Weekly highlight: With Workspace ONE Control Plane 2022.7.1.525, sensor Last Executed Date reflects timestamp for last sensor value change (89235) - The VMware team has identified that that with an update to Workspace ONE Control Plane (2022.7.1.525) the Last Executed Date for sensor samples will reflect only the timestamp for the latest change to the sensor value versus the last successful sample communication time. This change was intended to prevent duplicate samples from causing additional downstream impacts while not adding any additional insights to the displayed sensor value within the Workspace ONE UEM Console.
- The applicable use-cases of this feature are being reviewed and will be modified to account for additional scenarios in an upcoming version of Workspace ONE UEM. Please subscribe to this KB for updates as we progress on resolution of this KB.
- As an alternative to the sensors page, the troubleshooting page within the device details pane contains a filter that can be set to display a comprehensive set of sensor sample information which can be used to achieve similar use-cases around active communication and healthy device states.
- KB-Reference: https://kb.vmware.com/s/article/89235?lang=en_US&source=email
Week 32 Software Releases Windows 10 screen freeze when inactivity GPO is implemented on Horizon 7 agent machines (89256) - The following is observed:
- Horizon 7 is deployed
- GPO that locks the screen after inactivity has been applied to Horizon agent machines
- When the inactivity timeout is reached the screen freezes instead of displaying the lock screen
- The screen resets when the mouse is moved
- This is due to a partial reset of the screen when the GPO inactivity timeout is reached
- This is resolved in Horizon 8.
- As a workaround on Horizon 7, set the following registry keys:
HKLM\SOFTWARE\VMware, Inc.\VMware Blast\Config\PixelProviderGpuCompareCopy(REG_SSZ) = 0
HKLM\SOFTWARE\VMware, Inc.\VMware Blast\Config\PixelProviderGpuSingleBufferCapture (REG_SSZ) = 0 - KB-Reference: https://kb.vmware.com/s/article/89256?lang=en_US&source=email
UM-7538 Workspace ONE UEM Open Directory user attribute sync issue (89186) - For customers utilizing an Open LDAP configuration, such as Oracle Directory, without Auto-Merge enabled it is possible for user attributes to not be updated on sync and reflect correctly within the Workspace ONE UEM Console.
- The Workspace ONE team has identified has a product issue in the user attributes sync flow when UEM is integrated with an open Directory such as Oracle. This article is intended to share knowledge of this known issue along with the workaround available to mitigate the issue until a resolution is made available.
- ObjectIdentifiers are used to map external users into the Workspace ONE UEM system, this ObjectIdentifier was not associating correctly from the filter used to sync users from Open Directory when Auto Merge was disabled.
- This issue will be resolved in an upcoming version of Workspace ONE UEM. Please subscribe to this KB for updates as we progress on resolution of this KB.
- To resolve this issue enable Auto-Merge configuration under Groups & Settings > All Settings > Enterprise Integration > Directory Services > Users Tab > Advanced. User attributes are expected to be updated during the next Directory auto sync; alternatively, a manual sync can also be triggered.
- KB-Reference: https://kb.vmware.com/s/article/89186?lang=en_US&source=email
AAGNT-194623 - Work Managed enrollment fails if KNOX Container enabled (89008) - In Organization Groups where KNOX Container enrollment is enabled for Android devices, Work Managed & COPE mode enrollment fails for Android 11+ devices. Affected users see an error dialog from Hub stating:
"Because your device is running Android 10 (or a newer version), Android Enterprise is required for enrollment."
KNOX Container enrollment is managed via the Enable Container setting in the Workspace ONE UEM Console under Groups & Settings > All Settings > Devices & Users > Android > Intelligent Hub Settings. - VMware is tracking this issue using identifier AAGNT-194623 and is actively working to resolve this issue.
- Disable Groups & Settings > All Settings > Devices & Users > Android > Intelligent Hub Settings > Enable Container.
Warning: Disabling this setting may cause Android (Legacy) devices enrolled using KNOX Container mode to become unusable. - KB-Reference: https://kb.vmware.com/s/article/89008?lang=en_US&source=email
[Resolved] AGGL-12272 Delay in Products Delivery for devices using Firebase Cloud Messaging (FCM) (89187) - Products under Product Provisioning for Android devices using FCM are kept in a queued state unless the device is queried/synce
- Workspace ONE UEM 21.07 through WS1 UEM 22.03.17
- During a refactoring effort in Workspace ONE UEM 21.07, a bug was introduced that impeded the use of Firebase Cloud Messaging (FCM) as a way of communication with the device. (This is the default communication mechanism for Android devices.)
- The issue is already resolved in Workspace ONE UEM 22.03.18 and above.
- For Workspace ONE UEM version between 21.07 and 22.03.17, you could use AWCM Instead of FCM as the Push Notification Service.
Please follow the steps below :
1) Make sure devices network is allowed to communicate with AWCM endpoint. (For more detail, please refer to VMware Ports and Protocols )
2) Validate AWCM settings under Setting > System > Advanced > API > Site URLs
3) Enable "Use AWCM Instead Of FCM As Push Notification Service" under Settings > Devices &Users > Android > Intelligent Hub Settings
Note: Devices will still need to check in one time to pick up the new Notification Service change. The time taken varies based on the Heartbeat interval settings. - KB-Reference: https://kb.vmware.com/s/article/89187?lang=en_US&source=email
Horizon Client prompts for password even with Log in As Current User enabled (89209) - Log in as current user (LACU) can be set on Horizon Client for Windows in multiple locations:
In the UI under Options -> Log in as current user
From the Command Prompt with the ‘logInAsCurrentUser’ option
With the GPO, “Default value of the 'Log in as current user' checkbox”
The corresponding setting must be enabled in Horizon Console with the “Accept logon as current user” setting which is set on each Connection Server.
Continue reading in the KB for remediation steps when LACU is not working properly. - KB-Reference: https://kb.vmware.com/s/article/89209?lang=en_US&source=email
Highlighting High Priority KBs - HW-156875 - Patch instructions to address CVE-2022-22972, CVE-2022-22973 in Workspace ONE Access Appliance (VMware Identity Manager) (88438)
CVE-2022-22972, CVE-2022-22973 have been determined to impact Workspace ONE Access (VMware Identity Manager). These vulnerabilities and their impact on VMware products are documented in the following VMware Security Advisory - VMSA-2022-0014 , please review this document before continuing - Announcing end of support for device administrator (Android Legacy) in Workspace ONE UEM (80971)
To align with Google’s strategy and ensure VMware’s investment in the right long-term solution for Android, as of March 31st, 2022, VMware will no longer support device administrator-based management on Android (referred to as Android (Legacy) in the Workspace ONE UEM console). - VMware Tunnel Proxy End of Support Life Announcement (87345)
VMware is announcing End of Support Life for the Tunnel Proxy component of the VMware Tunnel solution. This will be effective January 30, 2023. - VMware Workspace ONE UEM New Control Plane SaaS Deployment Schedule (86243)
Workspace ONE UEM has undergone a complete re-architecture to modernize the platform using microservices and containers to enable increased scalability and performance and increase the rate of innovation. Now after having conducted significant and careful testing, these architecture updates, including a new control plane, will be deployed to UEM SaaS environments over the next several weeks, with options available to on-premise customers after this roll-out (Later in 2022).
Recently updated and added KBs Digital Workspace Techzone, Blog and YouTube Updates 3rd Party Blogs and Industry Updates August Software Releases Patch & Seed Script Updates Week32-2022 - OS Updates Seed Script
- Seed Script for latest Device Model Information
- Custom Script to Allow Android 12 enrollments into Workspace ONE UEM Console
|
Comments
Post a Comment