Omnissa Newsletter - Week 42





 

 

 

Release Updates Week 42-24: 

 

Workspace ONE Intelligent Hub 24.09 for iOS

  • Legacy Catalog EOL Notice: The Legacy Catalog in UEM for SaaS UEM Customers will be EOGS on August 31, 2024 and EOL on October 31, 2024. Refer to this KB article for details.
  • Note: Workspace ONE Access is required for migration and if not already configured in your environment, you need to configure it. If you are using the App Catalog in Intelligent Hub, then you are already migrated and no action is needed. This applies for all platforms (iOS, Android, macOS, Windows).
  • Pull to Refresh is now possible on the list views as well as the details view
  • Support for Workspace ONE Mobile Threat Defense Configuration by Smart Groups

Resolved Issues

  • HUBI-11315: Dark mode improvements
  • HUBI-11512: Support page is not refreshing property when toggling MTD settings

 

Apple Builds Are Now Available

New builds of the following software are now available: 

  • iOS & iPadOS 18.1, Beta 7 (22B5075a) 
  • tvOS 18.1, Beta 5 (22J5573a) 
  • visionOS 2.1, Beta 5 (22N5573a) 
  • watchOS 11.1, Beta 5 (22R5575a)

 

Workspace ONE Tunnel 24.08 for iOS

  • TLS 1.3 Support
  • Tunnel Gateway already supports TLS 1.3 starting UAG 2309
  • Improvements to Tunnel server connection behavior for bypass flows.This may be useful for applications that leverage bypass flows or rely heavily on UDP, such as VOIP applications.
  • Improvedin-apptroubleshooting support:
  • Debug log timer
  • Diagnostic log retrieval

Resolved Issues:

  • PPAT-17109 - IP/CIDR Device Traffic Rules are not enforced in Full Device mode

 

Workspace ONE Tunnel for Windows 24.08

  • Improved Device Traffic Rules Delivery and Simplified Certificate Lifecycle
    We’ve made a few updates regarding quality and performance improvements. Tunnel configuration and DTR updates may now be delivered in real time to the Tunnel client. This has the benefit of decoupling and reducing certificate regeneration when you want to deliver Device Traffic Rules. The Tunnel client will instead check in with UEM every 4 hours and on service start.

 

Workspace ONE Content 24.09.1 for Android

  • Bug fixes and general improvements

 

Zebra MX Service v6.1 for Android- September 2024

  • Updated Target SDK to 34: Support for Android 14

 

Current Omnissa Security Advisories 

>>> No new Security Advisories this week <<<

Find latest advisories in the Omnissa Security Response Center

 

EUC UX Research Opportunities: 

  • Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
  • Interested in giving your opinion and making your voice heard? Check out what’s available!

Workspace One Intelligence - AI and Playbooks (NEW FEATURE)

  • About: To understand expectations and concerns with using AI in the Playbooks feature, and how much you’d trust it.
  • Opportunity: Variety of interactive group workshops and 1x1 conversations via Zoom. You’ll receive Omnissa swag upon completing the interview.
  • SIGN UP HERE.

Workspace One UEM - Privilege Elevation

  • About: To provide feedback on a NEW feature regarding least privilege access and limited access to end users.
  • Opportunity: Variety of focus groups and 1x1 conversations via Zoom. You’ll receive Omnissa swag upon completing the interview.

SIGN UP HERE.

Horizon Universal Console - Power Management 

  • About: To learn about how you set up and manage policies, and track resource consumption and optimization. Share your design ideas for how to improve Power Management in the console.
  • Opportunity: 45-minute, 1x1 interview via Zoom the week of October 7 and 14.
  • SIGN UP HERE.

 

KB Highlights & Announcements Week 42-24: 

Android 15 is here - Get more done, more securely

  • Android 15 starts rolling out to Pixel devices. These updates include security features that help keep your sensitive health, financial and personal information protected from theft and fraud. Plus, we’re introducing improvements for large-screen devices that help you get more done, and updates across apps including camera, messaging and passkeys.
  • Android 15 is a privacy-forward update to keep devices and personal data safer, with new productivity features to help users accomplish more with their devices. 
  • Launching new theft protection features, a private space for sensitive apps, multitasking capabilities on foldables and tablets and more.
  • Learn More at 9to5google: Google launches Android 15, rolling out now to Pixel

 

Omnissa Product Logos Get a Fresh New Design!

 

iOS Tunnel 24.08 TLS Handshake failed (6000365)

  • We have received reports that after the recent iOS Tunnel 24.08 client update, some users are unable to connect to the Tunnel server and receive a TLS Handshake error. 
  • An update was made to the iOS Tunnel client 24.08 that introduces support for TLS 1.3. Customers using UAG and TLS Port Sharing for multiple edge services will face an issue related to Server Name Indication (SNI) that is used to route applications to multiple edge services.
  • This workaround is applicable if the UAG is not running the Web Reverse Proxy service. No other edge services will be impacted. (see KB for details)

 

Apple MobileSSO fails in iOS 18.0 and 18.1 (6000361)

  • Users are unable to login to Omnissa Access using Apple MobileSSO in iOS 18.0, 18.1. Additionally, in MacOS 15, a delay is observed to show the certificate picker.
  • In iOS 18, 18.1 and MacOS 15, a delay is observed to show the certificate picker. Apple MobileSSO extension has a timeout setting for the SafariViewController (SVC) panel, and when SVC takes longer than the timeout set for the certificate picker loading, the extension dismisses the SVC panel before a certificate has been selected, causing authentication failure.

 

Workspace ONE Assist - Message failed error while establishing an Assist session (v24.03) (6000178)

  • A "Message Failed" error is encountered during the first step of the Assist connection sequence.
  • The fix has been deployed to all SaaS servers, and On-Premise details will be updated soon
  • This issue does not affect Assist functionality; sessions continue to establish successfully.

 

Workspace ONE UEM – Inconsistent Profile Delivery – October 14th, 2024. (6000362)

  • On October 14th, 2024, the Omnissa teams identified several errors which indicated key services involved in the resource delivery workflow were unable to communicate. Further investigation determined that these errors were observed post a standard credential rotation, a key process to ensure service to service communication remains secure. During this rotation services did not successfully update the credential within the affected service instances resulting in the observed errors and affected profile delivery.

 

AAPP-18130 & AAPP-18137 - Workspace ONE UEM - Apple Platform Single App Mode Profile, Content Filtering Profile, and Profile Status Reporting (6000355)

  • The Omnissa teams have identified several scenarios affecting the Apple platform’s ability to deploy specific profile types and accurately report the installation status of profiles. Apple platforms are currently receiving errors when attempting to install single app mode and content filtering profiles. Additionally, Omnissa introduced a functional change to how Apple platform devices report profile installation status which can lead to misleading reporting states in the Workspace ONE UEM console. The installation status change does not have any functional impact on devices receiving or deploying standard iOS profiles but can cause up to a 10-minute delay in the successful status reflecting on the Workspace ONE UEM console

 

Automating UEM and Hub Services tenants for Customers (6000163)

  • The UEM Legacy (AirWatch) App Catalog will not be supported after January 31, 2025. Migration to the Intelligent Hub App Catalog is required by April 30, 2025. For details, refer to KB 95774.
  • This notification can be disregarded if you already have UEM and Hub Services integrated. Navigate to Groups and Settings > Devices & Users > General > Enrollment > Hub Integration to verify if you have integrated Hub Services.
  • For Customers that do NOT yet have UEM and Hub Services integrated, to facilitate a seamless transition to Hub Services enabled Catalog in WS1 Intelligent Hub, Omnissa will be integrating your UEM tenant and Hub Services (or WS1 Access) tenant for you. 

 

Update to Google Beyondcorp Context Aware Access configuration (6000356)

  • Customers leveraging the integration between Workspace ONE UEM and Google BeyondCorp Context Aware Access, may need to update the Access Level in the Google Admin Console to ensure compliant devices are not denied access to Google Workspace applications.
  • As part of the divestiture from Broadcom, we have been updating Workspace ONE UEM artifacts to reflect our new entity, Omnissa. An update to the vendor name in Google's Admin Console from "VMWare" to "Omnissa" was deployed at an unintended time. As a result, customers with an Access Level using the Vendor name attribute (example, below) may see access to Google Workspace apps affected on compliant devices.
    device.vendors["VMWare"].is_compliant_device == true

 

HW-214055: Workspace ONE Access 24.07 patches to fix upgrade issues and liquidate issue on the DROP sequences (6000354)

  • As part of upgrade from 22.09.1.0/23.09.0.0 to 24.07.0.0 fails with error “ Error - Packages- <list of packagenames> - not available in the target repo “
  • Post upgrade from 22.09.1.0/23.09.0.0 to 24.07.0.0 failure, vCenter Console shows "Error 15: File not found" and appliance will not boot up
  • Post upgrade from 22.09.1.0/23.09.0.0 to 24.07.0.0, horizon service fails to come with error "DROP sequence failed with sequence does not exit error"

 

High Priority KBs: 

Recently updated or added KBs (Links) 

 

Digital Workspace Techzone, Blog and YouTube Updates 

 

3rd Party Blog Updates & Industry News 

 

Beta, Lab and Tech Preview Updates 

Workspace ONE Web 24.10 for iOS

  • IBRW-175836: Allow sync by pull to refresh in Normal mode and Multi tab kiosk mode
  • IBRW-175853: Lockdown Mode support
  • IBRW-176038: iOS Web supporting Safari Web inspector for Web page debugging

Bugs Fixed:

  • IBRW-176040: 2nd URL loading slow when open from Boxer to Web.

 

Workspace ONE Web 24.10 for Android

  • ABRW-175976: Allow sync by pull to refresh in Normal and Multi Tab Kiosk mode

Bugs Fixed:

  • ABRW-176135: Fix for missing Video recording option from App Chooser tray in Android Web

 

Horizon Clients 2406.1 for Windows

  • Security updates
    • This release includes updates to fix critical security vulnerabilities.
  • Improved upgrade support
    • This release includes changes that will ensure the functionality of future Horizon Client upgrades.
  • Upgrade to Microsoft .NET 8.0
    • This release is built on version 8.0 of the Microsoft .NET application platform.
  • Access to cloud-based entitlements in Omnissa Workspace ONE mode
    • This release supports access to Omnissa Horizon Cloud Service - next-gen desktops and applications in Workspace ONE mode, which an administrator can enable in Horizon Universal Console. In this mode, users must use Workspace ONE Intelligent Hub to connect to the Horizon Cloud Service - next-gen portal and open desktop and application sessions. Users cannot open desktops and applications directly from Horizon Client, ensuring that conditional access policies in Omnissa Access are enforced.

 

Workspace ONE Content 24.10 for iOS

  • Screenshots and recordings will be obfuscated if the admin disables the screenshot feature.

Bugs Fixed:

  • ISCL-184027 - User is prompted multiple times for repository authentication
  • ISCL-184016 - iOS content app crash while opening .msg file

 

WS1 Boxer 24.10 for Android

  • Contact cache control
    • This feature allows users and admins to turn off contact suggestions when composing emails while maintaining access to mailbox contacts and the GAL, improving security and reducing the risk of sending emails to the wrong recipients.
    • An application-level Boolean KVP DisableContactCache is available. Its default value is FALSE. If set to TRUE, contact cache is disabled, but users can still search the mailbox and GAL.
    • A toggle for "Enable Contact Suggestions" is available in the user settings under the "Email" section.
    • If the KVP is set via the console, the user-configurable option in the app is disabled.
  • Quality improvements and crash fixes
    • Bugs Fixed
      BINXA-20355 [Calendar] Email organizer of event as attendee from calendar event view
      BINXA-20357 Cannot add attachment with Attachment New UI enabled on unmanaged account
      BINXA-20435 Calendar - Cancel occurrence cancels whole series on Boxer

 

Sign up or LogIn [HERE] to get access to the latest Beta versions.

 

October Software Releases 

 

System

Component

Release

Announcement

Release Date

iOS

Hub

24.08.1

Release Notes

30.09.24

Android

Boxer

24.09

Release Notes

01.10.24

Backend

WS1 Intelligence

24.09.30

Release Notes

30.09.24

Android

Hub

24.09

Release Notes

staged

Android

Content

24.09

Release Notes

15.10.24

iOS

Boxer

24.10

Release Notes

10.10.24

iOS

Content

24.08.1

Release Notes

10.10.24

Windows

Tunnel Win10

24.08

Release Notes

10.10.24

Backend

WS1 Intelligence

24.10.07

Release Notes

07.10.24

iOS

Web

24.08

Release Notes

04.10.24

iOS

Tunnel

24.08

Release Notes

14.10.24

Android

Zebra MX Service

6.1

Release Notes

11.10.24

iOS

Hub

24.09

Release Notes

18.10.24

 

Patch & Seed Script Updates Week 42-24 

OS Updates Seed Script

  • iOS 18.0.1 (22A3370) and macOS 15.0.1 (24A348)
  • Last Update: CW41

 

Seed Script for latest Device Model Information

  • Seed Script to support 
    • iPhone 16
      iPhone 16 Plus
      iPhone 16 Pro
      iPhone 16 Pro Max
  • Last update: CW40

 

Workspace ONE UEM 23.02

  • Patch Level 23.02.0.52
  • PPAT-17448 - Tunnel client not reconnecting once the device regains compliance. 
  • MACOS-4942 - Smart group assignment for the macOS internal app fails to be assigned for a couple of users’ devices. 
  • CRSVC-51130 - Add code block on the UEM side to block Conditional access configured at any other customer OG if it is already configured for once customer OG within same UEM environment. 
  • AMST-42076 - Time zone displayed in Scripts tab is different from the Execution logs.
  • Last Update: CW38

 

Workspace ONE UEM 23.06

  • Patch Level 23.06.0.41
  • MACOS-4815 - macOS device model seeding API implementation. 
  • CMSVC-18185 - Disable smart group tenancy correction support from UEM production environments.
  • ARES-30025 - DDUI - Removing new smart group assignment clears existing smart groups.
  • AMST-42069 - Time zone displayed in the Scripts tab is different from the Execution logs.
  • AAPP-17951 - Update the VPP notification status sync job to discard the duplicate notifications.
  • Last Update: CW38

 

Workspace ONE UEM 23.10

•Patch level 23.10.0.36

  • PPAT-17066 - Improvement to prevent crash of DDUI profile page if tunnel health is down.
  • UM-9174 - Unable to switch basic users to AD users through the User Migration tool.
  • Last Update: CW41

 

Workspace ONE UEM 24.02

  • Patch Level: 24.2.0.17+18
    • 24.2.0.17
    • UM-9294 - Attribute sync is failing post upgrade to 2402 console version.
    • UM-9173 - Page crashes when trying to load user group list view page.
    • UM-9083 - Issue with Directory Admin login after making any changes to the admin role or account.
    • UM-9079 - Connections to LDAP/AD needs timeout.
    • PPAT-17160 - Update UEM Tunnel Service to .NET 8.
    • CRSVC-52975 - Request getting rejected in Boeing with 429 error.
    • CRSVC-46583 - Migrate DSM service code to .NET 8.0.
    • CMSVC-18231 - Smart group rules are being removed from evaluation flow during device event race condition.
    • ARES-30227 - Add logs for adding profile assignment.
    • ARES-30171 - Incorrect profile DT page counts of child OGs.
    • ARES-29939 - Unable to save Boxer configuration in the UEM console (multiple customers).
    • ARES-29837 - Update the version of .Net Referenced by Metadata Transform Service to 8.0.
    • AMST-42162 - Seed Windows Hub 24.4.11.0 x86 and ARM64 MSI to the UEM console master.
    • 24.2.0.18
    • UM-9168 - Scim user API throws error while patching user data if the path is not supported and value is empty or null.
    • AGGL-17044 - Highly intermittent failures in Smart Group Reconciliation for Zebra Devices where Make/Model criteria is used.
    • UM-9174 - Unable to switch basic users to AD users through the User Migration tool
    • PPAT-17066 - Improvement to prevent crash of DDUI profile page if tunnel health is down.
    • CMCM-191091 - Duplicate entries returned for new folder resources created on the NFS repositories.
    • CMCM-191121 - Content locker application shows foreign folder names and intermittent issues with files missing or displaced.
    • ESI-109 - Improve logging for email notification flow.
    • Last Update: CW42

 

Workspace ONE UEM 2406

  • Patch Level: 24.6.0.6+7
    • 24.6.0.6
    • AAPP-18129 - Single app mode profile not installing on iOS devices.
    • 24.6.0.7
    • AAPP-18129 - Single app mode profile not installing on iOS devices.
    • AAPP-18134 - Delayed UI reporting of profile or app installation statuses.
  • Last Update: CW41

 

 

 


Comments