VMware Digital Workspace Newsletter - Week 38



Week 38 -  2022




Weekly highlight:



Workspace ONE Access Services updates

  • Directory Sync Frequency Updates
    The interval between synchronization times has been made more flexible and will let administrators to choose between setting hourly synchronizations or synchronizations every 2, 6, or 12 hours. Administrators can also choose to set their sync frequency to be less often with daily or weekly intervals.
  • Shift-based conditional access policies in Workspace ONE Access to support Shift-based Access to Workspace ONE Digital Workspace
    Shift-based access control with Workspace ONE enables your company to deliver a digital workspace that is shift aware. Shift-based access control restricts the use of different product apps and features when a worker is not clocked-in for their shift.
    In the Workspace ONE Access console, you can configure Shift-based Auth as an authorization method to manage when workers can launch specific Workspace ONE Access federated applications based on whether the worker is on-shift or off-shift. The authorization is applied after workers are authenticated with a first factor authentication method based on your access policy rules.
  • UEM Token Device Enrollment Authentication Method
    The UEM Token authentication method allows customers to seamlessly change the source of authentication from Workspace ONE UEM to Workspace ONE Access for device enrollment of the Workspace ONE Intelligent Hub for iOS and Android. Devices that are on registered mode and Android devices, which do not have a Workspace ONE UEM certificate at time of enrollment, can be identified and authenticate with Workspace ONE Access. This feature addresses the previous problem of duplicate authentication and provides the most seamless transition for Workspace ONE UEM customers to Workspace ONE Access yet and does not impact existing enrolled devices.
  • Time-based One-Time Password (TOTP) Authentication Now Available in Workspace ONE Intelligent Hub iOS and Android
    Workspace ONE Intelligent Hub for iOS and Android brings support for adding and generating Time-based One-time Passwords or TOTP.
    End users with a QR code or the secret key for an account can register that secret key with Workspace ONE Intelligent Hub to allow for the generation of Time-Based One-Time Passwords. This does not require an internet connection.
    End users can find this functionality in the app’s Account screen under “Two Factor Authentication” by tapping on the icon at the top of the app in any of the screens, if users have Hub Services, and in the main screen if in UEM-only mode. This functionality is not supported for multi-staging users where the device is passed around for multiple users because of TOTP’s fundamental security feature of access to the device.
  • Bypass multipleauthn SAML attribute claims in WS-Fed active flows
    The multipleauthn SAML attribute will no longer be passed in active federation flows.
  • For more information, refer to this Release Notes


Workspace ONE Hub Services updates  

  • View End-user Notification Engagement Analytics in Workspace ONE Intelligence
    Admins can view notification engagement analytics of their end-users' interactions of Intelligent Hub notifications in Workspace ONE Intelligence. This includes notification metrics like viewed, opened, dismissed, and actioned on. To enable this ability, authorize the Hub Services connector in Intelligence. You can then build dashboards to visualize the notification engagement analytics. You can also navigate to this website to leverage predefined notification analytics dashboard templates.
    Note: We currently collect notification analytics from Hub Web portal, Windows Hub, and macOS Hub.
  • Send Intelligent Hub Notifications from Workspace ONE Intelligence Automation Workflows
    Hub notification action is now available as an action when configuring automation workflows in Workspace ONE Intelligence. Leverage the Hub Services notification action to target and send Hub notifications to devices about apps, devices, remediation resources, updates, and more. The Hub notification will appear in the For You tab in Intelligent Hub.
  • Simplified Notification API in Beta
    We’re introducing a simplified Notification API that external systems can leverage to send Intelligent Hub notifications to users and devices. The new Notification API reduces integration steps by allowing external systems to send a notification by providing a well-known identifier – either a userGroup name or a SmartGroup name/id. If interested in testing this API, please reach out to your VMware contact to connect with the product team.
  • For more information, refer to this Release Notes






macOS Intelligent Hub 22.08.1

Resolved Issues

URL Content Redirection does not work for Third Party Application on macOS 13 Beta. (89470)

  • The input URL within Third Party Application can’t be redirected from Mac client to agent side on macOS 13 beta.

[Reproduction Steps]

1. Launch Mac Client on macOS 13.0 Beta

2. Login to Horizon Server

3. Click using the URL Filter Application as the Third Party Application

4. Open the configured URL in the Notes

5. URL is not redirected to agent side


"Max session bandwidth" of the DEM Horizon Smart Policies does not work on first connection. (89526)

  • When you connect to VDI with "Max session bandwidth" configured in DEM Horizon Smart Policies, it does not take effect and uses the default value "1000000".
  • However, when you reconnect to the session, it is working as configured.
  • This is a known issue.
    • Blast can only apply the MaxBandwidthKbps setting if the registry value is written before the session begins.
    • DEM won't be able to provide Horizon Smart Policies before the session begins, as we process this config during login.
  • More details in KB: https://kb.vmware.com/s/article/89526?lang=en_US&source=email


Jetzt Registrieren: Enduser Computing Webinare im September und Oktober

  • Live-Webinar: Was macht den Anywhere Workspace bei VMware aus? Ein Blick hinter die Kulissen
    Mittwoch, 21. September 2022, 10:00 Uhr
    Speaker: Arkadiusz Krowczynski

Live-Webinar: Mobile Threat Defense im Kontext von Workspace One
Mittwoch, 28. September 2022, 10:00 Uhr
Speaker: Yana Petrova

Live-Webinar: Ist VMware Horizon die bessere Plattform für Desktop & Applikationsvirtualisierung?
Mittwoch, 05. Oktober 2022, 10:00 Uhr
Speaker: Stefan Metzger

Live-Webinar: Innovation am Remote-Arbeitsplatz: ‚Work from Anywhere’ mit Virtual Reality und Workspace ONE
Mittwoch, 12. Oktober 2022, 10:00 Uhr
Speaker: Julius Lienemann


Highlighting High Priority KBs


Recently updated or added KBs


Digital Workspace Techzone, Blog and YouTube Updates


3rd Blog Updates & Industry News



Patch & Seed Script Updates Week38-2022