https://worldofeuc.com logo
Join Slack
Powered by
Citrix App Layering 2507 released, although the re...
# citrix-app-layering
k
Citrix App Layering 2507 released, although the release notes have not yet been updated: https://www.citrix.com/downloads/citrix-app-layering/product-software/citrix-app-layering-2507.html
@Rob Zylowski Do you happen to know what's new in this version? Or can ask someone to update the "What's New" section of the documentation? Thanks!
n
Listen, you'll get release notes exactly one day after installing this build and like it...
k
I already installed it, was just wondering what it fixed or changed. Nothing visible from what I can see. Was hoping it added support for Nvme v6 Azure VMs as we had an RFE for that.
r
The whats new has been staged just not pushed yet. Here are the main things The latest version of Microsoft’s WebView2 will now be deployed to the images regardless of which layer the highest version is found. All other versions of the WebView2 will not appear in the image. Therefore you don’t have to do any special handling of this application while creating application layers, nor are you required to have the OS layer keep it up to date. When using full user layers and UPL the version of the WebView2 found on the image will be used and if there is a later version found in the user’s layer, it will not be deleted, but the version from the image will be one that will run, until Microsoft updates the application on its own. The TLS cipher suite TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA is disabled by default. The SSH key exchange (KEX) algorithm diffie-hellman-group-exchange-sha1 is disabled by default
Fixes You might see the “Guest OS Version” setting of VMWare VMs created by App Layering incorrectly set to Server 2012. This happens for VMs based on a Windows 11, Server 2019, Server 2022, or Server 2025 OS layer. [UNI-91506] You might see “Invalid Credentials or Insufficient Privileges” errors when publishing images, creating layers, and creating or editing connector configurations. This occurs when the connector configuration has offload compositing enabled and is configured to connect to a Nutanix AHV 10.3/AOS 7.3 environment. [UNI-92477] You might see the error message “The spool file was not found” when printing with UWP apps. [ALHELP-1817] Microsoft Teams might not launch on a published image [ALHELP-1883] MSIX packages with ILV and PSF do not work with Elastic Layering enabled [ALHELP-1857] The loopback adapter might be missing from published images [ALHELP-1884] Sophos installation might fail on the App Layer in windows 11 24 H2 MultiSession [ALHELP-1860] When you open a file within excel via a sharepoint URL and click on the Sharepoint folder path, the path might redirect to “mydocuments” instead of the sharepoint path. [ALHELP-1827] Attempting to publish an image does not automatically shutdown, to complete the process. [ALHELP-1877]
Strict host checking has been enabled by default for all HTTP/HTTPS connections to the App Layering appliance. This means the management console can only be accessed via a hostname that is on the allowlist. If you try to access the management console via a hostname not on the allowlist then you will receive a 400 Bad Request error. The allowlist automatically includes the appliance’s local IP address and all DNS and IP addresses included as Subject Alternative Names in the appliance’s HTTP certificate. The allowlist can be extended by creating/editing the file /etc/httpd/conf/explicit-alias.conf on the appliance to have the following content: ServerAlias name1 name2 name3 Where each name* is a hostname you use to access the management console (the name you use in the browser address bar, e.g. https://name1/admin-ui). Strict host checking can be turned off entirely by creating the file /etc/httpd/conf.d/99-strict-host-check-off.conf with the following content: StrictHostCheck OFF
n
So we no longer have to manage WebView2 installations at all? Interesting. Wonder how that'll work if we have to hold off on upgrading Edge to the latest build (I know they don't need to match).
r
edge and edgeewbview are differenmt arent they
n
yes
We have just tried to match those builds in our OS layer for quite some time
r
the problem is you cant really control webview since every app that uses it installs it even if its already there
n
So when will the ELM do this, when compiling the image? At the end of every layer type? Just curious. I like not having to manage it anymore.
You know, when we upgrade to it in 3 years
r
ha
so what we do is look at all the folders on the image then find the newest version and get rid of the older ones and fixup the registry
j
Nutanix fix for 7.3.
d
Sorry for the delay on the doc going out for 2507... if there are any lingering questions about the release please lmk.
👍🏽 1
d
A customer has always installed EdgeWebView in the OS Layer. Now with ELM 2507 it seems likge EdgeWebView is partially gone in the publiished image. Teams is reporting that dependecies are missing. I have noticed that Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate is erased partially, at least the EdgeWebView Keys are gone. Is there any way to troubleshoot this issue?
n
WebView2 changes are no longer saved in AL 2507. It's in the what's new section. The ELM now handles it.
d
I am aware of that. Where does ELM get the correct version?
r
It saves all versions in whatever layer they are added to then it chooses ghe newest version when it creates the image
d
So there should be no issue with maintaining the version in the OS Layer?
n
I read it as we should not be installing WebView2 at all, in any layer... Rob can correct me if I'm wrong.
r
Hey Nick I think you are wrong. It takes the newest version it finds in any layer and Dennis you can try to keep it updated in the os layer the problem with webview 2 is that apps will install a new version even if a version exists inthe os layer also even if the os layer version is the same version.
n
Well, I guess I'm even more confused now after reading the note about it in the docs
r
this seems pretty cut and dry to me The latest version of Microsoft’s WebView2 will now be deployed to the images regardless of which layer the highest version is found
d
Are the describes steps from Option 1 still required with the new handling? https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX399422
r
well now edge has to be installed in the os layer but webview2 is dfferent
d
sorry i was confused, ignore it
r
We fixed the edge issue by only taking it from the os layer
n
At the end of the day, are we just installing and maintaining WebView2 in the OS layer only now?
d
There is an override for the default Edge behavior (to allow it in a layer), however it is not publicly documented, and we still don't support Edge in a layer. Webview2 can be in a layer, however it might not be the version which persists into the image. Same with the OS layer. Across all the layers in the image template, we will keep the most current Webview that is present.
n
Oh, so we can install WebView2 in any layer, just that the ELM will keep the most recent and disregard all others?
d
correct
n
Perfect, thank you.
👍 1
d
Should there then only be one version visible here with 2507?
d
yes we would only expect to see one version in the published image
d
That's not the case here
I am currently recreating the platform layer from an os layer with WebView 140 preinstalled
d
the image was published from a 2507 appliance?
d
yes
So after cleaning up (WebView in OS Layer and no other layer) it looks better, even though there are differences im registry and file system, but I am not sure if this is relevant
d
how did you clean things up?
d
The platform layer was polluted with an WebView 138. I created a new platform layer based on an os layer with just WebView 141 installed and published a new image. But shouldn't that be obsolete with the new version?
d
With 2507 your should never have to do any type of cleanup, and in fact doing so will cause more issue than fix anything. The deployment logs for the image will show which versions of WebView2 were found, and were deleted. Reviewing the logs would point us to what was removed. Also, to make the log review quicker/easier, it would be helpful to know the date and time of the image that you are saying had the extra versions of WebView2. The whole point of the feature is that you don't have to do any extra actions, and if you are doing any, then this is unexpected. The best course would be to get a support case raised with us (including the logs and the time context), so we can have a closer look at it.
4 Views
Open in Slack
PreviousNext
Powered by