Weekly highlight:
General availability of VMware Workspace ONE UEM Console 2206
- VMware Workspace ONE UEM Console 2206 is available to Dedicated SaaS and on-premise customers as of August 15, 2022! Shared SaaS Rollouts are covered already.
- What's New?
- Console
- We have made enhancements to Device wipe! Earlier, certain BitLocker profile settings, such as "Force Encryption," could interfere with reliable device wipes. With the improvements, Enterprise Wipe and Enterprise Reset will now ensure that device wipes occur as expected.
- Get unmanaged app samples with no user session.Devices that run without a user logged in will now return app samples to properly reflect all the software installed on a PC. Previously, app samples were only sent when a user was logged in, so changes to app inventory might not be accurate.
Android
- Want a simpler way to manage zero-touch Android devices? We have a solution for you!You can now navigate to a separate Google portal for managing zero-touch devices. In the Google portal, users create and edit EMM configurations, browse devices, and manage portal access. The Android EMM Registration page has a zero-touch configuration page that lets you to link and manage zero-touch settings. For more information see, Android EMM Registration
macOS
- Restore a macOS 12 device with ease.You can now use a simple workflow to make a used Mac ready for another user without having to erase the entire drive and OS. Users can perform the Erase All Contents and Settings (EACS) action, just like on iOS, to erase all user data and user-installed apps from the device without having to reinstall the operating system, and easily restore a device with macOS Monterey. For more information, see Erase All Content and Settings (EACS).
- Removing an app’s System Extension profile just got easier!You can now remove an app's system extension without requiring local administrator authentication. With macOS 12, a new key feature called RemovableSystemExtension is introduced, which allows the MDM administrator to remove an app's system extensions.
Freestyle
- We have improved the Workflow step messages.For troubleshooting purposes, we have enhanced the workflow details page and the workflow messages presented per step on the device details. The error messages offer information regarding the cause and components of the error. Click the hyperlink to see a detailed message model for error messages that exceed the word limit.
- Release Notes: https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2206/rn/vmware-workspace-one-uem-powered-by-airwatch-2206-release-notes/index.html
- KB-Article: Introducing Workspace ONE UEM 2206 (89108)
Week 33 Software Releases
System | Component | Release | Announcement | Release Date |
Backend | Console OnPrem | 22.06 | Console
Android
macOS
Freestyle
| 16.08.22 |
iOS | Content | 22.08 | · Content MIME type · Additional header parameter for the documents for better security and filtering of documents by enterprise admins · Support for Long names · Updated the experience to show long names of files, repositories etc without needing user to do additional clicks | 17.08.22 |
Android | Web | 22.08 |
| 16.08.22 |
Gartner® Magic Quadrant for UEM Tools & Gartner® Critical Capabilities for UEM
- VMware named as a LEADER in 2022 Gartner® Magic Quadrant™ for UEM Tools and has received HIGHEST scores in 4 out of 4 Use Cases in 2022 Gartner® Critical Capabilities for UEM Tools.
- Download the reports to learn more: https://bit.ly/3JNzipG
- VMware Blog: VMware named a Leader in 2022 Gartner® Magic Quadrant™ for UEM Tools and received highest scores in 4 out of 4 Use Cases in 2022 Gartner® Critical Capabilities for UEM Tools
Android 13 is GA as of August 15th
- Android 13 is GA as of August 15th and now available for Google Pixel devices
- Getting Ready for Android 13 (88379) (88379)
- VMware Workspace ONE UEM is ready for Android 13
AAGNT-195041 - Certificates incorrectly installed for WPA2 Enterprise WiFi for Android 11+ (89264)
· When organizations push WiFi profiles that use certificates for authentication, Android 11+ devices may fail to connect to WiFi. Specifically, this can occur if the following criteria are met:
1. Organization uses Workspace ONE UEM Console 2109 or higher
2. In the WiFi payload:
a. Security Type is set to WPA/WPA2 Enterprise
b. An Identity Certificate is selected from a Credentials payload in this profile. In said Credentials payload, Credential Source is set to Defined Certificate Authority.
- More details in KB https://kb.vmware.com/s/article/89264?lang=en_US&source=email
AMST-35941 - Workspace ONE UEM - Unable to Click on Save after modifying an existing application assignment for Windows internal applications (88878)
- You may experience a problem with saving changes to existing assignments for Windows internal applications as the Save button may be unresponsive after you've modified the assignment.
- Workspace ONE UEM 2203
- Our Product team has been notified and is working to address this in a timely manner.
- Workaround: Edit the existing assignment for the application and toggle the "Override Reboot Handling" switch on and off again thus allowing the assignment to be saved.
- KB-Reference: https://kb.vmware.com/s/article/88878?lang=en_US&source=email
Microsoft Windows Defender falsely classifies Horizon Agent's glib.dll as Trojan Malware. (89162)
- This article describes the false-positive alert for Horizon Agent displayed by Microsoft Windows Defender version 1.371.1173.0.
- As part of the remdiation operation, Microsoft Windows Defender version 1.371.1173.0 deletes the Horizon Agent glib dll file (C:\Program Files\Common Files\VMware\Remote Experience\x64\glib-2.0.dll), breaking Horizon Agent feature functionality and displays the following error:
"VMwareViewClipboard.exe - System Error: The code execution cannot continue because glib-2.0.dll is missing. This issue may be resolved by reinstalling the application."
- Install the Microsoft Windows Defender update version 1.371.1261.0 or later as seen in "Security intelligence updates for Microsoft Defender Antivirus"
- KB-Reference: https://kb.vmware.com/s/article/89162?lang=en_US&source=email
ESC-32864 - Data Usage on Roaming in Android Profiles not working (89292)
· The Data Usage on Roaming setting in the Samsung KNOX Restriction payload of Android Profiles is not working. By default, this setting is enabled. When disabled, end users on Samsung Android devices can unexpectedly still use cellular data during roaming.
- We have determined that the Data Usage on Roaming setting, which is Samsung-specific, does not work on devices running Android 7.0 and higher. To prevent users from using cellular data during roaming, please follow the steps below. By doing so, this restriction will apply to all Android 7.0+ devices - not just Samsung.
1. Create a new Android Profile or edit existing Android Restrictions Profiles
2. Add the Custom Settings payload
3. In the Custom Settings field, insert this XML code
4. <characteristic uuid="c0710174-139b-4592-93cb-7f6c5e7d1440" type="com.airwatch.android.androidwork.restrictions" target="2">
5. <parm name="allowDataRoaming" value="False" />
</characteristic>· This settings will be added to the Android Restrictions payload in future releases of the Workspace ONE UEM Console.
· KB-Reference: https://kb.vmware.com/s/article/89292?lang=en_US&source=email
Highlighting High Priority KBs
- HW-156875 - Patch instructions to address CVE-2022-22972, CVE-2022-22973 in Workspace ONE Access Appliance (VMware Identity Manager) (88438)
CVE-2022-22972, CVE-2022-22973 have been determined to impact Workspace ONE Access (VMware Identity Manager). These vulnerabilities and their impact on VMware products are documented in the following VMware Security Advisory - VMSA-2022-0014 , please review this document before continuing
· Announcing end of support for device administrator (Android Legacy) in Workspace ONE UEM (80971)
To align with Google’s strategy and ensure VMware’s investment in the right long-term solution for Android, as of March 31st, 2022, VMware will no longer support device administrator-based management on Android (referred to as Android (Legacy) in the Workspace ONE UEM console).
- VMware Tunnel Proxy End of Support Life Announcement (87345)
VMware is announcing End of Support Life for the Tunnel Proxy component of the VMware Tunnel solution. This will be effective January 30, 2023. - VMware Workspace ONE UEM New Control Plane SaaS Deployment Schedule (86243)
Workspace ONE UEM has undergone a complete re-architecture to modernize the platform using microservices and containers to enable increased scalability and performance and increase the rate of innovation. Now after having conducted significant and careful testing, these architecture updates, including a new control plane, will be deployed to UEM SaaS environments over the next several weeks, with options available to on-premise customers after this roll-out (Later in 2022).
Recently updated and added KBs
- Getting Ready for Android 13 (88379) (88379)
- MS Teams Optimization Feature Compatibility Matrix for Horizon 7 and Horizon 8 Recent Releases. (86475)
- AAPP-14287 - 2022 APNs for Applications seed script inadvertently disables app notifications on some WS1 UEM versions (89254)
- Loading 3rd Party Mac plugins with RDP Virtual Channel Bridge (rdpvcbridge) (85188)
- Some file sharing options are unavailable for allowed Workspace ONE apps on iOS (85846)
- WS1 UEM Console Release and End of General Support Matrix (2960922)
- Set mail sync period to unlimited on Workspace ONE Boxer (50117876)
- Horizon Client Feature Matrix for Horizon 8 and Horizon Cloud on Azure (80386)
- Workspace ONE Sync Failing Consistently (50121232)
- Detect and Schedule OS Updates for iOS Devices (50122096)
- WS1 Boxer fails to sync mails after account password change (50117942)
- Login error "Exception from service operation: (System.DirectoryServices.Protocols.LdapException) The supplied credential is invalid." (50107365)
- AGGL-11183 - Android Chrome URL Allowlist and Blocklist are not enforced (89300)
- Getting unexpected error when tried to access configuration page of the vIDM on the port 8443 (89301)
Digital Workspace Techzone, Blog and YouTube Updates
- VMware named a Leader in 2022 Gartner® Magic Quadrant™ for UEM Tools and received highest scores in 4 out of 4 Use Cases in 2022 Gartner® Critical Capabilities for UEM Tools
- What Is Workspace ONE Intelligent Hub?
- Zero Trust Secure Access to Traditional Applications with VMware
- VMware Workspace ONE UEM is ready for Android 13
- Enabling Non-Technical Users to Send Hub Services Notifications
3rd Party Blogs and Industry Updates
- Hans Kraaijeveld: VMware Logon Monitor - What is it and why should you use it
Beta, Lab and Tech Preview Updates
- Workspace ONE Boxer 22.08 for Android
- KVP for Resource URL during authentication
Introduces a new account-level KVP - AccountOauthResourceURL (string). The KVP overrides the Resource URL during user authentication. Recommended to be used by customers with Hybrid Modern Authentication when they need a specific Resource URL. - Workspace ONE Boxer 22.08 for iOS
- Support of historical S/MIME certificates with DISA Purebred
- This feature provides support for storing more than one S/MIME certificate when using PIV-D and Purebred.
- Users would be able to access older emails that were encrypted with different certificates.
- The feature can be activated/deactivated by a feature toggle called "Historical S/MIME" in Advanced Settings > Enable features (it is activated by default)
- WS1 Intelligent Hub 22.08 for macOS
- Option to uninstall managed application from App Catalog (supported from UEM Console 21.11 and Hub Services 22.07)
- Drop support for macOS 10.14
- General enhancements
- Optimisation of App list sample
- HUB sensors error reporting improvements
- Upgrade Munki to 5.7.2, MSAL to 1.2.2 and Python to 3.10.6
- Improvements in product downloads from Relay Server
- UI improvements to Native App Catalog
August Software Releases
System | Component | Release | Announcement | Release Date |
Backend | Console OnPrem | 22.06 | 16.08.22 | |
iOS | Hub | 22.07 | 08.08.22 | |
iOS | Content | 22.08 | 17.08.22 | |
Android | Hub | 22.07 | 08.08.22 | |
Android | Web | 22.08 | 16.08.22 | |
Other | ITSM Connector for ServiceNow | 1.1 | 03.08.22 |
Patch & Seed Script Updates Week33-2022
- OS Updates Seed Script
- Most recent update: ... tvOS 15.6.0 (19M65),macOS Big Sur 11.6.8 (20G730),macOS Catalina 10.15.7 (19H2026)
- https://resources.workspaceone.com/view/rywydmj6ghb9nmch4ywq/en
- Last Update: CW30
- Seed Script for latest Device Model Information
- Seed Script for latest Device Model Information ... Apple MacBook Pro 13-Inch "M2" 8 CPU/10 GPU ... Model: A2338 ... Model ID: Mac14,7 ... Order: MNEH3LL/A ... Model: A2681
- https://resources.workspaceone.com/view/x8kn6bslt67vwvlgx4ld/en
- Last update: CW28
- Custom Script to Allow Android 12 enrollments into Workspace ONE UEM Console
- Agnostic script to update seed data to allow Android 12 enrollments into the Console.
- https://resources.workspaceone.com/view/rvfdv9s6mhsh4xgdxf7f/en
- Last Update: CW44
- Workspace ONE UEM 20.11
- Patch Level: 20.11.0.46
- CMCM-189755: Remove ContentLockerSDKLibraryKey system code and its overrides
- AMST-35843: Purge hardcoded keys from config files
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2011/rn/VMware-Workspace-ONE-UEM-Release-Notes-2011.html#20-11-0-42-patch-resolved-issues-resolved
- Last Update: CW24
- Workspace ONE UEM 21.02
- Patch Level: 21.2.0.40
- CRSVC-31188: Entitlement service migration tool fails to connect to database on DB credential change.
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2102/rn/Workspace-ONE-UEM-2102-Release-Notes.html#21-2-0-40-patch-resolved-issues-resolved
- Last Update: CW32
- Workspace ONE UEM 21.05
- Patch Level: 21.5.0.66
- RUGG-11244: Table cleanup to free up identity column.
- CRSVC-31187: Entitlement service migration tool fails to connect to database on DB credential change.
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2105/rn/Workspace-ONE-UEM-2105-Release-Notes.html#21-5-0-66-patch-resolved-issues-resolved
- Last Update: CW32
- Workspace ONE UEM 21.09
- Patch Level: 21.9.0.41
- MACOS-3268: Avoid sending the command to erase a macOS device to the user channel.
- INTEL-41602: ZDT DB upgrade failed while deleting SP and type.
- CRSVC-31186: Entitlement service migration tool fails to connect to database on DB credential change.
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2109/rn/Workspace-ONE-UEM-2109-Release-Note.html#21-9-0-41-patch-resolved-issues-resolved
- Last Update: CW32
- Workspace ONE UEM 21.11
- Patch Level: 21.11.0.44
- CRSVC-31408: DSM action cleanup stored procedure throws collation error when the server and database collation is different.
- MACOS-3280: Seed the Model information for new "M2" Mac models.
- Docs-Reference: https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2111/rn/vmware-workspace-one-uem-powered-by-airwatch-2111-release-notes/index.html#resolved-issues-2111043-patch-resolved-issues
- Last Update: CW33
- Workspace ONE UEM 22.03
- Patch Level 22.3.0.20
- CRSVC-31344: DSM action cleanup stored procedure throws collation error when the server and database collation is different.
- AMST-36624: Seed v2203.4 Hub to UEM Console.
- RUGG-11302: Product provisioning is not getting assigned post upgrade.
- AMST-36752: App deployment options not retained on Save & Publish.
- FCA-203721: Device export with xlsx format with wrong display model.
- ENRL-3520: Add Token Preview behind a Feature Flag.
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2203/rn/vmware-workspace-one-uem-powered-by-airwatch-2203-release-notes/index.html#resolved-issues-223020-patch-resolved-issues
- Last Update: CW33
- Workspace ONE UEM 22.06
- Patch Level 22.6.0.1
- Full Installer
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2206/rn/vmware-workspace-one-uem-powered-by-airwatch-2206-release-notes/index.html#resolved-issues-22601-patch-resolved-issues
- Last Update: CW33
Comments
Post a Comment