Weekly highlight: General availability of VMware Workspace ONE UEM Cloud 2206 - VMware Workspace ONE UEM Cloud 2206 is available to Shared SaaS customers as of July 26, 2022! Rollouts to Shared SaaS environments will begin next week.
- What's New?
- We have made enhancements to Device wipe! Earlier, certain BitLocker profile settings, such as "Force Encryption," could interfere with reliable device wipes. With the improvements, Enterprise Wipe and Enterprise Reset will now ensure that device wipes occur as expected.
- Get unmanaged app samples with no user session.Devices that run without a user logged in will now return app samples to properly reflect all the software installed on a PC. Previously, app samples were only sent when a user was logged in, so changes to app inventory might not be accurate.
Android - Want a simpler way to manage zero-touch Android devices? We have a solution for you!You can now navigate to a separate Google portal for managing zero-touch devices. In the Google portal, users create and edit EMM configurations, browse devices, and manage portal access. The Android EMM Registration page has a zero-touch configuration page that lets you to link and manage zero-touch settings. For more information see, Android EMM Registration
macOS - Restore a macOS 12 device with ease.You can now use a simple workflow to make a used Mac ready for another user without having to erase the entire drive and OS. Users can perform the Erase All Contents and Settings (EACS) action, just like on iOS, to erase all user data and user-installed apps from the device without having to reinstall the operating system, and easily restore a device with macOS Monterey. For more information, see Erase All Content and Settings (EACS).
- Removing an app’s System Extension profile just got easier!You can now remove an app's system extension without requiring local administrator authentication. With macOS 12, a new key feature called RemovableSystemExtension is introduced, which allows the MDM administrator to remove an app's system extensions.
Freestyle - We have improved the Workflow step messages.For troubleshooting purposes, we have enhanced the workflow details page and the workflow messages presented per step on the device details. The error messages offer information regarding the cause and components of the error. Click the hyperlink to see a detailed message model for error messages that exceed the word limit.
Using Android Delegated Scope Management through Custom Settings (89115) - With Intelligent Hub 22.07, you can now push a Custom Settings profile to delegate certain administrative permissions to other applications on Android devices. Workspace ONE UEM grants other applications access to a subset of the Android DevicePolicyManager API by delegating one or more management scopes. This capability is supported in all Android Management Modes - Work Profile, Work Managed, and Corporate Owned Personally Enabled (COPE).
- See KB for current management scopes and custom payload examples.
- KB-Reference: https://kb.vmware.com/s/article/89115?lang=en_US&source=email
Week 30 Software Releases System | Component | Release | Announcement | Release Date | Backend | Console SAAS | 22.06 | https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2206/rn/vmware-workspace-one-uem-powered-by-airwatch-2206-release-notes/index.html | 26.07.22 | iOS | Boxer | 22.07 | - KVP for Resource URL during authentication
- AccountOauthResourceURL is a new, account-based KVP, of type string.
- During end-user authentication, this KVP overrides the value of the Resource URL.
- AccountOauthResourceURL can be used with Hybrid Modern Authentication when a specific Resource URL is required.
- Workspace ONE SDK is updated to version 22.6
- Workspace ONE Boxer 22.07 uses an updated Workspace ONE SDK version.
- Accessibility and UI Improvements
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-iOS.html | 25.07.22 | macOS | Mac OS Tunnel (standalone) | 22.06 | - Resolved Limitation: Delete device command issued from the UEM console now removes the Tunnel configuration on the device.
- Requires Workspace ONE UEM Console 2204.0.6 and UAG 2207.
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Tunnel-for-macOS.html | 25.07.22 | Windows | Tunnel Win10 (standalone) | 3.1 | - Resolved Limitation: Added support for client initiated unenrollment workflow.
- Resolved Limitation: Delete device command issued from the UEM console now removes the Tunnel configuration on the device.
- Requires Workspace ONE UEM Console 2204.0.6 and UAG 2207.
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Tunnel-for-Windows.html | 25.07.22 | Android | Launcher | 22.07 | - ALAU-171976: Enhance Launcher Application Icon
As part of our continued efforts to enhance Launcher User Interface, we have enhanced how applications icons are displayed within Launcher. With this release, the white circular border around the application icon is removed; this should help the icons look more polished and easier to see. - ALAU-171986: Hiding ‘Settings’ in Single App mode via Custom XML has no effect
- ALAU-171675: Usage Access permission was incorrectly blocked in skip-COSU mode
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Introducing-VMware-Workspace-ONE-Launcher-for-Android.html | 26.07.22 | Android | Boxer | 22.07 | CBA (Certificate-Based Authentication) with Modern Authentication from Workspace ONE Boxer to Microsoft Teams and Zoom Meetings - OnlineMeetingsCBAEnabled is a new, account-based KVP, of type bool.
- If the KVP is activated, CBA is used for end-user authentication instead of username and password when the end user is redirected to Microsoft Teams and Zoom Meetings.
Workspace ONE SDK is updated to version 22.6 - Workspace ONE Boxer 22.07 uses the updated Workspace ONE SDK version.
Bug Fixes https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-Android.html | 26.07.22 | Windows | Workspace ONE Intelligent Hub for Windows 10 | 22.06 | SFD - Support of Nomad 1E for enhanced P2P functionality
- SFD Logging Improvements - Log collection restrictions that existed previously have been removed, the end users irrespective of an admin or not, can now collect the SFD logs locally from the Hub app.
Hub - App samples with no user session
- Allow User to uninstall apps via Hub catalog
Note: Requires Hub Services 22.07 release - Hub Web Links in Windows Hub
- Bitlocker - Force end user to enter the pin/password in the Hub prompt
- Hub logging improvements
Note: Log collection restrictions that were introduced in 22.03 release have been removed, the end users irrespective of an admin or not, can now collect the Hub logs locally from the Hub app.
This release also addresses several bugs identified in previous releases, as well as sets a foundation for upcoming features in subsequent releases. https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Workspace-ONE-Intelligent-Hub.html | 27.07.22 | Android | Hub | 22.07 | - Management of Android 13 is now supported
- Hub can now Delegate Management Scopes to other Apps
- Support for Google Conditional Access
- New Source of Authentication switching
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/Introducing-VMware-Workspace-ONE-Intelligent-Hub-for-Android.html | 29.07.22 |
Recommended practices when uploading large-size applications in Workspace ONE UEM Console (89076) - In adoption of modern management and software distribution, the team has noticed an increase of size for in-house application/software, new sets of challenges are presented when trying to upload large application files to Workspace ONE UEM Console.
This article will discuss the settings/configs for SaaS Workspace ONE UEM console. - As of Workspace ONE UEM 2204, Internal App File Upload is broken down into two parts:
Chunk Upload Phase: - During this phase, your browser will break the file into chunks (10MB each) and send a ChunkUpload request to UEM console per chunk.
- This is where you see the upload percentage bar moving.
Blob Upload Phase: - Once reaching 100%, there are some additional steps on the backend to complete the full upload
- UEM console will first combine the chunks and create a local cache on Console Server.
- UEM console will then copy the cache file to corresponding File Storage Server and Origin Server to storage and CDN usage.
- More information in KB https://kb.vmware.com/s/article/89076?lang=en_US&source=email
Horizon Instant Clones go into ERROR state after session logoff (89136) - The following is observed:
- Horizon 2111 is deployed
- NSX deployed
- When users logoff of Horizon Instant Clones desktop sessions the machines go into Maintenance Mode followed by ERROR state in the Horizon Console
- Once the desktop is in ERROR state, observing the virtual machine from the vCenter Console shows that the VM is powered off and the NSX network is disconnected from the network adapter
- This issue occurs because the Horizon clone is missing the property "opaqueNetworkType: nsx.LogicalSwitch".
- This issue is resolved in Horizon 2203 (8.5).
- Workaround in KB https://kb.vmware.com/s/article/89136?lang=en_US&source=email
Highlighting High Priority KBs - HW-156875 - Patch instructions to address CVE-2022-22972, CVE-2022-22973 in Workspace ONE Access Appliance (VMware Identity Manager) (88438)
CVE-2022-22972, CVE-2022-22973 have been determined to impact Workspace ONE Access (VMware Identity Manager). These vulnerabilities and their impact on VMware products are documented in the following VMware Security Advisory - VMSA-2022-0014 , please review this document before continuing - Announcing end of support for device administrator (Android Legacy) in Workspace ONE UEM (80971)
To align with Google’s strategy and ensure VMware’s investment in the right long-term solution for Android, as of March 31st, 2022, VMware will no longer support device administrator-based management on Android (referred to as Android (Legacy) in the Workspace ONE UEM console). - VMware Tunnel Proxy End of Support Life Announcement (87345)
VMware is announcing End of Support Life for the Tunnel Proxy component of the VMware Tunnel solution. This will be effective January 30, 2023. - VMware Workspace ONE UEM New Control Plane SaaS Deployment Schedule (86243)
Workspace ONE UEM has undergone a complete re-architecture to modernize the platform using microservices and containers to enable increased scalability and performance and increase the rate of innovation. Now after having conducted significant and careful testing, these architecture updates, including a new control plane, will be deployed to UEM SaaS environments over the next several weeks, with options available to on-premise customers after this roll-out (Later in 2022).
Recently updated and added KBs Digital Workspace Techzone, Blog and YouTube Updates 3rd Party Blogs and Industry Updates
July Software Releases Patch & Seed Script Updates Week30-2022 - OS Updates Seed Script
- Seed Script for latest Device Model Information
- Custom Script to Allow Android 12 enrollments into Workspace ONE UEM Console
|
Comments
Post a Comment