This release includes new features and bug fixes to the deviceTRUST Host and Client for Microsoft Windows.
New FSLogix App Masking Task
We’ve introduced a new FSLogix App Masking task which enables contextual aware FSLogix App Masking policies.
When creating an FSLogix App Masking task, you simply choose whether to show or hide the application within the user session.
Next, you enter the full path to the FSLogix App Masking Rule Set and click OK.
Microsoft AppLocker Exceptions
We’ve extended the Microsoft AppLocker Task with a list of exceptions. Each exception specifies the path to files that should be excluded from the rule.
New Printer Task
A new Printer task now allows both the mapping and unmapping of network printers, and also the option to specify a default printer for the user.
Citrix Policy Changes
We’ve extended the Citrix Policy task with additional policy items.
Firstly, we’ve added the option to control clipboard redirection. When enabled, you can now select whether to allow sharing of clipboard content from the client to the user session, or from the user session to the client.
Secondly, we’ve added the option to control whether Citrix Client Drive Mapping automatically maps drives.
Popup Message Images
The Popup Message task now allows images to be associated with the popup. These images are displayed both on the action center notifications, and also when displaying a regular popup message.
The images are embedded within the deviceTRUST Policy and therefore do not require an image to be available on the local file system.
Embedded Scripts within Custom Process
The Custom Process task now supports embedding scripts within the policy, ensuring that external scripts do not need to be available on the local file system.
New Security Group Properties
We’ve added support for querying the security groups that a user belongs, either on the HOST or on the remote DEVICE.
We’re aware that enterprise users can have large quantities of security groups, so we’ve introduced a new ADMX policy
for the HOST titled
Query to include host USER GROUPS and another for the DEVICE titled
Query to include device USER GROUPS which allow you to define which groups are returned.
These security groups can be used to create security group aware contexts and actions.
- HOST and DEVICE_USER_GROUPS - A semi-colon list of all security groups that the user is a member of.
New Display Properties
We’ve extended the display properties with additional information describing the monitor attached to the display. These monitor properties require the information to be available within the Extended Display Information Data (EDID).
- HOST and DEVICE_DISPLAY_X_MONITOR_VENDOR - The vendor name that manufactured the monitor.
- HOST and DEVICE_DISPLAY_X_MONITOR_PRODUCT - The product name of the monitor.
- HOST and DEVICE_DISPLAY_X_MONITOR_SERIALNUMBER - The serial number of the monitor.
- HOST and DEVICE_DISPLAY_X_MONITOR_EXTERNAL - Set to true when the monitor is external, otherwise false.
- HOST and DEVICE_DISPLAY_X_ADAPTER_VENDOR - The vendor name that manufactured the display adapter.
- HOST and DEVICE_DISPLAY_X_ADAPTER_PRODUCT - The product name of the display adapter.
- Fixed an issue where importing large numbers of contexts resulted in the OK button disappearing off the page.
- Fixed an issue where the AppLocker task could fail to apply policy changes when large numbers of AppLocker changes were made concurrently.
- Fixed an issue where surrounding the path with quotes with the AppLocker task would result in an invalid AppLocker policy.
- Fixed an issue where the screen saver timeout period was incorrectly detected.
- Fixed an issue with the ‘Allow printer redirection’ Citrix Policy not working after reconnecting to a user session.
- We’ve seen an issue where occasionally on Citrix 7.18 using Windows Server 2019 and on RDSH on Windows Server 2012 R2, printers which are unmapped are not correctly tidied up within the OS’s Settings and Control Panel. These unmapped printers are not listed when the user attempts to print.
- When using VMware Horizon 7.8.0 on Windows Server 2008R2, we’ve found that delays to the logon process result in a crash
of the VMBlastW.exe process. To work around this issue, change the ADMX ‘Shell Access’ policy titled
Method used to block logon whilst the properties are read from connected deviceto
The deviceTRUST Host 19.1 is not compatible with policy created by the deviceTRUST Console 19.2. It is recommended that the deviceTRUST Host is upgraded before applying any policy changes.