deviceTRUST 23.1.120

This release includes new features and bug fixes to the deviceTRUST Console, Agent and Client Extension for Microsoft Windows. Please refer to Compatibility for changes that may impact users upgrading from previous releases.

The deviceTRUST 23.1.110 patch includes bugfixes and minor enhancements to the deviceTRUST Console, Agent and Client Extension.

The deviceTRUST 23.1.112 patch includes a single bugfix to ensure a reliable connection between the deviceTRUST Agent and the deviceTRUST Client Extension for macOS when using Amazon WorkSpaces WSP. There are no changes to the deviceTRUST Client Extension for Windows with this release.

The deviceTRUST 23.1.120 patch includes bugfixes and minor enhancements to the deviceTRUST Agent, Console and Client Extension.

Nice DCV extension support including Amazon WorkSpaces WSP
Stratodesk NoTouch Thin Client
Agentless Multihop
Process Isolation
Other changes
Bug fixes in 23.1.100
Bug fixes in 23.1.110
Bug fixes in 23.1.112
Bug fixes in 23.1.120
Minor enhancements to 23.1.110
Minor enhancements to 23.1.120
Known issues in 23.1.110
Known issues in 23.1.120
Compatibility

Nice DCV extension support including Amazon WorkSpaces WSP

We’ve added support for Nice DCV extensions, bringing the full feature set of deviceTRUST to the latest Nice DCV Standalone, Amazon WorkSpaces WSP, Amazon AppStream and more.

On Amazon WorkSpaces WSP, the Configure extensions policy must be set to Server and Client and there are additional software requirements. More information can be found in our Enabling DCV extensions on Amazon WorkSpaces WSP knowledge base article.

Stratodesk NoTouch Thin Client

Thin clients running the Stratodesk NoTouch OS are now supported. Please see the Stratodesk NoTouch Client Extension 23.1.100 Release Notes for more information.

Agentless Multihop

We’ve introduced a new multihop architecture, which permits a subset of properties to be read from intermediate hops which have only the deviceTRUST Client Extension installed, but without the deviceTRUST Agent.

The properties supported from intermediate hops within an agentless multihop environment include:

deviceTRUST - The Version property.
Domain - All properties.
Name - All properties.
User - The Name, Domain, Domain DNS, Distinguished Name, Sid and Domain Logon properties.

More information regarding our multi-hop scenarios can be found within our Multihop Scenario architecture overview.

Process Isolation

To minimise our footprint on remoting clients whilst ensuring a consistent execution environment across all platforms, the deviceTRUST Client Extension now executes within a new process named ‘dtsensors.exe’. Customers who repackage the deviceTRUST Client Extension or who have strict antivirus policies, may need to accomodate this new executable.

Other changes

The WHOIS provider for the WHOIS properties has changed. ISP and DNS results may differ from previous releases.
The WHOIS provider now detects and utilises OS configured proxy servers when resolving an IP into an ISP or Country.
Added an Advanced setting to control whether users are disconnected if connectivity to the remote device is lost.
Various updates to templates.
Various enhancements to logging, including automatic tracking of WinLogon notifications.

Bug fixes in 23.1.100

Improved reliability of virtual channel when using Amazon WorkSpaces with PCoIP.
Fixed an issue with Citrix published app failing to load.
Fixed an issue with incorrect USB drive serial numbers.
Fixed an occasional deviceTRUST Agent crash if a remote client disconnects whilst establishing context with the remote device.

Bug fixes in 23.1.110

Improvements to the memory footprint of the deviceTRUST Agent.
Fixed an issue with stuck logon sessions, when a user disconnects whilst a custom property script is still executing.
Fixed an issue where an active session could be disconnected when changing the OS recording devices within the Sounds control panel applet.
Fixed an issue where the reported Windows Firewall state could be inaccurate when enforced by a GPO.
Fixed an issue where the reported Windows Update Last Install time properties could be inconsistent with the values shown by the OS.
Fixed an issue where the Logical Disk properties could display duplicate entries when using SD cards.
Fixed an issue where the Remote Control platform would always display Windows on DCV sessions such as Amazon WorkSpaces WSP.
Fixed an issue where the Mapped Drive properties could contain the wrong user when credentials exist within Credential Manager but mapped with a different user.
Fixed an issue establishing context with iOS devices if multiple new iOS devices connect within a short time period.
Fixed an issue with the Terminate App task not terminating apps when set to ‘Identify Applications by AppLocker policies’ and using an AppLocker Publisher Rule.
Added reliability improvements to WHOIS certificate revocation handling.

Bug fixes in 23.1.112

Fixed an issue where the deviceTRUST Client Extension for macOS 23.1.100 could not reliably connect to an Amazon WorkSpaces WSP instance.

Bug fixes in 23.1.120

Fixed an issue in the deviceTRUST Console where new properties would not appear within the Properties Settings until the settings were removed and readded.
Fixed an issue where the locking the session with the User Session task could potentially defer the task until the session was unlocked, resulting in a double lock/unlock scenario.
Fixed an issue where the user’s Active Directory attributes could not be read when the local machine did not have the privileges to read from user’s domain within a multi-domain scenario.
Fixed an msiexec.exe process crash during shutdown when installing or upgrading the deviceTRUST Client Extension. There were no adverse symptoms to the crash.
Fixed an issue where the user could be automatically logged off following a disconnect whenever the ‘Block the user session during Logon and Reconnect (or Unlock)’ advanced setting was set to false.

Minor enhancements to 23.1.110

Improved the performance of the deviceTRUST Agent and the deviceTRUST Portal when handling sessions from the deviceTRUST Client Extension for iOS.
Added a new option to the Location properties to temporarily ignore OS location readings that do not meet the minimum source.
Added the ability for User attributes from Active Directory to follow referrals to other domain controllers.
Added support for IGEL COSMOS properties for our forthcoming deviceTRUST Client Extension for IGEL OS 12.

Minor enhancements to 23.1.120

Added support for the Logical Disk Volume ID.

Known issues in 23.1.110

If you have Properties Settings containing the IGEL category of properties, the new IGEL COSMOS properties do not appear in the list following an upgrade. To resolve, remove the IGEL properties from the Properties Settings and re-add them.

Known issues in 23.1.120

The detection of SD cards on Microsoft Windows OS’s remains unreliable and highly dependent upon the hardware used and the driver stack. When using an SD card, the Logical Disk Type, Serial Number, Vendor and Product ID may be incorrect. We recommend detecting specific SD cards with the Volume ID property, however care should be taken as this number is regenerated when the SD card is formatted.

Compatibility

This compatibility section builds on our general approach to compatibility which can be found on the compatibility page.

If upgrading from release deviceTRUST 21.1, be sure to refer to the deviceTRUST 21.1.300 Compatibility notes.

The deviceTRUST Agents can read policies created by previous releases of the deviceTRUST Console. However, they cannot read policies created by a newer console. Therefore, you must ensure that the deviceTRUST Agent 23.1.100 is deployed before applying policy that has been written by the deviceTRUST Console 23.1.100 or later.

The whois endpoints have changed. Please ensure access to https://locate-europe-west-azure-1.devicetrust.com and https://locate-us-west-azure-1.devicetrust.com is possible without the requirement of proxy servers.

The whois ISP and DNS may return different results to previous releases.