Entitlement Access is now recognized for virtual desktops in Citrix on-premises environments

IT Asset Management version 2023 R2.2

IT Asset Management has been enhanced to now recognize Entitlement Access for virtual desktops in Citrix on-premises environments. This improves recognition of software installed on non-persistent VDIs (virtual desktop infrastructure), giving you much better visibility into your on-premise Citrix estate.

Tip: A Delivery Group in Citrix is the mechanism that controls what users can access. Users can access virtual desktops, specific applications, or both. Within a Delivery Group, there are two levels of access that can be given to users. Delivery group access which is defined in the Access Policy and virtual desktop access which is defined in the Entitlement Policy. Users defined in the Access Policy are given access to the entire Delivery Group, however, granular permissions within the Delivery Group can be applied. The Entitlement Policy defines a set of users that are specifically able to launch virtual desktops within the Delivery Group. In order to access a virtual desktop, the user has to be included in the Access Policy as well as the Entitlement Policy. If a user has only been defined in the Access Policy, they will have access to application(s) but are not permitted to access a virtual desktop.

Prior to this change, only users defined in the Access Policy within a Delivery Group were queried, and those users were considered to have virtual desktop access. As a result, IT Asset Management purported inaccurate data.

That's no longer the case with this enhancement. The FlexNet Beacon has been updated to now query both the Access Policy and Entitlement Policy per each Delivery Group that can stream applications and virtual desktops. Following the FlexNet Beacon connecting to the Citrix XenDesktop server, only users who have access to both the Access Policy and Entitlement Policy within the Delivery Group are considered to have access to virtual desktops. Subsequently, all available software installed on non-persistent VDIs will be mapped across to IT Asset Management and displayed against those users in the UI.

Note: Permitting access to both Delivery Group and virtual desktops can be achieved through a combination of applying the Allow any option on the Delivery Group and restricting user access at the desktop level or vice-versa. Selecting the Allow any option on both the Access Policy level and Entitlement Policy level is not supported by IT Asset Management. Product documentation for how to manage Entitlement Access for virtual desktops in Citrix is available in the Manage Delivery Groups topic in the Citrix Online Help.

After the FlexNet Beacon has retrieved the Citrix virtual desktop data, you can view and report on it by running the Citrix Virtual Desktops Installer Evidence and Citrix Virtual Desktop File Evidence reports.

IT Asset Management (Cloud)

Current