Weekly highlight: VMware Explore - Enduser Computing Announcments Overview - Autonomous workspaces
"proactive, data-driven automations that are self-driven by the digital workspace platform, better ensuring your organization’s desired state across management, security, and end-user experiences. Requiring limited to no manual interaction, autonomous workspaces will deliver self-configuring, self-healing, and self-securing outcomes for your workspace." - Freestyle Orchestrator will be expanding to include support for mobile devices.
- Windows multi-user support is currently in Tech Preview of Azure AD-based deployments, and will be extended to Active Directory-based deployments.
- Updates for Workspace ONE XR Hub
- Updates for thr integration between Intel vPro and Workspace ONE
- Updates for desired state management for mobile
- Updates for data-driven user interfaces in the UEM console
- Updates for ChromeOS.
- Announcing the Workspace ONE Cloud Marketplace, which will feature dashboards, widgets, reports, Freestyle Orchestrator workflows, and other resources that can be imported to help customers adopt additional solutions.
- now include VMware Horizon, third-party managed and unmanaged devices
- employee experience scores for Horizon, available soon
- delivering, measuring, analyzing, and remediating employee experiences
- announced employee experience scoring capabilities for Horizon
- frontline solution packs for Workspace ONE Intelligence
- Intelligence Guided Root Cause Analysis is now available.
- VMware Next-Gen Horizon Cloud was announced at VMworld 2021, went into Limited Availability in spring of 2022, and is now Generally Available for Horizon Cloud environments on Microsoft Azure.
- unique “thin-edge” architecture that drastically reduces the amount of infrastructure deployed in your environment
- advanced automation via published APIs
- will provide a managed service offering that takes care of lifecycle services, support, and more, on top of customer-provided infrastructure.
- help customers that don’t have in-house experts get to value with VDI faster.
- Ongoing lifecycle & cost management
- combine App Volumes Apps On Demand with Horizon app publishing capabilities to simplify app publishing and save on resources.
- VMware and Google worked together to validate ChromeOS devices and specialized peripherals for key healthcare use cases.
- became available earlier this summer
- enables several unique management capabilities, including out-of-band management for devices that are powered off or have operating systems that are not functioning
announcing a partner program to help customers take advantage of this integration.
Week 35 Software Releases System | Component | Release | Announcement | Release Date | iOS | Content | 22.08.1 | - ISCL-181881 - Files are missing after adding a file update with name change
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Content-for-iOS.html | 29.08.22 | Android | Notebook | 22.08 | - Android 13 Release Readiness
- Bug fixes and quality improvements
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Notebook-for-Android.html | 30.08.22 | Android | Boxer | 22.08 | KVP for Resource URL during authentication - AccountOauthResourceURL is a new, account-based KVP, of type string.
- During end-user authentication, this KVP overrides the value of the Resource URL.
- AccountOauthResourceURL can be used with Hybrid Modern Authentication when a specific Resource URL is required.
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-Android.html | 01.09.22 | iOS | Boxer | 22.08 | Support for historical S/MIME certificates with DISA Purebred - This feature provides support for storing more than one S/MIME certificate when using PIV-D and Purebred.
- End users can access older emails that were encrypted with different certificates.
- To activate or deactivate the support for historical S/MIME certificates with DISA Purebred, use the Historical S/MIMEtoggle button in Settings > Advanced > Enable features. By default, this feature is activated.
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/VMware-Workspace-ONE-Boxer-for-iOS.html | 01.09.22 | Linux | Intelligent Hub | 22.06 | Web Enrollment: Users can now walk through a web-based wizard to streamline the WS1 Intelligent Hub download and enrollment process. This wizard also supports integrated authentication, so WS1 Access, SAML, or any other integrated modern auth can be used to enroll a user’s Linux device in WS1 UEM. · Application Sampling: The application tab in the Device Details view now reports on desktop applications that are installed on enrolled linux based endpoints, including the version information. · Disk Encryption Detection: Workspace ONE now identifies whether or not full disk encryption (using LUKS) is enabled on an enrolled Linux device. · Additional Sensor Triggers: In addition to triggering sensor retrieval during device check-ins, IT admins now have the option of triggering a sensor based on login, logout, startup or network changes on enrolled linux devices. · Automated Hub Upgrades: IT Admins now have the option of enabling Hub upgrades to occur automatically when new versions are released. · Remove Additional Dependencies on Puppet: Puppet open source is now only required for processing custom configuration profiles; not Wi-Fi or Credentials payloads as was the case previously. | 01.09.22 |
General Availability of VMware Workspace ONE Intelligent Hub for Linux 22.06 The Workspace ONE Intelligent Hub 22.06 release adds some great new features and capabilities. Workspace ONE UEM v2206 running in a Shared Saas environment
A Dedicated Saas environment running v2206 of WS1 UEM that is enabled with the new Control Plane
Please note: Workspace ONE UEM for Linux is not currently available for on-premise installations - How to Download Workspace ONE Intelligent Hub 22.06 for Linux
· Prior Version is Installed: The application seamlessly updates over the existing application version without disrupting device enterprise functionality. Manually install the new version on the enrolled device. · Prior Version is Not Installed: Direct end users to enroll via web enrollment where the Intelligent Hub can be automatically downloaded. Additionally the appropriate installer can be downloaded directly. More information and the instructions are available here. MACOS-3266 - Workspace One UEM - WIFI profile with multiple credential payloads fails to install on macOS devices ( Error: 107 Invalid profile) (89423) - WIFI profiles for IOS MAC devices that are configured with more than one credential payload may fail to install on devices.
From the troubleshooting tab (device view -> more -> troubleshooting) for an affected device in the UEM Console the 'install failed' notification should show an error similar to: - Additionally in the device hub logs for the profile install event you may see the same error:
2022-30-08 16:47:05+0530 Error 20991 mdmclient: [com.apple.ManagedClient:MDMDaemon] [ERROR] [ErrorChain.0] (InstallProfile) [ConfigProfilePluginDomain:-107] Invalid profile: the PayloadUUID “86d0e0e6-ee0a-4881-b728-c6b08800a5a2” is used more than once in the profile.> - Version Identified: Workspace ONE UEM 22.06
- This issue is resolved in version 22.06.02 (Existing profiles will need to be manually addressed - see workaround section below).
On-Premise customers can download the latest patch in the resources portal here .
SaaS customers can request for their environment to be patched. - Workaround in KB https://kb.vmware.com/s/article/89423?lang=en_US&source=email
CMEM-186691: PowerShell email management integration may not work with Workspace ONE UEM 2206 (89373) - With Workspace ONE UEM console 2206, PowerShell email Integration (MEM) may not function as intended. PowerShell Test Connection may not work.
The following error can be observed in the UEM console log: EXCEPTION *** AirWatch.AirWatchException: User credential of the remote PowerShell server contains the special characters. At AirWatch - Workspace ONE UEM 2206
- Newly enrolled devices may not be allowed to access email automatically through MEM PowerShell commands
- The email configuration will be removed for any unenrolled device, but a block command will not be sent.
- ‘Sync Mailboxes’ and ‘Run Compliance’ actions will not work.
- Devices with existing access to their mailbox will continue to work.
- Our product team has been engaged and is actively working to resolve the issue. Please follow this KB for updates.
- Administrators can initialize a manual PowerShell session and manage user or device access as desired.
Please refer to this page for more information. - KB-Reference: https://kb.vmware.com/s/article/89373?lang=en_US&source=email
Provisioning of full clone encrypted VM's fails on vSAN with default policies (89371) - When provisioning encrypted full clones through View on vSAN you see the following error message in vCenter:
"“Changing or applying VM Storage Policies with Data Service capabilities during clone operations is disallowed. VM Storage Policies with Data Service capabilities can be assigned to the provisioned VM after the clone operation has been completed and before the VM has been powered on" - The reason for the error is due to the policies that View creates on vSAN environments. These policies by default do not take encryption into account and do not create with an encryption policy
- When using encrypted full clones please enable encryption on the following storage policy created by View for vSAN environments:
FULL_CLONE_DISK_FLOATING_uuid-value-goes-here Example: FULL_CLONE_DISK_FLOATING_d960c469-594e-4e82-a345-8bebc0eea226 This will allow for the VM to get the correct encryption key that was assigned to the template when creating the full clone. Highlighting High Priority KBs - HW-156875 - Patch instructions to address CVE-2022-22972, CVE-2022-22973 in Workspace ONE Access Appliance (VMware Identity Manager) (88438)
CVE-2022-22972, CVE-2022-22973 have been determined to impact Workspace ONE Access (VMware Identity Manager). These vulnerabilities and their impact on VMware products are documented in the following VMware Security Advisory - VMSA-2022-0014 , please review this document before continuing - Announcing end of support for device administrator (Android Legacy) in Workspace ONE UEM (80971)
To align with Google’s strategy and ensure VMware’s investment in the right long-term solution for Android, as of March 31st, 2022, VMware will no longer support device administrator-based management on Android (referred to as Android (Legacy) in the Workspace ONE UEM console). - VMware Tunnel Proxy End of Support Life Announcement (87345)
VMware is announcing End of Support Life for the Tunnel Proxy component of the VMware Tunnel solution. This will be effective January 30, 2023. - VMware Workspace ONE UEM New Control Plane SaaS Deployment Schedule (86243)
Workspace ONE UEM has undergone a complete re-architecture to modernize the platform using microservices and containers to enable increased scalability and performance and increase the rate of innovation. Now after having conducted significant and careful testing, these architecture updates, including a new control plane, will be deployed to UEM SaaS environments over the next several weeks, with options available to on-premise customers after this roll-out (Later in 2022).
Recently updated or added KBs Digital Workspace Techzone, Blog and YouTube Updates 3rd Blog Updates & Industry News Beta, Lab and Tech Preview Updates - Workspace ONE Content 22.09 for iOS
- Updated experience for logging into user repositories and admin repositories with Authentication challenge.
- Workspace ONE Content 22.09 for Android
- Improvements in the experience for Archive formats like zip and 7zip
- Updated the default PDF viewer with more advanced experience and capabilities.
- Support for Content MIME types to enabled advance security in the enterprises.
- Support for Recording audio with option to record in background, pause, resume and save.
- Print Document – This features allows users to print the document right from the Content app to the installed printer on the device.
- Folder favourite option – This feature gives users ability to mark folders as favourites, so that they can easily find the marked folders.
- Ability to sort the searched results
- Updated experience to view Long file names in the app.
- Auth dialog: option to inherit credentials used in previous login while logging-in the repository.
August Software Releases Patch & Seed Script Updates Week35-2022 - OS Updates Seed Script
- Seed Script for latest Device Model Information
- Custom Script to Allow Android 12 enrollments into Workspace ONE UEM Console
|
Comments
Post a Comment