect. Leave interfaces empty to redirect the whole device.