Weekly highlight: Workspace ONE UEM Console 2306 - Installer Upcoming Workspace ONE UEM Change Freeze - November Freeze: November 17th, 2023 at 6:00 PM – December 4th, 2023 at 1:00 AM EST
- December Freeze: December 15th, 2023 at 6:00 PM – January 4th, 2024 at 1:00 AM EST
Horizon Cloud Service next-gen 2310 (Oct 2023) release - India has been added as a new region to the Horizon Cloud Service Control Plane that you can select while onboarding to the service.
Horizon Edge - Additional Microsoft Azure VM SKUs have been configured for fallback use when deploying the Horizon Edge Gateway on Azure Kubernetes Service. This allows the deployment to succeed in regions where one or more of the SKUs is unavailable.
Provider Capacity Desktops and Applications - The Pool and Pool Group detail pages now display real-time session data.
Horizon Client - Administrators can now configure privacy mode for end users in a VMware Horizon Cloud Service - next-gen environment. With privacy mode enabled, users must authenticate to log into Horizon Client and are redirected to the identity provider (IDP) logout page upon disconnecting from the Horizon Portal or exiting the client.
Upcoming EUC Events Release Updates Week 44: Workspace ONE Intelligent Hub for Android 23.10 (staged) - Open the Hub FAQ links within Hub: Hub FAQ links now seamlessly open within the Hub app, eliminating the need to launch a separate browser on the device. This is particularly helpful for restricted/Kiosk mode deployments (especially for frontline use-cases) where users are not expected to navigate out of the Hub app.
- See OEMConfig and other headless apps: Administrators can now see when an OEMConfig application, like KNOX Service Plugin or Zebra OEMConfig clients, is installed on their devices. By default, Workspace ONE UEM does not collect and display information about installed applications when said apps do not have an icon (AKA "headless apps"). This includes many OEMConfig clients. Administrators can now push a Custom Settings Profile to enable sampling and reporting of headless applications, including the installed version. See How to Enable Sampling of OEMConfig and Other Headless Apps for more information.
- Support for custom messages for Workspace ONE Mobile Threat Defense: Administrators can now add content to the standard alerts sent to users for policy violations and when threats are detected. The additional content will be presented in Intelligent Hub in the threat details' page. Content can include corporate or legal content additional steps or advice, URLs for Support sites, and other important information.
How to get the Windows 11 2023 Update VMware Workspace ONE Boxer for iOS 23.10 - Dynamic text size for email body
- Users with vision problems would be able to read their emails without manually zooming in or out them
- Email body is resized following the user's device accessibility settings
Secure Email Gateway 2.28 - General quality and performance improvements with no new features.
Workspace ONE SDK for iOS 23.10 - Compromise detection enhancement for iOS 17 false positives.
- Allowing apps to customize log levels.
- Bug fixes and Stability improvements.
- Third party library updates.
VMware EUC Security Advisories: VMSA-2023-0025 - VMware Workspace ONE UEM console updates address an open redirect vulnerability EUC UX Research Opportunities - Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
- Interested in giving your opinion and making your voice heard? Check out what’s available!
- Bonus: We give VMWare swag to Customers who participate
EUC Product/Feature | Topic | Opportunity Type | Signup Link
(Less than 5 mins) | Horizon Next-Gen (V2) | EUC Design wants to improve the experience when onboarding the new Next-Gen Horizon Cloud Service Console. Whether you’ve partially or fully onboarded, we want to better understand areas of challenge specifically with Pools, Pool Groups, and Entitlements. | 45-minute, 1x1 conversation via Zoom where we will walk through the onboarding flow via a staging environment and discuss the experience. | Interviews begin the week of Oct 16. SIGN UP HERE | WS1 Assist | EUC Design wants to learn about your helpdesk/servicedesk role and what you like, dislike, and wish could improve in your day-to-day when using Assist. | 60-minute, 1x1 conversation via Zoom. | Interviews + focus groups begin the week of Nov 6. SIGN UP HERE |
KB Highlights & Announcements Week 44: [Resolved] UM-7930 - Guidance for mitigating CVE-2023-20886 in Workspace ONE UEM (95372) - CVE-2023-20886 has been determined to impact Workspace ONE UEM. This vulnerability and its impact on VMware products is documented in VMware Security Advisory - VMSA-2023-0025 .
- Workspace ONE UEM 2203 and higher
- This issue is resolved in Workspace ONE UEM 2306. Additionally, the fix is also available as a patch for the following supported releases of Workspace ONE UEM: (see KB for more info)
Autopilot Hybrid Join Best Practices (94477) - If you plan to deploy Windows devices with Autopilot Hybrid Join, you should follow the following guidelines. Every other configuration can cause deployment issues, timeouts, or errors.
- Don’t deploy other resources than Domain Join configuration and VPN application / profile in the customer OG.
Devices enrolled via Autopilot, always getting enrolled into the customer OG. If there are other resources assigned to the device, the Autopilot Hybrid Join process might time out. - Pre-stage VPN application.
If your deployment requires a VPN connection because the end-user is outside the company network, you should consider Drop-Ship Provisioning (Online or Offline) to pre-stage the VPN application.
Due to the Microsoft limitations in the Autopilot process, VMware Workspace ONE does not have any ability to wait for the VPN application installation. As soon as the Offline Domain Join blob was applied to the device, the device will reboot.
- ... More Best Pratice in KB.
[AGGL-15892] Incorrect Icon displayed for Android Internal Apps in Console (95377) - When uploading new Internal Apps to the Workspace ONE UEM Console, one of the following issues is seen:
- A generic Android icon is displayed instead of the application's icon
- An incorrect icon image is displayed
- This issue affects Workspace ONE UEM 2212 and higher.
- Note: This only affects the icon displayed to the administrator. When the application is installed on a device, the correct icon is shown on the device.
Action Required: Custom 'Workflow Connectors' in Workspace ONE Intelligence Integrations with Incomplete Information Not Supported (95371) - Background:
- In Workspace ONE Intelligence > Integrations, you were able to save 'Workflow connector' Integrations by entering just the name, without critical information. This would result in management overhead of incomplete connectors.
Hence in Feb 2023, any new custom connector getting created has certain required fields to ensure only valid connectors are getting created.
[AGGL-15952] Profiles fail to load in Workspace ONE UEM Console (95355) - In some On-Premise Workspace ONE UEM environments:
- When an administrator attempts to view or edit Android profiles in the Workspace ONE UEM Console, the page fails to load. MacOS profile may also fail to load in some affected environments
- The Metadata Transform Service does not start
- This can be verified by checking Services in the Windows server hosting the UEM REST API application
High Priority KBs - Workspace ONE UEM - Updated requirements for on-premise cumulative patches (94706)
The base GA version for current Workspace ONE UEM releases is being revised through updated installers. On-premise customers will need to consume a revised installer for a given major version before any future cumulative patches can be deployed for that major version. These revised installers are required to address compatibility issues with regular cumulative patches. - Introducing Workspace ONE (WS1) UEM Next-Gen SaaS
VMware is excited to announce that the resource management & tracking improvements, the first major feature-based milestone in the Workspace ONE UEM Modernization Journey, is now available for customer testing. These improvements will be enabled in limited testing environments (CN135) starting on Thursday August 24, 2023. - [Resolved] SINST-176145 - Multiple Workspace ONE UEM application pools and services may not start once stopped (93877)
Workspace ONE UEM services and application pools may fail to start once stopped. This issue is typically observed alongside the following error message in the service's log - [RESOLVED] SINST-176160 - Workspace One UEM - Unable to edit existing or create new DDUI profiles. (93911)
Upon deploying the patches noted in KB 93877, you may experience an error when creating or editing DDUI device profiles (iOS, macOS, Android Enterprise) in the Workspace ONE UEM Console. - VMware Workspace ONE UEM New Control Plane SaaS Deployment Schedule (86243)
Workspace ONE UEM has undergone a complete re-architecture to modernize the platform using microservices and containers to enable increased scalability and performance and increase the rate of innovation. Now after having conducted significant and careful testing, these architecture updates, including a new control plane, will be deployed to UEM SaaS environments over the next several weeks, with options available to on-premise customers after this roll-out (Later in 2022).
Recently updated or added KBs (Links) Digital Workspace Techzone, Blog and YouTube Updates 3rd Party Blog Updates & Industry News October Software Releases Patch & Seed Script Updates Week 44-2023 - OS Updates Seed Script
- Seed Script for latest Device Model Information
- Workspace ONE UEM 23.02
- Patch Level 23.02.0.27
- AGGL-15899: All internal Android apps uploaded to the console were getting the default Android icon.
- CRSVC-42773: Navigating to app events displays spaceman error.
- AMST-39704: BIOS verification status sent incorrectly as a part of Windows security information sample.
- AAPP-16535: iOS updates no query update status button on Workspace ONE UEM 2302.
- AAPP-16586: Custom data (key/value) was not retained in the VPN profile (iOS) after reopening the profile.
- AGGL-15912: Android VPN profile displays "Failed to save profile" error when trying to modify it or add a version to it.
- CRSVC-42634: Migration tool application migration custom batch.
- ARES-26761: High latency in purge expired sample data job execution.
- RUGG-12356: Unable to get the launcher speed lock down feature working.
- AGGL-15777: Add a new Last Used column to Resource Context table
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2302/rn/vmware-workspace-one-uem-2302-release-notes/index.html#Resolved%20Issues
- Last Update: CW44
- Workspace ONE UEM 23.06
- Patch Level 23.06.0.8
- AAPP-16587: Custom data (key/value) not retained in VPN profile (iOS) after re-opening the profile.
- AMST-39762: Workaround for OEM update profile fails to install on device.
- ARES-26758: "App already exists with this Organization Group" error message when uploading a duplicate Windows app.
- ARES-26865: Incorrect records are getting fetched due to ordering of duplicate payload templates.
- CMEM-186928: Objects not clearing from the memory and causing high memory usage.
- CRSVC-43006: Some identity certificates are reported as "Cert" type in error.
- FCA-206261: UEM support for Workspace ONE Role Based Access Control.
- PPAT-15442: Review and reduce the Tunnel Service Logs generation.
- UM-8390: Unblock the Auto/Manual syncs during advanced Ldap Sync cycle failure.
- https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2306/rn/vmware-workspace-one-uem-2306-release-notes/index.html#Patch%20Resolved%20Issues
- Last Update: CW44
|
Comments
Post a Comment