Hi, I don't recall, but do I have to change the resource location setting to traditional gateway if I want to use the on premise netscaler and storefront as a backup for lhc if DaaS would go down?

Are there any reasons not to use the current release VDAs if we're on Citrix Cloud control plane?

Hi, any experiences when setting up DaaS in China?

📄 Amazon WorkSpaces Core VDI Feature Matrix 📄 It can be daunting to keep track of which features are available on Amazon WorkSpaces Core with each of our VDI partners, especially ☁️ Citrix DaaS ☁️. An awesome colleague of mine put together a Community article to drive field awareness of key features for each of our VDI partners. Please let us know in the comments if anything needs to be added or modified, as we'd like to keep this as up to date as possible!

Does any credentials traverse the Cloud Connector when you use Azure AD + FAS for user authentication?

Citrix Workspace with internal Gateway Hello all ! I have one of my customer who use DaaS with Storefront and Internal Gateway as ICA Proxy. He wants to move to Workspace (to remove the On-Premise Storefront) but he wants to keep internal ICA Proxy. Is it possible ? The only way I see is to use the same hostname for internal and external Gateway but perhaps I missed something. Thank you for answering 🙂

Trying to add onprem 2402 CVAD site to our Cloud DaaS site. always reports "we couldn't find your site". I've tried IP, FDQN of DDC, disabled firewalls on Cloud Connector and DDCs (a lab environment). I have connectivity between Cloud Connector and the DDCs on ports 53, 80, 443. Tried different CVAD admin accounts, tried adding admin account directly to Administrators in Studio instead of nested membership. Any debug logging I can enable?

Hi everyone! Hope everyone is having a wonderful day. Very excited to be here and looking forward to learning from you. I am in need of your help with a project where the company I'm working at has two different domains. These domains have a two-way trust, and in each domain, there is an on-premises Citrix farm with FAS and PKI infrastructure. The goal of the company is to merge the Citrix farms of these two domains and move to Citrix Cloud while keeping the VDAs on-premises. At the same time, they want to create a single portal that both domains can access. So far, I have created a resource location in Citrix Cloud for each domain, which contains cloud connectors, a gateway, and FAS. When I try to launch a desktop located in domain1 with domain1\user, SSO works. However, when I try to launch a desktop located in domain2 with domain1\user, I get an error message saying, "The username or password is incorrect." I want domain1\user to be able to log in to both domain1 and domain2 and launch the desktop with SSO. I want domain2\user to be able to log in to both domain1 and domain2 and launch the desktop with SSO. I have set up this scenario in my lab environment and have followed Kumar’s guide on However, I can't get this working and was wondering if you could shed some light on my issue. Would you possibly be able to guide me through the configuration? I hesitate to make changes to their PKI environment in PROD, which is why I created my lab environment. Much appreciated! Have a wonderful week. BR, Artiom

anyone have issues with cloud connectors locking service accounts/admin accounts?

Has anyone had any experience with configuring an endpoint to purposely avoiding a Gateway Service PoP? I have users periodically complain about random and sudden session disconnects and every time I look at Monitor, they are going through Northern Virginia.

Anyone have issues connecting an igel to Citrix Workspace (Citrix Cloud). I followed the article here - Getting Started with the Citrix Workspace App on IGEL OS , but its not able to connect. I know the igel can connect to the Workspace URL b/c i am able to login via a browser. anyone had to do anything special to get it to connect?

Anyone using Device Posture? Testing in our lab and can't figure out how to leverage SmartAccess using Gateway Services/Device Posture. This article has an example with using Delivery Groups but I'm looking for filtering DaaS policies based on Device Posture COMPLIANT/NON-COMPLIANT status, similar to the way Gateway/SessionPolicies/EPA works. Delivery Group example: Configure Device Posture policies | Device Posture and SmartControl example: https://docs.citrix.com/en-us/device-posture/smart-control-for-daas-through-device-posture

Is this the correct approach when configuring Gateway Service for Storefront? CC have been added as an STA on the OnPrem GW and each entry represents 2x CC in a Resource Zone (DaaS). Storefront 2411.

.

Hi Everyone, How do you disable this prompt from appearing in the Citrix Workspace endpoint application when connecting to Workspace hosted on Citrix Cloud? I get it whether i enable or disable "always prompt end users for their credentials". anyone know how i can get disable it?

Are there any scripts around to export details on Policies from Citrix Cloud? ChatGPT just makes up cmdlets that don't exist

I've got an environment looking to start exclusively using Entra groups for management. They will continue to keep a hybrid joined VDA fleet. It appears it's not supported to use Entra AD groups to limit visibility of some apps, but I can use Entra groups to assign delivery groups. Does anyone know if theres a way to get around this? Otherwise we will have to do some rebuilding of all delivery group structure to try and limit visibility as needed. Any concerns assigning to Entra groups at the delivery group level rather than traditional AD groups given the hybrid environment?

Apologies if this is the wrong channel to post this - I'm working on a deployment of an MCS catalog of Windows 11 multi-session OS using the Image Management functionality in Citrix Cloud. Utilizing ephemeral disks for the increased performance + no cost compared to Managed Disks. Experiencing problems with app hydration; first login suffers from poor login speeds and application launch times but subsequent logins are fine. I've tried an auto login account and an application hydration script but neither seems to have had a positive effect. Some stats for reference: • First login this morning; Explorer/task bar loaded at 1m 30 secs. Teams completed loading at 2m 25 secs, and Edge launched at 6 minutes. The homepage and new tab never actually loaded though – gave up waiting after 10 mins • Second login (for the same user); had Edge and intranet loaded at 26 seconds, and Teams completed by 35 secs • Third login (different user); had Edge and intranet loaded at 28 secs, and Teams completed by 34 secs Wondering if anyone else has encountered this problem and has any tips or suggestions to improve the first login experience? Thanks

Long shot, but I have been asked to find out the physical locations/Cities of Citrix Cloud DaaS data centres in the EU region. Googling doesn’t show much…

I'm curious / wanting to confirm - with the notice sent out by Citrix Cloud regarding update of the cert for SAML - is anyone using DUO and can confirm that there's no real actions required?

Anyone using this API to get Notifications? Send notifications to administrators in Citrix Cloud

I'm getting access denied despite my service principal being given full permissions.

Not having this issue with any other Citrix Cloud APIs

Meh - it works with a secure client... not a service principal. Annoying!

Any Citrix peeps here know when the reversion to Director which incorrectly reports full load events as failures will be fixed?

Using a custom domain URL against Entra ID, do I need to worry about the OIDC enterprise application's redirect URIs, like I would if i were using SAML? Or does Citrix Cloud manage that for us?

xAnother Citrix Cloud DaaS API issue! I’d be very interested to see if others are seeing the same, as I see the same issue on every Citrix Cloud Tennent I’ve checked so far. When querying Citrix Cloud connectors via the Citrix Cloud API, the status is always 'unknown' even if the cloud connector is in a good state. API: https://api.cloud.com/connectors/ Endpoint: Connectors_GetAll API Docs: https://developer-docs.citrix.com/en-us/citrix-cloud/citrix-cloud-connectors/apis/#/Connectors/Connectors-GetAll Example JSON from API request: Connectors_GetAll: [ { "id": "*[REDACTED]*", "fqdn": “*[REDACTED]*", "role": null, "windowsSid": "S-1-5-21-*[REDACTED]*", "location": "*[REDACTED]*", "currentVersion": "4.381.0.4578", "currentBootstrapperVersion": "6.114.0.4578", "expectedVersion": "4.381.0.4578", "expectedBootStrapperVersion": "6.114.0.4578", "versionState": "Normal", "inMaintenance": false, "leaseEndDateTime": null, "upgradeDisabled": false, "connectorType": "Windows", "status": "Unknown", "lastContactDate": "2025-04-11T101040.0169354Z" }, { "id": "*[REDACTED]*", "fqdn": "*[REDACTED]*", "role": null, "windowsSid": "S-1-5-21-*[REDACTED]*", "location": "*[REDACTED]*", "currentVersion": "4.381.0.4578", "currentBootstrapperVersion": "6.114.0.4578", "expectedVersion": "4.381.0.4578", "expectedBootStrapperVersion": "6.114.0.4578", "versionState": "Normal", "inMaintenance": false, "leaseEndDateTime": null, "upgradeDisabled": false, "connectorType": "Windows", "status": "Unknown", "lastContactDate": "2025-04-11T100826.6928764Z" } I have tested this across different customer tenants and get the same result I see similar behaviour from the Cloud Connector ConnectivityData API /healthdata/connectivitydata When the parameter 'dataAggregationTime' is set to 'OneDay' the latest entry is always 'unknown'. { "overallConnectorConnectivity": { "1744329600": "Unknown", # Unix time conversion: midnight, 11/4 (the past) "1744416000": "Connected"... # Unix time conversion: midnight, 12/4 (the future) but without the 'dataAggregationTime' param, all tests always come back 'connected' The confusing part here is that, at the time of query, 12/4 was in the future so there was no way the test could have run yet it states connected and the test that ran previously states unknown… I have raised this with Citrix (case ID: 83259093) but they seem to be struggling. Any help or insight much appreciated

Hello, pretty basic question, while setting up citrix cloud, we have to setup a company.cloud.com url mandatory and another custom workspace url. Is the company.cloud.com netscaler gateway url and the custom url is storefront url? What is the difference between netscaler gateway service url and workspace url in citrix cloud? Also, why do we need to setup company.cloud.com url and set a custom workspace url while configuring citrix cloud? Can someone please explain?

Can this be configured so DaaS Monitor pulls in On-Prem Director data, instead of the other way around? Unified search for Hybrid multi-cloud deployments | Director.

anyone else had issues with Citrix cloud adm agents lately? there was an automatic upgrade on friday to 14.1-49.39 which gives me "not reachable" status on our Netscalers. The agent has been restarted, services restarted & agent shows up and running but still not reachable. We have even restarted our MPX but still the issue persists. We have two agents, the one that we haven't restarted has the status "LSA" with the text on it. Is there some type of Master configuration with these Citrix cloud agents which require ALL the agents to be restarted? the MPX that receives licenses however is not configured with the 2nd agent which has the "LSA" status on it. Contact with Citrix but they were not able to figure it out, yet.. we have entered grace period and I suppose that everything should be working fine for the upcoming 649 hours but not sure if this has some type of effect on bandwidth or similar because we have had some hiccups in our environment since this happening.