Omnissa Newsletter - Week 47

 

 
Upcoming Omnissa Events

 

Event	Link and description	Speakers	Date
Omnissa Online	[REGISTER HERE] If you couldn’t make it to Omnissa ONE in person, don’t worry: we’re here with an exclusive online event to keep you in the loop! Join us at Omnissa Online to gain new insights into improving the digital workspace experience for both IT teams and employees. You'll have a front row seat to the latest innovations across the Omnissa Platform, including the products you know best, Workspace ONE and Horizon.	Various	Tuesday 3rd December 2024, 10:30am - 12:50pm CET
Omnissa Community Events: Community & Tech Deep Dive	Introducing Omnissa | a World of EUC public webinar 04 December 2024, 16:00 CET Join @Dale Carter and @Jim Yanik as they present "Introducing Omnissa" at the World of EUC online webinar.  Omnissa Community Overview 04 December 2024, 17:00 CET Omnissa Community Overview and Why You Should Apply to Become an Omnissa Tech Insider Fortify Your Frontline: Securing the Future of Hybrid Work Elevate your security strategy with our upcoming webinar on Thursday 5th December 2024, "Fortify your Frontline: Securing the Future of Hybrid Work." Three Ways to Improve Security on macOS Devices with Workspace ONE UEM 18 December 2024, 17:00 CET Despite all the hype, macOS devices need to be secured just as much as Windows, especially in the enterprise environments.	Various	Various

 

Release Updates Week 47-24: 

New Apple Builds Are Now Available

• iOS & iPadOS 18.2, Beta 4 (22C5142a)
• macOS 15.2 Sequoia, Beta 4 (24C5089c)
• tvOS 18.2, Beta 3 (22K5148a)
• watchOS 11.2, Beta 3 (22S5094a)
• visionOS 2.2, Beta 3 (22N5794a)
• Apple Remote Desktop 3.9.8. Beta

 

Current Omnissa Security Advisories 

>>> No new Security Advisories this week <<<

Find latest advisories in the Omnissa Security Response Center

 

Omnissa UX Research Opportunities: 

• Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
• Interested in giving your opinion and making your voice heard? Check out what’s available!

Workspace One UEM - Compliance Policy (REFRESHED DESIGN)

• About: Provide feedback on an updated UEM Compliance Policy feature, including expanded capabilities and integrations.
• Opportunity: Variety of interactive group workshops and 1x1 conversations via Zoom. You’ll receive Omnissa swag upon completing the interviews.
• SIGN UP HERE

 

KB Highlights & Announcements Week 47-24: 

Smart Group exclusions now managed at version level in modern SaaS architecture enabled Workspace ONE UEM Environments (6000662)

• Customers managing internal applications have often requested more granular control over which devices can receive specific versions of an application. With legacy UEM architecture (pre-modern SaaS architecture), if a device was excluded from even one version of an application, it was prevented from receiving any version of that application. This broad enforcement didn’t align with the administrator’s need for more targeted application deployments. Although exclusions were configured at the version level, enforcement was applied at the application level, limiting flexibility. 
• With the introduction of the modern SaaS based Workspace ONE UEM architecture, exclusions are now respected at the version level, aligning the system behavior with how exclusions are configured. This change ensures that devices are only restricted from the specific versions they are excluded from, while still allowing access to other applicable versions. This aligns with long-standing customer requests to allow more granular control and flexibility in managing internal applications. 
• This article outlines the differences between how exclusions were managed in the legacy UEM architecture and how they are handled by the modern SaaS UEM architecture. It also discusses the impact of these changes on your device fleet and provides guidance on how to manage and mitigate any potential effects. 

 

HW-216272: Access Service Token out-of-bound range gives erroneous result (6000663)

• If the token time-to-live for an Access Service Client Token has a range limit and if the value is set above 35791395 minutes (~24855.14 days) , the Access TTL gets saved as 7 days.
• Versions Impacted: All Omnissa Access Cloud and On-Premise versions
• A resolution for this problem will be included in the future version of Omnissa Access Cloud and on-premise versions

 

Issue with picture/icon link present in the Default Message Templates (6000143)

• The image links present in the Default Message Templates being sent through Workspace ONE UEM are still pointing to a domain which is no longer available. As a result, the emails being sent contain a broken image error and users will be unable to download pictures in the email. 
• This issue will be resolved by introducing an updated email header in an upcoming version of Workspace ONE UEM. Please subscribe to this KB for updates as we progress on resolution of this KB.

 

Missing Microsoft Teams Online Meeting Control Bar and Small Participant Window During Screenshare (6000047)

• During a Omnissa Horizon View Desktops session, you may encounter an issue where the Teams Meeting Control Bar at the top of the desktop becomes invisible when sharing your screen via Microsoft Teams. Additionally, the participant window located in the bottom right corner may disappear when minimizing the Microsoft Teams meeting window. Although not visible, hovering your mouse over these areas will reveal that they are still present but hidden from view. This problem typically arises when using MS Teams in Non-OptimizedMode and with Nvidia vGPU cards.

 

High Priority KBs: 

• Omnissa new world link directory
  For an overview about links to customer portals and relevant information follow the above link.
• Workspace ONE UEM – Modern SaaS Architecture Rollout (6000206)
  Workspace ONE UEM has undergone a complete re-architecture to modernize the platform using microservices and containers to enable increased scalability and performance and increase the rate of innovation. Now after having conducted significant and careful testing, these architecture updates, including the new Modern Stack, will be deployed to UEM SaaS environments over the next several months. Also review: Introducing Workspace ONE (WS1) UEM Next-Gen SaaS.
• System Migration Changes Impacting Workspace ONE and Horizon Customers (97841)
  The end-user computing (EUC) division of Broadcom will transition from VMware-hosted systems to EUC-hosted systems in April and May 2024. This transition is part of our preparation to become a standalone entity following the pending acquisition of EUC by KKR.

Recently updated or added KBs (Links) 

• Boxer Outage For Personal Use (6000117)
• Cannot drag the color picker in Blender (6000071)
• HW-216272: Access Service Token out-of-bound range gives erroneous result (6000663)
• Smart Group exclusions now managed at version level in modern SaaS architecture enabled Workspace ONE UEM Environments (6000662)
• Changes in Certificate Management in UEM for Microsoft KB5014754 (6000384)
• Issue with picture/icon link present in the Default Message Templates (6000143)

 

Digital Workspace Techzone, Blog, Community and YouTube Updates 

• Omnissa tech preview of Apple Vision Pro management
• Navigate Microsoft’s App-V changes with App Volumes
• Introducing support for Apple Intelligence in Workspace ONE
• Omnissa offers Apple Vision Pro management in tech preview

 

3rd Party Blog Updates & Industry News 

• Google: Android 16 Developer Preview
• Apple: Apple security releases

 

Beta, Lab and Tech Preview Updates 

WS1 Boxer 24.11 for iOS

• Contact cache control

• This feature allows users and administrators to turn off contact suggestions when composing emails while maintaining access to mailbox contacts and GAL (Global Access List), improving security and reducing the risk of sending emails to wrong recipients.
• An application-level boolean KVP, DisableCachedContactSuggestions is available in the Workspace ONE UEM console.
   The default value of this KVP is FALSE. If set to TRUE, contact cache is deactivated, but users can still search the mailbox and GAL.
• A toggle Enable contact suggestions is available in the Workspace ONE Boxer application, in the Settings > Contacts section.
• When the KVP is set to TRUE, the user-configurable option in the Workspace ONE Boxer application is deactivated.

• Customizable signature for shared and delegated accounts

• A new setting “Signature” is introduced in the delegated/shared accounts settings screen.
• It gives the users opportunity to change the signature which is applied when they send/ reply to emails on behalf of the corresponding account.
• The setting is only local and is not synced across app instances or devices.

• Quality improvements and crash fixes
  BINXI-23972  [Widgets] Event background is wrong for shared local calendar
  BINXI-24042  [Conversation View] Hyperlink preview appears on long press when hyperlinks are restricted
  BINXI-24074  [Email] Email body is not completely rendered for some emails
  BINXI-24112  [Email Classification] Email Classification is not detected on Reply/Forward when classification marking is only in email body
  BINXI-24120  [Conversation View] Part of the conversation header is covered by the navigation

 

WS1 Launcher 24.11 for Android

• ALAU-172826: Expanded Inactivity Timer for Third-Party IDP Support
  We’ve broadened the scope of the inactivity timer to now seamlessly support third-party IDPs in addition to UEM authentication. This enhancement ensures greater flexibility and adaptability for diverse authentication needs.
• ALAU-173237: Admin Mode Auto-Timeout for Elevated Security
  Say goodbye to forgotten admin sessions! Admin Mode now features an automatic timeout, seamlessly transitioning back to user mode to safeguard against unauthorized privileged actions and enhance device security.
• ALAU-173238: Enhanced Navigation with Bottom Bar on Launcher Canvas
  Introducing a sleek bottom navigation bar for the launcher’s home screen pages! This update ensures navigation buttons (back, home, recent apps) remain clearly visible, even against background images, by adding a consistent, polished background color.
• ALAU-173245: MSAL Support for Launcher
  Added integration for Microsoft Authentication Library (MSAL) to the launcher.
  Note: While this release includes MSAL support for the launcher, full functionality for features like Check-In/Check-Out (CICO) and Global Sign-Out through Microsoft services will require corresponding updates to other components, such as Hub and UEM.
• ALAU-173471: Intel SDK Upgrade to Version 24.8.0
  Updated to the latest Intel SDK (v24.8.0) for improved performance and compatibility.
• ALAU-173747: Minimum SDK Requirement Raised to Version 26
  Increased the minimum SDK requirement to version 26, ensuring better performance and access to newer Android features.
• ALAU-17340: Branding Updates Reflecting Transition to Omnissa
  Updated branding across the platform to align with our rebranding as Omnissa.
• Issues Fixed:

• ALAU-172768: Launcher Foreground Issue Resolution
  Addressed an issue where the Launcher would immediately return to the foreground upon exit due to a known Android system limitation in clearing the Launcher as the default home app.

As a workaround, Launcher version 24.11 includes a fix to prevent this behavior when exiting the Launcher. However, please note that pressing the home button will still cause the Launcher to return to the foreground, as this is an Android system-level limitation that requires resolution by Google.

• ALAU-173511: Usage Access Permission Screen Fix
  Fixed an issue where the usage access permission screen would appear despite the skipUsageAccess configuration in the launcher profile. The launcher now respects this setting to avoid unnecessary prompts.
• ALAU-173556: Removal of System Keyboard Settings Icon on Zebra Devices
  Removed access to the system keyboard settings ("gear") icon on Zebra devices within the launcher, preventing unintended access to keyboard properties in managed environments.

 

Workspace ONE Web 24.11 for Android

• Rebranding update for Workspace ONE Web for Android

 

Sign up or LogIn [HERE] to get access to the latest Beta versions.

 

November Software Releases 

 

System	Component	Release	Announcement	Release Date
Backend	Console Installer	24.06	Release Notes	06.11.24
Backend	WS1 Intelligence	24.11.04	Release Notes	04.11.24
Android	Tunnel	24.11	Release Notes	14.11.24
iOS	Content	24.10	Release Notes	05.11.24
Backend	WS1 Intelligence	24.11.04	Release Notes	04.11.24
Android	Web	24.10	Release Notes	staged
Android	XR Hub	24.09	Release Notes	11.11.24
iOS	Hub	24.10	Release Notes	11.11.24

 

Patch & Seed Script Updates Week 47-24 

OS Updates Seed Script

• Seed macOS 15.1 (24B2083)
• Last Update: CW44

 

Seed Script for latest Device Model Information

• Seed Script to support 

• iPad mini 7th Generation and 2024 iMac, MacBook Pro and Mac mini

• Last update: CW45

 

Workspace ONE UEM 23.02

• Patch Level 23.02.0.52
• PPAT-17448 - Tunnel client not reconnecting once the device regains compliance. 
• MACOS-4942 - Smart group assignment for the macOS internal app fails to be assigned for a couple of users’ devices. 
• CRSVC-51130 - Add code block on the UEM side to block Conditional access configured at any other customer OG if it is already configured for once customer OG within same UEM environment. 
• AMST-42076 - Time zone displayed in Scripts tab is different from the Execution logs.
• Last Update: CW38

 

Workspace ONE UEM 23.06

• Patch Level 23.06.0.41
• MACOS-4815 - macOS device model seeding API implementation. 
• CMSVC-18185 - Disable smart group tenancy correction support from UEM production environments.
• ARES-30025 - DDUI - Removing new smart group assignment clears existing smart groups.
• AMST-42069 - Time zone displayed in the Scripts tab is different from the Execution logs.
• AAPP-17951 - Update the VPP notification status sync job to discard the duplicate notifications.
• Last Update: CW38

 

Workspace ONE UEM 23.10

• Patch level 23.10.0.39

• FCA-208928 - Rollback axios dependencies
• FCA-207350 - Remove VMware Analytics from UEM console - Canonical.
• ARES-29652 - Child OG remains undeleted despite the attempt to delete it
• AMST-42465 - Seed Windows Hub 23.10.11.0 x86 to UEM 2310.
• AMST-42453 - Seeding - latest SFD 23.10.5 build to UEM release - 2310.
• AMST-41549 - Remove the Version Check from Seeded Apps in the mapping table.
• AAPP-18024 - Fix data duplication in VPP asset management event data.
• AAPP-18094 - Fix to prevent returning process related exceptions except UnAuthorized on Apple callback API.

• Last Update: CW47

 

Workspace ONE UEM 24.02

• Patch Level: 24.2.0.20

• MACOS-4530 - macOs Device Model Seeding API implementation.
• ESI-332 - Revert the single advance staging user email flow changes.
• ARES-26220 - Add an iOS optional profile and verify that the chart can be added on AppAndProfile monitor.
• AAPP-18024 - Fix data duplication in vppAssetManagementEventData.
• Last Update: CW47

 

Workspace ONE UEM 2406

• Patch Level: 24.6.0.11
• UM-9315 - Unable to replace S/MIME user certificate.
• UM-9310 - Unable to update custom attributes for users using the Batch Import CSV.
• MACOS-5199 - Windows device is not consuming profile installation command.
• MACOS-5057 - DDM flag is getting updated to false on receiving the acknowledgement “Error” or “Not now” status.
• LUEM-889 - Include missing Linux feature flags in rollout stage.
• FS-6573 - Seed Mac Workflow Host in Canonical - Release 2406.
• FS-6358 - Increase device state response timeout to 20 seconds.
• FCA-208823 - Update Modstack API to run Migrations for non-partner environment.
• ESI-332 - Revert the single advance staging user email flow changes.
• CRSVC-54847 - Orchestrator API - New adhoc actions and other changes.
• CMSVC-18391 - Rule compilation failure in environment.
• CMSVC-18383 - Assignment group filters not behaving as expected for additions and Device or user filters.
• CMSVC-18374 - Reset the migration status of invalid smart group.
• CMSVC-18256 - Handle invalid smart group migration (Upgrade migration script).
• CMCM-191091 - Duplicate entries returned for new folder resources created on NFS repositories.
• ARES-30574 - Profiles showing “Out of Date” on UEM console.
• ARES-30567 - Deactivating a profile from Deployment Tracking page is not reflected correctly on the Profile List View page.
• ARES-30536 - View button showing wrong counts for Profiles from Profile List View.
• ARES-30199 - No devices present in the pending, excluded, and export response for Single App mode profile.
• ARES-30122 - Orphaned rules in ES for profiles with deleted assignments or deleted profiles.
• ARES-29939 - Unable to save Boxer configuration in UEM console.
• ARES-29637 - Assignment preview summary for assets shows inactive devices.
• ARES-29359 - High latencies for specific APIs such as MAM, Search, and apps.
• ARES-29164 - Time format mismatch issue in excel report.
• AMST-42418 - Seed Windows Hub 24.4.12.0 x86 and ARM64 MSI to UEM console main.
• AMST-42333 - SyncML generator for Windows Defender Guard Profile does not have all the expected enum definitions.
• AMST-42319 - Default 64 bit SFD to be published when Architecture is unknown.
• AMST-42236 - Windows User Mode column showing wrong information for Android & iOS devices in the DLV page.
• AMST-42059 - Firewall Profile failing to install on Windows 11 systems.
• AMST-41802 - Time zone displayed in the Scripts tab is different from the Execution logs.
• AMST-41549 - Remove the Version Check from Seeded Apps in the mapping table.
• AMST-41216 - Wireless MAC address will not display when enrolled on LAN.
• AMST-27570 - CertificateManagement: Template validation in Windows SCEP Profile.
• AGGL-17787 - High DS CPU usage at 92% for Bg load -caused by interrogator Persistance factory trying to resolve unity frequently.
• AAPP-18083 - Back-port iOS 18 & macOS 15 Restrictions & Skip Key changes.
• Last Update: CW46