EUC Newsletter - Week 12

Release Updates Week 12-24

Workspace ONE Content for Android 24.02

  • Bug Fixes and general improvements.

Workspace ONE Intelligent Hub for Android 24.02 (staged)

  • Bug fixes and app improvements
  • AAGNT-199215: Intelligent Hub does not handle multiple Find Device commands gracefully
  • AAGNT-198447: Less restrictive restrictions taking precedence over more restrictive one

Workspace ONE Tunnel for Android 24.01 (staged)

  • In this release, we have made a few updates containing general quality and performance improvements with the following new features:
    • New Tunnel Broadcast
      The Tunnel application will broadcast a message when it is in Ready state. In this state the VPN interface is established, and Tunnel is in Connection Available state.
    •  This broadcast message may be used by other applications as an input for their workflows.
      To make use of this broadcast, ensure your application is registered to the following broadcast receiver: com.airwatch.tunnel.VPN_ACTIVE
    • General Availability: Block Private DNS
      We have noticed that with the recent Android OS updates, the Private DNS setting on the devices is set to ‘Automatic’ by default. 
    • This setting encrypts all DNS requests from the device, which may impact DNS requests from applications and destinations that are managed by the Tunnel.
      This release introduces a Managed Configuration (KVP) to manage Private DNS in the Work container.
      BlockPrivateDNS | Type: Boolean | Default Value: False
      Set this value to True to block Private DNS over port 853. The Android OS should default back to regular DNS over port 53.
      Note: Regardless of the Private DNS settings, DNS destined for your internal DNS is always encrypted by the Tunnel. 

Workspace ONE Tunnel for macOS 24.01

  • Introducing Full-Device Tunnel mode for the macOS Tunnel client on MDM enrolled devices.
    This is in addition to existing support for Full Device Tunnel mode for Standalone enrollment.
    Refer to “How to configure the macOS Tunnel MDM VPN Profile for Full-Device Tunnel mode” for setup instructions.
  • Note:
    This 24.01 macOS Tunnel application delivered through the Workspace ONE Resources Portal supports Full Device Tunnel mode for MDM and Standalone enrollment.
  •  This is an update to the 23.01 macOS Tunnel client that supports Standalone enrollment only.
    Continue using the 22.04.3 macOS Tunnel client delivered through the App Store for all MDM Per-App Tunnel mode workflows. 
  • 22.04.3 macOS Client is available on the App Store as of today, March 21, 2024.

Workspace ONE Dropship Provisioning Agent and Tool

  • Updated bundle for Dropship Online that includes the new 3.2 Provisioning Agent and the 3.4 Version of the Provisioning Tool

VMware EUC Security Advisories:

---no new VMSA this week---

EUC UX Research Opportunities  

  • Our goal is to gather insight into user behaviorsmotivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
  • Interested in giving your opinion and making your voice heard? Check out what’s available!

Opportunity #1

  • EUC Product/Feature: WS1 Intelligence
  • Topic: Play with a clickable prototype of a new capability where custom alerts would inform Admins when key metrics/attributes change in real time. 
  • For example – create a custom alert for when a Dashboard reaches a certain threshold or set a custom alert that would trigger a Freestyle workflow.
  • Opportunity Type: 45-minute, 1x1 conversations via Zoom or a 10-minute usability test via Userzoom (which you can do in your own time).
  • Sign Up Link: HERE

Opportunity #2

  • EUC Product/Feature: WS1 UEM
  • Topic: Get a sneak peak at early wireframes of new designs for adding applications from the Enterprise App Repository flow.
  • Opportunity Type: 45-minute, 1x1 conversations via Zoom
  • Sign Up Link: HERE

KB Highlights & Announcements Week 12-24:

Limited Availability: Workspace ONE Intelligence Data Explorer

  • Data Explorer, released with limited availability, allows you to quickly and easily explore your data within Workspace ONE Intelligence. 
  • Use this feature if you’re not familiar with the Intelligence data structure, don’t know where to begin, or are just looking for quick answers to commonly asked queries. The Data Explorer provides support for all data sources and fields.

Workspace ONE Dropship Provisioning Online Agent is failing with HTTP Transport Error (97071)

  • The Dropship Online Provisioning Agent is currently returning HTTP transport errors for all released versions when establishing a connection with the Online Provisioning Service (OPS).
  •   This is preventing devices from being provisioned in Dropship Online. 
  • The error when looking in the Event Viewer | Applications and Services Logs | AirwatchProvisioning-Agent 
  • A new version of the Provisioning Agent is being worked on and will be ready soon.  It will be placed on the download sites as well as the auto-update servers.
  •  This KB will be updated as well with the download link. Please subscribe to this page to receive updated information.

How to configure the macOS Tunnel MDM Profile for Full-Device Tunnel mode. (97056)

  • Starting with the WS1 macOS Tunnel client 24.01, we are excited to introduce Full Device Tunnel mode on MDM enrolled devices.
    The following documentation will guide you through the set up of macOS Tunnel MDM Profile for Full Device Tunnel mode. 

Legacy Multiuser enrolled devices are not supported in Multiuser with Modern Stack (96808)

  • Legacy Multiuser (aka Phase One) was built on the legacy Workspace ONE architecture (SQL database). 
  •  As Workspace ONE transitions to a cloud first, microservice architecture, certain devices must be cleaned up in order to enable the modern stack.
  • Devices enrolled using the Legacy Multiuser enrollment flow are not compatible with the new modern stack architecture. 
  •  If a Legacy Multiuser user device is enrolled and modern stack is enabled, the following issues will occur: 
    • Device List View will not load
    • Device details page will not load
    • Unable to add/edit/delete scripts and sensors

High Priority KBs 

Recently updated or added KBs (Links) 

Digital Workspace Techzone, Blog and YouTube Updates 

Patch & Seed Script Updates Week 12-24

  • Workspace ONE UEM 23.10
    • Patch Level:
    • MACOS-4345 Cannot Save any modified or new System extension macOS profiles
    • CRSVC-47356                 Bulk SMS fails when notifying over 500 devices
    • CRSVC-47215                 API Call Invoked Commands Associated to Unknown Admin Account
    • CRSVC-47168                 Object reference not set to an instance of an object error if SAN is not configured
    • CMSVC-17685                MacOS CLI based re-enrollment flow triggers remove application for the device
    • ARES-28271    MacOS Credential Profile doesn't save Identity Preference and Certificate Preference Correctly in DDUI
    • ARES-28153    Unable to add Dell Command Update v5.1.0 from EAR
    • ARES-28090    Unable to view the XML file of specific iOS profiles if option to sign certificate is enabled.
    • ARES-28067    Total Assigned Devices in Preview of profile assignment page does not work properly.
    • ARES-28060    Database error while hitting the Devices Tab to check the devices assigned details on an app
    • ARES-28055    Web links report is empty
    • ARES-27075    Rule action isn't reflecting on the autocomplete field type (default)
    • AMST-40821    Seeding - latest SFD 23.10 build to UEM 2310/2402/master releases