• 28 Sep 2023
  • 12 Minutes to read
  • Dark
  • PDF


  • Dark
  • PDF

Article Summary

This version is no longer supported, please upgrade to the latest version

Support lifecycle for the Liquit Workspace product is available here.



  • Okta connector can be created as push connector which isn’t supported.
  • Action sets order can be changed when applying update from Liquit Setup Store.



  • Add support for Private Network Access RFC for browsers.


  • System Updates sometimes incorrectly reports that no update is queued for a server.



  • Action Uploaded RDP file without agent result in wrong file extension.
  • The title of a package is double escaped in an error dialog.



  • Manage zone option will always open the target zone with HTTP.
  • Agent Deployment can fail for some non-latin languages.



  • PowerShell cmdlet Get-LiquitScheduledTask isn't working when a monthly schedule is used.
  • Binded certificate to web server can sometimes fail to be removed.
  • Possible to switch primary zone to a disabled zone.
  • Possible to disable primary zone.
  • Possible to disable currently logged on zone.
  • Permissions doesn’t work when assigned to a Azure AD non security group.



  • BI client is updated to the latest version.
  • Reporting dashboard is not available anymore within the launcher, a browser will be opened to display the dashboard.


  • Workspace doesn't load when shortcut names have special symbols in them.
  • Device based deployments could generate a cosmetic 'A deployment is already inprogress.' error message.



  • Optimized license report calculation.


  • Permissions created though 'Create admin' (recover) can't be edited within the destination zone.
  • Save button on 'Storage Settings' doesn't enable after using 'From SAS URI' dialog.



  • PowerShell cmdlets do not support task status continue.
  • Able to access unauthorized zone information when target zone has LOCAL\everyone admin permissions set.



  • PowerShell cmdlets do not support task status continue.
  • Able to access unauthorized zone information when target zone has LOCAL\everyone admin permissions set.



  • ACME client doesn't respect Let's Encrypt rate limits, which can cause errors while requesting new certificates.



  • 'Create package' under connector resources doesn't respect package permissions.
  • Deployments with other then production stage is not working.
  • SameSite is set for SID cookie even for non-secure connections.



  • Action Set filters are executed for every action instead once for an action set.



  • Action 'Uninstall package' ignores specified stage and uses 'Production'.
  • The 'Managed' column is always false in the export of packages overview.
  • Long tag names are not correctly wrapped within the workspace.
  • PowerShell module handles a request to stop as error.



  • Agent refresh error might occur on the server when user cancels a credential prompt.
  • Entitlement cannot be removed after added within the package creation wizard.
  • Unable to correctly select a variable within the auto complete by mouse.
  • Unable to update server description field.
  • Workspace portal is missing buttons when embedded within an iFrame.



  • 'Clean devices' doesn't properly follow configured settings which can result in devices being deleted that are still in use.



  • Unable to restore missing Azure Blob file when Shared Authentication Signature is used.
  • Scheduled task Clean Devices can produce a 'Dal_Referenced error'.
  • Scheduled tasks can lose the next run value and stop executing at the planned time.
  • Remembering last open tab on workspace can break by locking other settings.



  • ShellAPI package distribute/install fails when primary shortcut is disabled.



  • Mail settings test button stuck in disabled mode after changing settings.
  • Packages with a distribution action set and a custom repair action set will trigger reinstall after repair.
  • Native icons option on an entitlement is hidden after switching between publish options for a context.



  • AVD connector creates packages of the type 'AVD' instead of the old 'WVD'.


  • Catalog trending and popular aren't working as expected.
  • Content Security Policy ignores Serverless Direct Access option.
  • Copying managed package results in the new package shortcuts still being marked as managed.
  • Personal packages can't be deleted when the catalog isn't available to the user.
  • Creating connector resources with a name ending with '(x)' generates an error.
  • Removing a newly added member to a team without saving in between results in a stuck confirm dialog.
  • Agent xml configuration option StartConnected is broken.



  • Added support for Client Info to OAuth 2.0 / OpenID Connect identity provider.


  • Certificate dependencies are not always shown.
  • Webserver is not reloaded when an existing certificate is updated that is used by a zone.
  • Additional package shortcuts are not correctly preserved for offline mode.
  • Nonce could be ignored by OAuth 2.0 / OpenID Connect identity provider.
  • Some CORS headers could be blocked by OAuth 2.0 / OpenID Connect identity provider.



  • Package events does not work when primary shortcut is disabled and package is published within user's Workspace.
  • System.IndexOutOfRangeException exception for 3.8 and lower agents during refresh when a package with the NetworkChange event is configured.
  • System.NullReferenceException exception when double clicking on the Liquit tray icon when server is not configured within the agent.xml.
  • Deployments selection screen can show removed deployments when it was seen earlier by the agent.
  • System.NullReferenceException occesionally occurs during an agent refresh in the server log.



  • Action OpenURL can fail from version 3.8.2608.



  • User login and logout events do not work for newly installed agents.



  • New-LiquitZone and Get-LiquitZone can fail with a 'Value is not of an enumerable type' message.
  • Edit text/ini triggers a JavaScript error when no file is specified.
  • Failed field validation on another dialog tab would show an error instead of receiving the focus.



  • Package action 'INI edit' doesn't recognize keys that have whitespace around them.
  • Package action 'INI edit' can leave duplicated data at the end of the file.
  • 'Install Windows App' is wrongly translated in Dutch as 'Uninstall Windows App'.
  • Unable to edit Identity sources with Token Exchange enabled though PowerShell.
  • Unable to change zone certificate if the current certificate is not from the same zone.



  • A connector running on a satellite server can give access denied messages.
  • Unable to save changes to LDAP authentication methods when using an empty secret for federation.
  • Unable to search for a number within the workspace.
  • Sometimes after approving a requested catalog item, a user still needs to press the 'Get' button.



  • PowerShell Cmdlet Get-LiquitZone can fail when no ACME contacts are set.



  • PowerShell cmdlets don't set return value to null when an exception occurs.



  • Automatic certificate renewal (ACME) could fail to renew certificate in time.



  • Support for ID Token with OAuth federation for identity sources.



  • Unable to save context filters when 'HTTP Header Value' filter is used.
  • Cannot insert an Azure Blob Storage SAS query within the launcher under Storage Settings.



  • Implement HTTP cache control for the REST API.
  • Added a configuration option to switch user autolaunchable between User Login and Liquit Login events.


  • Detach Virtual Disk action doesn't always work when using wildcard in the mount point field.
  • Export a grid as Excel doesn't work in some cases.
  • Export button doesn't work for identity provider and certificate grids.
  • When adding a new package entitlement to a user it will not always be shown in the grid until a manual refresh.
  • A script error can occur when opening the report dashboard within the Liquit Launcher.
  • Context filter can fail when using a single quote in an input field.
  • WMI query and WMI query count filters are not functioning correctly.



  • Support for automatically closing the Liquit Browser after a specified time.
  • Support for pages that have CORS restrictions on hidden Open URL actions with the agent.


  • When user enables auto launch on a package that is also configured with an Liquit Login event will trigger the package twice.
  • Deleting an action within a package the confirmation dialog doesn't close after clicking "Confirm".
  • Saving the overview page on a zone the form will not unlock for further modifications.



  • Improve Server performance when handling a large amount of concurrent HTTP requests.
  • Increase clean content task interval to every 60 minutes on Satellite Server instead of per minute.
  • Updated connector name from Microsoft WVD to Microsoft Azure Virtual Desktop.
  • Updated EULA to July 2021 version.


  • Cancel button within user portal triggers confirmation dialog.
  • Pairing a new zone on a Satellite Server ignores initial "connector" and "content" settings.



  • Shortcuts could use a white icon on the Desktop/Taskbar/Start Menu.
  • Desktop/Taskbar/Start Menu icons are not updated when icon is updated within packages.
  • Possible to click twice on a delete action while delete operation is still in progress in the background.
  • Extra white space between some checkboxes within Setup Store wizards.
  • Unable to add/update personal package if a non-image file is selected as icon.
  • Latest iPadOS is not detected as iOS.
  • Missing delete/download option for uploaded icons.
  • Unable to see full name of entities with long names in the results of a quick search.
  • Liquit PowerShell cmdlets will not be able to retrieve more than 2000 objects from a server running 3.8.


This update is only available within the Liquit Setup Store to fix an issue when creating/updating the Liquit Workspace Agent (using 3.8.2471).


  • Incorrect handling of the default launcher setting could cause the Liquit Launcher to be disabled after installing/updating Liquit Workspace Agent 3.8.2471 through the Setup Store connector.



  • ACME client might fail requesting new certificates.



  • New-PackageSnapshot PowerShell cmdlet fails to create a snapshot.
  • Default tab setting always reverts to "Filters" even when something else is configured.
  • Agent refresh could fail if a package dependency no longer exists.



We have improved the overall performance of Liquit Workspace. Larger environments (10.000 user/devices and over) will especially notice and benefit from this. Searching, sorting and filtering in the management interface are made faster. The performance enhancements will also affect the following:

  • Reduced load on the SQL servers (CPU / disk / network)
  • Time needed to refresh the agent is reduced
  • CPU load on the Liquit Workspace Servers is reduced

New Filter Options

Support for Deployments

We have added the possibility to use filters on deployments, this allows you to use an even more extensive set of filters to manage your deployments aside from contexts. For an extensive list of all filters which have been made available for deployments, see Filters.

The big benefit of this new feature is that it allows for deployments to become available based on file or registry information on the local device.

WMI Query on Filters

Administrators can create conditions that are stored within WMI. We have now made it possible to add filters to packages and deployments that allow you to define WMI queries and filter on its results.

WMI queries offer additional values you will be able to filter on, these include but are not limited to:

  • CPU load
  • Filter on hardware drivers
  • Memory capacity
  • Battery status
  • CPU info
  • OS information

Access & Security

Radius OTP

RADIUS is used in a wide range of authentication scenarios, to ensure multi-factor authentication in Liquit Workspace, we now support all RADIUS authentications flows.

In addition to the challenge response method, we have added the One Time Password method to this release. The OTP method will directly use the username and token code and for authentication.

ACME client

The Automated Certificate Management Environment (ACME) client is a brand-new addition to Liquit Workspace. ACME allows for certificates to be automatically renewed. This ensures that certificates will not expire by either forgetting to renew or replace certificate(s) manually within the Liquit platform.

We support “Let’s Encrypt” whose certificates are valid for 90 days and are free of charge. After 60 days, a new certificate will be requested automatically. When the certificate renewal does not complete successfully for any reason, IT will be automatically notified by email.

This new feature is extremely relevant for organizations that manage many zones in Liquit.


  • Reduced end-user disruption because of expired certificates
  • Less administrative work for IT

License Management

License key in license management

We have added an extra field where you can enter the license key that is associated with a particular license. You can use these license keys in a dynamic variable that uses the license object's license key field as a value. This can be useful to use a license key that has been defined on a license and use the key within actions of a package, for example to either install or register the license key with the software using (dynamic) variables.

Setup Store Enhancements

CVE information

CVE, short for Common Vulnerabilities and Exposures are publicly disclosed security flaws. The new release now features an overview of all CVE numbers that have been assigned to a setup or update in the Setup Store connector. This list is displayed when you create or update a package via the Setup Store connector.

Enhance Packages for Setup Store Connector

It is often valuable to have more information added to your packages. We now offer enrichment of packages that have been created with the Setup Store Connector. The following fields are automatically provisioned for your managed package: Excerpt, Description and Website.

The Setup Store connector now provisions the excerpt, description, and website fields for managed packages.

Satellite Server

Content support for the Satellite Server

Content replication has been added for the Satellite Servers, allowing you to install satellite servers on branch locations and enable the content replication feature. Agents download content from the Satellite Server instead of the Primary Servers. This ensures that content is only downloaded once for a Satellite server within a single branch instead of all devices downloading content from the Primary Servers over the internet.

Custom content sources for agents

Define content sources to use for agents instead of downloading content from the Primary Servers. Agents can now download content from Satellite servers or network shares instead. Content sources can be configured globally within a zone or can be overridden within contexts to allow serving content closer to the agents.

All Other Features

Custom program start-up parameters for personal packages

End-users can add personal (local) applications, files, or website to their Workspace. For power users we now offer the option to define program parameters on the advanced tab of a personal package. This feature has been created to allow for additional user defined startup parameters for an application.

Package Snapshots

Do you want to know who changed and/or published a package to a certain stage? Liquit Workspace 3.8 shows the person that has modified the snapshot of a package.

Visual indication when a manual refresh is triggered in the Liquit Launcher

Refresh actions in progress will now be indicated with a spinner visual in the Liquit Launcher. It will show when using the F5 function or triggering Refresh from the Tray Icon.

Azure AD non-security groups

Liquit Workspace is now able to use non-security groups provided in the Azure Active Directory. This allows Microsoft 365 groups or distribution lists to be used for publishing applications or defining contexts.

This feature is available with the Liquit Access Manager license.

Direct Access for Azure Blob Storage without an agent

Azure Blob Storage can now be configured with the Direct Access feature enabled for web clients that do not have a supported agent installed. Direct Access feature redirects clients to obtain media/content/files from the Azure Blob Storage directly. Instead of using Primary Servers to serve the content.

Was this article helpful?

What's Next