VMware Digital Workspace Newsletter - Week 24

Image
                    Week 24 -  2022             Weekly highlight:   [Resolved] AMST-34805: Workspace ONE UEM User-Context commands remain queued for certain re-enrolled Windows Devices (88723) There are two types of MDM enrollment for Windows devices: AAD enrolled (e.g. Windows OOBE) Non-AAD enrolled (regular MDM enrollment) For AAD Enrolled devices, during device check-in, the check-in request contains an unique token for the Device Services (DS) to identify the user identity. DS will only pass user-context commands to the device if current login user matches the associated AAD user record in UEM console. For Non-AAD Enrolled devices, check-in request will not include the aforementioned token and only indicate check-in context through an additional param: maintenance mode: check-in happens when there is an active enrolled user login. machine mode:  check-in happens in the System context and the system does not have access to the user's profile. In this scenario, UEM will hold off

Week 51 - VMware Digital Workspace Update

 






Weekly highlight: 

 

Log4j vulnerability updates CVE-2021-44228 – VMware Digital Workspace Products




Software Releases Week 51 - Release Notes


System

Component

Release

Announcement

Release Date

Android

WS1 Launcher Android 21.10

None

Jul 30, 2021

System

App Volumes 2.19

None

Dec 21, 2021

Backend

WS1 UEM Console 2109

None

Dec 22, 2021

Android

WS1 Intelligent Hub for Android 21.11

  • ROLLOUT HALTED

  • Prior Version is Installed: Direct end users to update the app when prompted. The application seamlessly updates over the existing application version without disrupting device enterprise functionality.

  • Prior Version is Not Installed: Direct end users to download it from the Google Play Store.

None

Jan 03, 2022

Updates to the recent Security breaches


ENRL-1714: New user is unable to enroll the device even when there is a registration record existing for the user and when same device is used for enrollment (87175)

  • Version- Workspace ONE UEM 2102 onwards
    Set the Device Enrollment Mode to ‘Registered Devices Only’ and register a device to end user, upon enrollment the registration record was getting updated with all the device identifiers due to this device re-enrollments was getting blocked when device is re-set as UDID gets changed.

  • This is caused because device identifiers were getting updated in device registration record when device was enrolled to User A and when User B was trying to re-enroll the same device enrollment was blocked as the device was registered to User A. 

  • Customer was not able to re-enroll the devices without deleting the old record or manually updating the device registration record. 

  • Resolution: Device registration record will not be updated with device Identifiers unless admin specifies it at the time of creating a registration record and same will be retained when user un-enrolls or deletes a device from console. 

  • Workaround: Delete the device registration record created for User A or modify the registration record created for User A and remove the device identifier from the registration record.

  • KB-Reference: https://kb.vmware.com/s/article/87175?lang=en_US


Native Check In Check Out may not display notification to create a device passcode (87203)

  • When checking out a device with Native Check In Check Out, the user may not receive a notification to create a passcode.

  • The notification to create a passcode will show up only after the Managed Google account is created, which may not happen automatically until the user first clicks the notification to create the Managed Google account.

  • https://kb.vmware.com/s/article/87203?lang=en_US


Workspace ONE Intelligence shows international i18n characters in report export (86395)

  • Workspace ONE Intelligence reports do not display non-English characters (e.g Chinese) properly in downloadable/CSV reports. Although, the same data is displayed correctly in Workspace ONE UEM report.

  • This is as designed. Please refer to the workaround to resolve this issue: https://kb.vmware.com/s/article/86395?lang=en_US


VMware Workspace ONE Digital Experience for macOS GA

  • We are very excited to bring our experience management offering to the macOS platform. Leveraging Workspace ONE beyond device management for hybrid desktop communities is a focus and priority for customers and the team behind this offering.

  • DEEM harvests telemetry from desktop devices and provides insights to take predictive actions. The Workspace ONE Intelligent Hub gets the data from devices and sends it to Workspace ONE Intelligence for display and interaction on the Devices and Apps dashboards. Listing of specific telemetry categories is provided in a data definition format here.

  • You can view and manipulate the data in modules. Focus your analysis to predict issues and to mitigate and fix problems. In the Desktop Device Dashboard module, find three tabs; Overview, Performance, and Errors. Additionally, customers can build custom dashboards, widgets, and reports to target specific scenarios or KPIs for their own environments.

  • More info: https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/vmware-workspace-one-digital-experience-for-macos-release-notes/index.html


Workspace ONE UEM Console : Licenses page scheduled for deprecation (81706)

  • Starting in Q1 2022, the Licenses page will be deprecated. The Licenses page can be viewed by navigating in the Workspace ONE UEM Console to All Settings > Admin > Licenses.  This is only visible to users with the role of AirWatch Admin and System Admin, limiting the deprecation to On-Premise and Dedicated SaaS customers (as no Shared SaaS customers are permitted to hold these roles). 

  • The Product Team is working towards developing an alternative space in the Workspace ONE UEM Console to display device counts for the future use of our customers.

  • KB-Reference: https://kb.vmware.com/s/article/81706?lang=en_US


AAGNT-193634: Android 11+ devices may not install certs used for WiFi authentication correctly (87128)

  • When installing certificates for Wi-Fi authentication, depending on the device manufacturer one of the required certificates may not install correctly in some situations.

  • All versions of Intelligent Hub on Android 11 and newer devices

  • The Workspace ONE Product Team is actively working with Google to identify and resolve this issue.

  • here is no known reliable workaround for this issue.

  • KB-Reference: https://kb.vmware.com/s/article/87128?lang=en_US


Change in the behavior of Tag API for Workspace ONE UEM (85567)

  • V1 Version:
    In the upcoming releases of Workspace ONE UEM, there will be a change in the behavior of Tag API “tags/{tagId}/devices?LastSeen={lastSeen}" to consider Device Last Seen instead of Tag Added Date.
    There won't be any changes to the API request or API response:

    • API response
      {
          "Device": [
              {
                  "DeviceId": 11,
                  "FriendlyName": "vm3 test device",
                  "DateTagged": "2021-07-27T11:28:42.930",
                  "DeviceUuid": "00000000-0000-0000-0000-000000000000"
              }
          ]
      }

  • V2 Version: The V2 version of the API is having pagination for “retrieve devices for a tag”.TagUUID is passed to API instead of TagID. The batch size of the API is 100.

    • API call : /api/mdm/tags/C2802BCE-74DB-4F5D-8394-71F3F96D853D/devices?page=1&pagesize=1
      api body : {
          "devices": [
              {
                  "device_id": 15593,
                  "friendly_name": "user1_4d13f94b-230d-4519-959a-7efbbdaf38e6  iOS 10.0.0 B62C\"John\" \"Doe\"10869212-d0cd-46bf-90e5-7a97eeef48412798712754978100.0.0.0",
                  "date_tagged": "2021-12-01T04:04:15.96",
                  "device_uuid": "7420b444-d316-419c-ad9f-291ac9988e01",
                  "device_last_seen": "0001-01-01T00:00:00"
              }
          ],
          "total": 1,
          "_links": {}
      }

  • The only change with this API is LastSeen parameter which was considering Device TAG date. It will be considering device last seen date with this change in future releases.


2022 VMware Workspace ONE UEM Maintenance (81448)

  • The table in the KB outlines the VMware Workspace ONE UEM® standard maintenance schedule for all SaaS environments in 2022.  All times are Eastern Standard. 

  • Please subscribe to regular updates and potential changes.

  • https://kb.vmware.com/s/article/81448?lang=en_US


VMware Techzone, YouTube and Blog Updates


Blog, 3rd Party and Partner Updates

Beta, Early Adopter and Lab Projects

  • Container-wide Tunnel for Android Enterprise Technical Preview

    • Introducing Container-wide Tunnel for Android Enterprise (Technical Preview)

      • Tunnel on Android now supports tunneling all device traffic within the AE container regardless of source application in both Work Managed and Work Profile modes.

      • This may be used by customers still transitioning to Zero Trust access architectures enabled with per-app tunneling.

      • Enabling container-wide tunneling on Android devices requires UEM console 2111+.

    • Running 12/17/2021 - 1/10/2022


December Software Releases

System

Component

Release

Announcement

Release Date

Backend

Console OnPrem

21.09

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2109/rn/Workspace-ONE-UEM-2109-Release-Note.html

23.12.21

Backend

Console SAAS

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2111/rn/vmware-workspace-one-uem-2111-release-notes/index.html

07.12.21

Backend

UAG

2111.1

https://docs.vmware.com/en/Unified-Access-Gateway/2111.1/rn/unified-access-gateway-21111-release-notes/index.html

16.12.21

Backend

WS1 Intelligence

21.12.07

https://kb.vmware.com/s/article/86321?lang=en_US

07.12.21

Backend

Assist

21.09

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Workspace-ONE-Assist.html

02.12.21

Backend

WS1 Access OnPrem

21.08.0.1

https://docs.vmware.com/en/VMware-Workspace-ONE-Access/21.08/rn/VMware-Workspace-ONE-Access-2108-Release-Notes-On-Premises.html

09.12.21

Backend

Hub Services SaaS

December 2021

https://docs.vmware.com/en/VMware-Workspace-ONE/services/rn/Workspace-ONE-Hub-Services-Cloud-2021-Release-Notes.html#about

09.12.21

iOS

Hub

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Workspace-ONE-Intelligent-Hub-for-iOS.html

14.12.21

iOS

Boxer

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-iOS.html

16.12.21

iOS

Web

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Web-for-iOS.html

15.12.21

iOS

Content

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Content-for-iOS.html

15.12.21

iOS

Workspace ONE SDK SWIFT

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-SDK-for-iOS--Swift-.html

03.12.21

iOS

Notebook

21.08.1

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Notebook-for-iOS.html

15.12.21

Android

Hub

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Introducing-VMware-Workspace-ONE-Intelligent-Hub-for-Android.html

14.12.21

Android

Boxer

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-Android.html

14.12.21

Android

Web

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Web-for-Android.html

10.12.21

Android

Content

21.12

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workpace-ONE-Content-for-Android.html

09.12.21

Android

Notebook

21.08.1

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Notebook-for-Android.html

14.12.21

Android

Launcher

21.10

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Introducing-VMware-Workspace-ONE-Launcher-for-Android.html

21.12.21

Android

SDK

21.11

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-SDK-for-Android.html

09.12.21

Windows

Tunnel Win10

2.1.5

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Tunnel-for-Windows.html

13.12.21

Windows

Drop Ship Provisioning bundle

2.0

https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/Provisioning_WorkspaceONE/GUID-9CE2ADE1-D73E-4693-812F-4281BEB0EC72.html

06.12.21


Patch & Seed Script Updates Week 51




  • Workspace ONE UEM 21.09

    • Patch Level: 21.9.0.15

    • AMST-34765: Dropship Provisioning Staging user creation, Revoke token and sync button fixes.

    • CMCM-189505: Uploading large PDF files will cause the Web Console to become inaccessible.

    • CRSVC-25524: Remove the usage of the encrypted URL query parameter.

    • CRSVC-25792: Time Window - Time Window is not correctly updated when the Locale of the Console Administrator is set to Non-US.

    • CRSVC-25839: New enrollments of Boxer fail to connect to on-premises Exchange through SEG after Workspace ONE UEM 2109 upgrade.

    • UM-7244: Patch fails due to existing back up tables- Rename the back up tables to be more unique.

    • Docs-Reference: https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2109/rn/Workspace-ONE-UEM-2109-Release-Note.html#21-9-0-13-patch-resolved-issues-resolved

    • Last Update: CW51



Comments

Popular posts from this blog

Workspace ONE | Use ADFS as an Identity Provider in Workspace ONE Access with JIT

Configure Shared iPad for Apple Business Manager in Workspace ONE

Simon's recommended VMworld 2021 sessions