deviceTRUST 19.2 is now available and includes the new macOS Client and an updated iOS Client. See the release notes for more information.

deviceTRUST 19.2.100

This release includes new features and bug fixes to the deviceTRUST Host and Client for Microsoft Windows.

New FSLogix App Masking Task

We’ve introduced a new FSLogix App Masking task which enables contextual aware FSLogix App Masking policies.

When creating an FSLogix App Masking task, you simply choose whether to show or hide the application within the user session.

Defining an FSLogix App Masking Task
Defining an FSLogix App Masking Task

Next, you enter the full path to the FSLogix App Masking Rule Set and click OK.

Configuring an FSLogix App Masking Task
Configuring an FSLogix App Masking Task

Microsoft AppLocker Exceptions

We’ve extended the Microsoft AppLocker Task with a list of exceptions. Each exception specifies the path to files that should be excluded from the rule.

Exceptions within the Microsoft AppLocker Task
Exceptions within the Microsoft AppLocker Task

New Printer Task

A new Printer task now allows both the mapping and unmapping of network printers, and also the option to specify a default printer for the user.

The new Printer task
The new Printer task

Citrix Policy Changes

We’ve extended the Citrix Policy task with additional policy items.

Firstly, we’ve added the option to control clipboard redirection. When enabled, you can now select whether to allow sharing of clipboard content from the client to the user session, or from the user session to the client.

Secondly, we’ve added the option to control whether Citrix Client Drive Mapping automatically maps drives.

New Citrix Policies
New Citrix Policies

The Popup Message task now allows images to be associated with the popup. These images are displayed both on the action center notifications, and also when displaying a regular popup message.

The images are embedded within the deviceTRUST Policy and therefore do not require an image to be available on the local file system.

Images within the Popup Message task
Images within the Popup Message task

Embedded Scripts within Custom Process

The Custom Process task now supports embedding scripts within the policy, ensuring that external scripts do not need to be available on the local file system.

Embedded Scripts within the Custom Process task
Embedded Scripts within the Custom Process task

New Security Group Properties

We’ve added support for querying the security groups that a user belongs, either on the HOST or on the remote DEVICE. We’re aware that enterprise users can have large quantities of security groups, so we’ve introduced a new ADMX policy for the HOST titled Query to include host USER GROUPS and another for the DEVICE titled Query to include device USER GROUPS which allow you to define which groups are returned.

These security groups can be used to create security group aware contexts and actions.

  • HOST and DEVICE_USER_GROUPS - A semi-colon list of all security groups that the user is a member of.

New Display Properties

We’ve extended the display properties with additional information describing the monitor attached to the display. These monitor properties require the information to be available within the Extended Display Information Data (EDID).

  • HOST and DEVICE_DISPLAY_X_MONITOR_VENDOR - The vendor name that manufactured the monitor.
  • HOST and DEVICE_DISPLAY_X_MONITOR_PRODUCT - The product name of the monitor.
  • HOST and DEVICE_DISPLAY_X_MONITOR_SERIALNUMBER - The serial number of the monitor.
  • HOST and DEVICE_DISPLAY_X_MONITOR_EXTERNAL - Set to true when the monitor is external, otherwise false.
  • HOST and DEVICE_DISPLAY_X_ADAPTER_VENDOR - The vendor name that manufactured the display adapter.
  • HOST and DEVICE_DISPLAY_X_ADAPTER_PRODUCT - The product name of the display adapter.

Bugs Fixed

  • Fixed an issue where importing large numbers of contexts resulted in the OK button disappearing off the page.
  • Fixed an issue where the AppLocker task could fail to apply policy changes when large numbers of AppLocker changes were made concurrently.
  • Fixed an issue where surrounding the path with quotes with the AppLocker task would result in an invalid AppLocker policy.
  • Fixed an issue where the screen saver timeout period was incorrectly detected.
  • Fixed an issue with the ‘Allow printer redirection’ Citrix Policy not working after reconnecting to a user session.

Known Issues

  • We’ve seen an issue where occasionally on Citrix 7.18 using Windows Server 2019 and on RDSH on Windows Server 2012 R2, printers which are unmapped are not correctly tidied up within the OS’s Settings and Control Panel. These unmapped printers are not listed when the user attempts to print.
  • When using VMware Horizon 7.8.0 on Windows Server 2008R2, we’ve found that delays to the logon process result in a crash of the VMBlastW.exe process. To work around this issue, change the ADMX ‘Shell Access’ policy titled Method used to block logon whilst the properties are read from connected device to Non Blocking.

Policy Compatibility

The deviceTRUST Host 19.1 is not compatible with policy created by the deviceTRUST Console 19.2. It is recommended that the deviceTRUST Host is upgraded before applying any policy changes.