VMware Digital Workspace Newsletter - Week 46







Week 46 -  2022







Weekly highlight:


Using VMware Cloud Services to access Workspace ONE services for existing customers

  • Workspace ONE customers will have single sign-on (SSO) access to all Workspace ONE services through the VMware Cloud Services console. More email communications will be sent on timelines and steps for when this SSO path is made available. The steps for completion are shown below in the “What does a customer do?” section.
    For first-time login, customers need to register a VMware account within VMware Cloud Services. Thereafter, they use this account to log in to Workspace ONE Cloud Admin Hub, which is a centralized administrative portal to access all Workspace ONE services like UEM, Horizon Cloud, and Access. Customers can access the services directly from Workspace ONE Cloud Admin Hub, without having to sign in again.
  • While the existing accounts will still be available, this new SSO login experience helps administrators to centrally access their Workspace ONE services, without having to maintain multiple accounts or service URLs. This change does not impact customer configurations, policies, or data within any Workspace ONE services.
    Over the next quarter, Horizon Cloud administrators will be enabled with VMware Cloud services followed by other Workspace ONE services, in a phased manner. You will receive a notification with more information on how to get started, when the opportunity for SSO is available.
  • KB-Reference: https://kb.vmware.com/s/article/89945?lang=en_US&source=email







VMware Workspace ONE Intelligent Hub, Assist, SDK, and Launcher will end support for Android 6.x & Android 7.x, in 2023 and 2024 respectively (90127)

  • In order to focus on incorporating functionality available in newer versions of the Android operating system, Workspace ONE Intelligent Hub, Assist, SDK, and Launcher for Android will drop support for devices using Android OS 6.x upon release of Android 14 (expected in Q3 2023) and Android OS 7.x upon release of Android 15 (expected Q3 2024).
    • Upon Android 14’s release (expected in Q3 2023), new releases of Workspace ONE Intelligent Hub, Assist, SDK, and Launcher will no longer support Android 6.x. 
    • Upon Android 15’s release (expected in Q3 2024), new releases of Workspace ONE Intelligent Hub, Assist, SDK, and Launcher will no longer support Android 7.x. 

Android 6 and Android 7 were originally released back in 2015 and 2016, and to maintain the most robust security posture it is strongly recommended to stay on more updated operating system versions.


End of Support Life notice for macOS Intelligent Hub versions 22.03 and below. (90075)

  • VMware is working on essential security updates to the People tab in macOS Intelligent Hub. This would require us to end the support for the People tab specifically in macOS Intelligent Hub versions 22.03 and below as the Hub Catalog People tab would cease to work on these Hub versions after this change. Other areas of Intelligent Hub will continue to function such as Apps. The support period will end on January 15, 2023, and the Intelligent Hub versions 22.03 and below will reach End of Support Life. Following this date, the Workspace ONE product team will not be servicing these versions of Hub People tab in any fashion. There will be banners in Hub to notify users as we approach end of life.
  • KB-Reference: https://kb.vmware.com/s/article/90075?lang=en_US&source=email


Deprecation of the Insecure HTTP connections in Workspace ONE Boxer for Android effective 1st March 2023 (90138)

  • Workspace ONE Boxer for Android is going to deprecate HTTP support starting effectively from 1st March 2023. This article describes which KVPs needs to be checked if used for such a connections so that they can be replaced on time.  
  • This is considered as minor security vulnarability.
  • Based on their configs, some clients could still have insecure URLs set up for different things. There are no HTTP URL checks for them and those could stop working when we remove the support for legacy HTTP connections
  • If there are organizations still using HTTP connections they need to replace them with secure ones.
  • More info in KB https://kb.vmware.com/s/article/90138?lang=en_US&source=email


External HTML Access via UAG results in the error : "failed to resolve proxying route for request" (90155)


  • Cannot connect to a HTML5 session externally via UAG
  • Users receive the error "Failed to resolve proxying route for request" when using Blast with VMware Unified Access Gateway

This issue can be seen in the bsg.log on the UAG Appliance.
Reference: Collecting Logs from the Unified Access Gateway Appliance

Sample Log Line of an Incorrect Configuration:

[2022-11-16 19:33:30.668] [INFO] 7304 [absg-master] - Added route D6D23E36-*** to target|8443


  •  The IP  address and port in the above Logline matches a broker IP and port.
  •  When you see the target as the Connection Server IP and a port of 8443 this is wrong and an indication that the BSG gateway is enabled on the Connection Server.

Sample Log Line of a Correct Configuration:

When the Blast Secure Gateway is disabled on the Connection Server, the log line you see in bsg.log indicates a route being prepared to the virtual desktop or RDS host address on port 22443 as seen here. This is correct.

[2022-11-17 16:42:10.603] [INFO] 7304 [absg-master] - Added route C425F277-*** to target|22443


Highlighting High Priority KBs


Recently updated or added KBs (Links)


Digital Workspace Techzone, Blog and YouTube Updates


3rd Party Blog Updates & Industry News


Patch & Seed Script Updates Week 46-2022