Release Updates:
- Redesigned Home page: The Home page is redesigned with two distinct experiences.
- The Overview tab provides:
- Single Sign-On (SSO) access to all the services you are entitled to.
- Access to add Support Requests.
- Access to other Omnissa Resources like Customer Connect, Tech Zone, and Health & Environments information.
- The Discover More tab helps you to discover and try new services.
- Consolidated role assignment: Role assignments for Omnissa Workspace ONE, Omnissa Horizon, Omnissa Access, and Omnissa Intelligence are now consolidated in the Administrator Access area in Omnissa Connect. With this feature, you can assign roles across all these services.
- Improved Organization selection during onboarding: During initial onboarding, you can now choose to create a new organization or select an existing organization as part of the onboarding experience.
- Support Request view: The Overview page provides a list of open Support Requests (SR) that belong to the Enterprise Account (EA) of the Administrator (user) who is accessing the page.
- To see SRs, your email ID must be part of the EA.
- Currently, you can only view SRs that are in an Openstate.
- You can navigate to Customer Connect from the Overview page to view all SRs and to create new ones.
- Omnissa Identity Management access: The Omnissa Identity Management experience flows have been moved to Omnissa Connect. You can access Identity Management in the left navigation.
- Omnissa Connect currently supports the English language. Additional language support is scheduled for future releases.
- With the release of Omnissa Connect, we’ve moved Omnissa Services tiles from Omnissa Intelligence to the Omnissa Connect Homepage, in the Launch Servicesarea.
- To navigate to the Omnissa Connect Home page, use the square menu in the top right header and select Omnissa Connect from the Applications list view.
- For details about the Omnissa Connect release, see the Omnissa Connect Release Notes
- Resolved Issues
- FS-6890: Fixed an issue where workflows with trigger type of Schedule could not be created or updated.
Workspace ONE Content for iOS 24.11.2
- Bug fixes and general improvements
Workspace ONE Intelligent Hub 24.04.14 for Windows
- Bug Fixes Only
- HUBW-17365 Delete Archive Apps from HubCache
- HUBW-17286 Script is not visible under script tab on device detail page
- HUBW-17284 DSM Sync Failing due to LastStatus being sent as NULL - 2404
- HUBW-17248. Enrolled user SID Mismatch with HUB 24.4.12 and UEM 23.10
- HUBW-17232 Troubleshoot 3M hits to Intel dlls issue
- HUBW-17099. Mod Stack / Windows - Hub is trying to install / remove older versions of apps that are not assigned to devices
- HUBW-17074. BitLocker not following defined suspension schedule
Workspace ONE Web SDK 24.11.1 for iOS
- IBRW-176222: 24.11 WebSDK modifies user-agent header of all requests, causing all iOS Hub MTD graphene tests to fail
Omnissa Identity Service January 2025
- Omnissa Identity Service is now part of Omnissa Connect, a new web-based service that provides a centralized access point for all Omnissa services and solutions. In the Omnissa Connect console, select End User Managementin the left pane to access and configure Omnissa Identity Service.
- Your existing Omnissa Identity Service configuration has not changed with the move from Workspace ONE Cloud Admin Hub, the Workspace ONE Cloud console, to Omnissa Connect.
For more information, see:
Workspace ONE ITSM Connector - 7.0.0
- Starting with this release, the app has been rebranded in the ServiceNow Store to Omnissa Workspace ONE ITSM Connector. All subsequent releases of the ITSM Connector will be published under the Omnissa banner and branding.
- Launcher Actions
- A new device action for Android devices using Launcher. ServiceDesk can now remotely make Android devices:
- Enter launcher admin mode
- Exit launcher admin mode
- Exit Launcher mode
- Beyond ITSM
- Customers can enable the ITSM Connector features on any ServiceNow module. This takes us beyond Incident Management and into other ticket types like interaction, Security incident, Knowledge base articles, etc.
- Additional Device Information
- New fields have been added to the device info page such as:
- Partner Compliance ID
- Compliance Status
- Serial and Friendly Name
- Will now be appended to the Notes every time an action is initiated.
- Sorting and Searching
- Enabled for all lists created in the ITSM Connector. Customers can now sort and search a list of devices, Applications, Profiles, Products, etc. The Default sort on the list of devices shall be on last seen (most recently seen on top).
- Uninstall Profiles and Apps
- Customers can now Uninstall Apps and Profiles. This extends the capability to Install and Reinstall Apps and Profiles that were available in earlier versions.
- Device Persistence Based on Last Opened Device
- The details of the last opened device will show up each time the same ticket is accessed by multiple Service Desk Associates. Previously, the CI attached with the incident was persisting.
- New Role Names
- All the roles associated with each action name have been renamed. All role names have changed from x_vmw_ to x_omnis_.
- Xanadu Compatible
- This version of the ITSM Connector is compatible with Xanadu version of ServiceNow. We will support Yokohama within 60 days of Yokohama being GA.
Workspace ONE Hub Services February 2025
- Ability to send Targeted Hub notifications via Email List
The IT Communications teams can now send Hub notifications directly to a list of email addresses, streamlining the process and removing the need to create or maintain User Groups or Smart Groups just for sending notifications. This new feature allows users to provide an email list, using the new ‘Email Recipients’ Target Audience Type, while creating the notification through the Hub Services Admin console, compose the notification message, and send it directly to the specified recipients.
Ideal for one-time or ad-hoc communications, this feature saves time and reduces administrative effort. Admins need to make sure that they are providing a maximum of 50 email IDs which are valid and correctly formatted to send notifications using this functionality.
- Enhanced Survey and Notification Analytics Data
To further enhance the insights provided by Hub Survey and Notification analytics, additional fields are now included in the analytics data sent to Intelligence. These new fields offer deeper visibility into device details and user contact information, enabling more comprehensive dashboards and reporting. With this enhancement, customers can better analyze the devices involved in surveys and notifications, and, if necessary, directly contact users to address specific issues or gather feedback.
The new fields are:
- User email address
- Device model
- Device OS Platform
- Device OS version
- Device friendly name
- Phone number
- Device Enrollment date and time
This improvement helps customers gain a clearer understanding of device attributes and user context, making Hub Survey and Notification dashboards even more valuable for decision-making and user engagement.
- Support for TLS 1.3 in the Access Certificate Authentication Service
Access Certificate Authentication Service (CAS) is now upgraded to support TLS 1.3, improving the security of the service. The TLS upgrade also resolves the issue where early releases of iOS 18 and MacOS 15 exhibited a delay associated with session renegotiation.
The CAS service hostname has been changed as part of the TLS 1.3 upgrade. This change might impact customer environments that have proxy or firewall configurations, or identity certificate profiles, with the CAS service hostname configured. See Knowledge Base Article 6000726 for more details.
- New Audit Events for FIDO2 token registration
New audit events are introduced to provide additional debugging information for the FIDO2 token registration process. Audit events capturing successful and failed token registration details are available with this change.
- Updated FIDO2 login prompts
With the updated FIDO2 authentication screens, users are prompted with a simpler and cleaner FIDO2 login screen. The login prompt to select FIDO2 authenticators can be removed from the login process through a new configuration option. Administrators can also optionally remove FIDO2 registration links from the login screens and have users register FIDO2 exclusively through the Intelligent Hub self-service portal.
Current Omnissa Security Advisories
Find all latest advisories in the Omnissa Security Response Center
Omnissa UX Research Opportunities:
- Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
- Interested in giving your opinion and making your voice heard? Check out what’s available!
From Frustration to Freedom: How AI Could Redefine Employee Self-Service
- About: Design wants to better understand how AI could be leveraged by your employees for self-service. For example, what if AI could help your end users fix a security vulnerability on their smartphone? What if AI could answer questions for your end users about any open health issues on their devices?
- Opportunity: 1-hour focus group via Zoom on Wednesday, January 29 (Group A at 7am PST / Group B at 11am PST)
- Relevant for: IT Admins involved in Employee Experience and/or ServiceDesk.
- SIGN UP HERE
KB Highlights & Announcements:
- Exciting news for Android enthusiasts! Google has unveiled the first beta version of Android 16, with a potential stable release slated for later in 2025. This early glimpse into the next major Android iteration promises a host of new features and enhancements, including revamped volume controls, a sharper UI, and improved accessibility.
- Stay tuned for more updates as the Android 16 beta program unfolds, offering early adopters a chance to experience the latest innovations and provide valuable feedback to Google.
Manual Workspace ONE Intelligent Hub application Drop Ship (offline) PPKG support (6000724)
- Some customers attempt to package the Workspace ONE Intelligent Hub as a separate application within the Workspace ONE UEM Console. This is a common practice to deploy updated versions of the Intelligent Hub. However, adding it manually to the PPKG (Provisioning Package) is not supported because the Intelligent Hub is already included automatically in the provisioning package. If a customer adds the Hub to the PPKG manually:
- The PPKG itself is applied successfully, but
- The device will not be enrolled to Workspace ONE UEM.
[Modern Architecture] ChromeOS Device Sync fails (6000731)
- Not able to sync Chrome OS device when performing device sync from Chrome OS EMM Registration page
Product Version: Workspace ONE UEM 2410
- This issue is resolved in Workspace ONE UEM 2410.
AAPP-1832: Unable to deploy VPP apps to User Enrolled devices (6000729)
- Volume purchase program (VPP) apps are failing to install on iOS devices enrolled via User Enrollment. For more information on User Enrollment, please see User Enrollment and MDM.
- Affected Versions
- All versions of Workspace ONE UEM.
- Apple recently changed their VPP APIs pertaining to user-based VPP licensing with Managed Apple IDs. This change unfortunately broke Workspace ONE UEMs ability to deploy VPP apps iOS devices enrolled via User Enrollment.
- We have already resolved this issue for net-new User Enrollments as of the following Workspace ONE UEM versions
Create a sensor for workflowd version on macOS (6000728)
- Customers may want to create a sensor that reports the installed version of workflowd on their macOS devices.
- To create a sensor that reports the installed version of workflowd, follow the steps below:
- Inside the Workspace ONE UEM Console, Navigate to Resources → Sensors
- Click “Add” then “macOS”
- Name your sensor and set a description
- Configure the sensor as follows:
Depreciation of CMS Component in Horizon Agents (6000673)
- Horizon Agent 2412 release removes the Horizon Cloud Monitoring Service (CMS) agent from the Horizon Agent 2412 installation binary. This means the Horizon Agent 2412 for Windows will no longer include the Cloud Monitoring Service agent, and upgrading to the Horizon Agent 2412 will remove the Cloud Monitoring Service agent from the desktop image. Upgrading to the Horizon Agent 2412, without the Horizon Cloud Monitoring Service Agent, will prevent telemetry from populating in the Workspace ONE Horizon Cloud First Gen dashboards.
Known Issue: CRSVC-57560 - Incorrect Application Installation status displayed in Device Details and
- The application installation status for some devices in the Device Details → Apps tab and the Deployment Tracking screens for the apps is displayed as,
- "Not Installed," even though the application has been installed on the device.
- “Installed but not assigned” even though the device has the correct version installed and assigned.
Omnissa Workspace ONE Assist macOS v24.11 is currently unavailable for download (6000732)
- Omnissa Workspace ONE Assist macOS v24.11 introduced updated Omnissa branding but did not include new features. However, a copatible version of macOS Hub has not yet been released, leading to confusion in the field. To address this, product teams have decided to limit the availability of v24.11 until a compatible version of macOS Hub becomes generally available (GA).
- There is no resolution currently. The product teams are actively working to release versions that ensure compatibility. This KB will be promptly updated.
ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Archi
- Admins are not able to sort applications appearing on the Apps tab of the Device Details page in modern architecture enabled UEM environments. In legacy UEM environments admins were able to sort applications by their name.
- The apps listed under Apps tab are not sorted alphabetically by default. In legacy UEM environments, the app list was sorted alphabetically by default.
Preparing for Workspace ONE Modern SaaS Rollout (Managed Hosting / Dedicated Cloud Customers)
- For Shared SaaS, environments have already been enabled or will be enabled automatically in the near future
- Familiarize yourselves with upcoming changes with Modern SaaS, including changes in workflows, terminology, and known issues. (See – TechZone article here.)
- Request environment migration with the Omnissa account team (CSM, TAM, AE, SE) once ready. The team will work internally to request an enablement week on your behalf.
- Environment clean-up* (resources outside of tenant boundary e.g., global resources).
- Remove/migrate invalid resources (apps, profiles, policies) from the console.
- Remove/migrate invalid SGs.
- Ensure all users/devices are at or under Customer/Partner OGs. If users exist above Customer/Partner OGs with devices enrolled, device enrollment may be required.
- Validate Smart Group & app exclusion. See KB here.
- Update Workspace ONE UEM to the latest version prior to Mod Stack enablement, minimum UEM 24.06.
- Review the list of known issues and changes aggregated in the weekly newsletter below. Ensure resolutions/workaround are implemented as applicable.
- Develop a testing plan post migration and communicate with internal stakeholders.
- KB Article Overview
- Announcement & Updates
- Administration changes for Workspace ONE UEM Modern SaaS Architecture | Omnissa
- Workspace ONE UEM – Modern SaaS Architecture Rollout – December Update (6000206)
- Tagging Operations Behavior Change in Mod Stack Enabled Environments
- Smart Group exclusions now managed at version level in modern SaaS architecture enabled Workspace ONE UEM Environments (6000662)
- Application and Profile management restricted to Customer Organization Group (and Partner Organization Group) or below in Modern SaaS architecture enabled UEM environments (6000196)
- Introducing WS1 UEM Next-Gen SaaS: Device List View, Resource Delivery and Deployment Tracking Modernization Improvements in Tech Preview Environment CN135 (94042)
- Modernization Update: Consolidated Modernized Services for Hosted SaaS (91520)
- Known Issues – Resolved
- Intelligent Hub for macOS must be upgraded to version 24.07.1 to prevent macOS Profile removal from being blocked with Mod Stack(Resolved in macOS Hub 24.07.1+)
- Profiles Assigned Through Freestyle Workflows Installed on Unintended Devices (6000667)(Resolved in UEM 24.06.0.13+)
- macOS Profiles shows “Installed but not assigned” and contains profile duplicates (6000682) (Resolved in macOS Hub 24.07.2+)
- [Modern Architecture] ChromeOS Device Sync fails (6000731)
- ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Archi
- Known Issues - Ongoing
- ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Architecture Enabled UEM Environments (6000670)
- Evaluated device count higher than Assigned count in Deployment Tracking for Modern SaaS architecture enabled UEM Environments (6000191)
- Known issues of Product Provisioning in the UEM modernized stack (6000686)
- Workspace ONE UEM – Modern Stack Device-Based Events are not exported via Syslog Integration (6000677)
- ARES-30657 – For some internal apps, devices receive lower app version instead of the highest assigned version in modern-architecture enabled UEM environments (6000718)
- FileVault Recovery Keys are missing for macOS devices after Modern Stack Migration (6000719)
- FileVault Disk Encryption Pop Up for macOS Devices after Modern Stack Update (6000722)
High Priority KBs:
- Omnissa new world link directory
For an overview about links to customer portals and relevant information follow the above link. - System Migration Changes Impacting Workspace ONE and Horizon Customers (97841)
The end-user computing (EUC) division of Broadcom will transition from VMware-hosted systems to EUC-hosted systems in April and May 2024. This transition is part of our preparation to become a standalone entity following the acquisition of EUC by KKR.
Recently updated or added KBs (Links)
- [Modern Architecture] ChromeOS Device Sync fails (6000731)
- CRSVC-55166 – Resource Name not Visible in Device Troubleshooting Logs (6000714)
- Profiles Assigned Through Freestyle Workflows Installed on Unintended Devices (6000667)
- Antivirus executable exclusion list for Omnissa Horizon (2082045)
- AAPP-1832: Unable to deploy VPP apps to User Enrolled devices (6000729)
- Create a sensor for workflowd version on macOS (6000728)
- [Resolved] Known Issue: ARES-31053 - Unable to Create or Update Assignments for macOS Apps (60
- HW-192214 - Access Certificate Authentication Service update for TLS 1.3 support (6000726)
- Depreciation of CMS Component in Horizon Agents (6000673)
- Known Issue: CRSVC-57560 - Incorrect Application Installation status displayed in Device Details and
- ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Archi
- Manual Workspace ONE Intelligent Hub application Drop Ship (offline) PPKG support (6000724)
- Omnissa Workspace ONE Assist macOS v24.11 is currently unavailable for download (6000732)
Digital Workspace Techzone, Blog, Community and YouTube Updates
- Three Ways to Improve Security on macOS Devices with Workspace ONE UEM - Part One
- New Workspace ONE UEM Windows Server Support
- Announcing Windows Administrative Template (ADMX) Profiles
- The key product releases that propelled Omnissa into 2025
- Omnissa Connect: Designed to simplify your digital workspace
- Stay ahead of mobile threats in 2025 and beyond
- 5 reasons to go cloud forward with Horizon
3rd Party Blog Updates & Industry News
- TheDXT: Omnissa Horizon Client Default Server
- VDIhub.fr: Blast Configurator
- Google Blog: All the Android updates coming to the Samsung Galaxy S25 series and more
Beta, Lab and Tech Preview Updates
>>> No new Beta Release this week <<<
Sign up or LogIn [HERE] to get access to the latest Beta versions.
January Software Releases
System | Component | Release | Announcement | Release Date |
Backend | Assist | 24.08.02 | 02.01.25 | |
Backend | SEG | 2.31 | 07.01.25 | |
Backend | Intelligence | 25.01.13 | 13.01.25 | |
Android | Zebra MX Service | 6.2 | 14.01.25 | |
Horizon | Horizon Cloud Service Next Gen | January 16 | 16.01.25 | |
iOS | Content | 24.11.2 | 20.01.25 | |
iOS | Web SDK | 24.11.1 |
| 22.01.25 |
Windows | Hub | 24.04.14 | 23.01.25 | |
Backend | Omnissa Intelligence | 25.01.21 | 21.01.25 | |
Backend | ITSM Connector for ServiceNow | 7.0 | 20.01.25 | |
Backend | Omnissa Identity Services | January 2025 | 21.01.25 | |
Backend | Hub Services Cloud | February 2025 | 23.01.25 | |
Backend | WS1 Access Cloud | February 2025 | 23.01.25 |
Latest Patch & Seed Script Updates:
- Seed tvOS 18.2.1 (22K160)
- Last Update: CW04
Seed Script for latest Device Model Information
- Seed Script to support
- iPad mini 7th Generation and 2024 iMac, MacBook Pro and Mac mini
- Last update: CW45
- Patch Level 23.02.0.52
- PPAT-17448 - Tunnel client not reconnecting once the device regains compliance.
- MACOS-4942 - Smart group assignment for the macOS internal app fails to be assigned for a couple of users’ devices.
- CRSVC-51130 - Add code block on the UEM side to block Conditional access configured at any other customer OG if it is already configured for once customer OG within same UEM environment.
- AMST-42076 - Time zone displayed in Scripts tab is different from the Execution logs.
- Last Update: CW38
- Patch Level 23.06.0.44
- UM-9142 - OG Consolidation script execution failure due to incomplete LDAP sync job.
- UM-9111 - Console event is not generated when an administrator account is deleted.
- UM-9083 - Managed By Organization Group for administrator account changes when role assignments are modified.
- UM-8878 - User provisioning through SCIM APIs may fail due to character length limitations.
- UM-8753 - SAML authentication response validation is disabled for Omnissa Identity Services integration.
- RUGG-13304 - Relay servers were unable to connect to the Console when default Mac address was used in the discovery text.
- CRSVC-56124 - Make previous supported versions compatible to auto-update ACC.
- ARES-29981 - Few apps cannot be assigned to newly enrolled devices after migrating from On-prem to SaaS environment.
- ARES-25476 - Profile installation status inconsistent between Device Details Profiles tab and ‘View Devices’ screen for profiles installed through Workflows.
- AMST-42510 - Removed URL encoding while uploading icon from EAR.
- AMST-41549 - Remove the version check from the seeded apps in the mapping table.
- AAPP-18323 - Unable to install User-Based VPP app on devices that are User enrolled.
- AAPP-18094 - Fix to prevent returning process-related exceptions except UnAuthorized on Apple callback API.
- Last Update: CW03
- Patch level 23.10.0.43
- RUGG-13303 - Organization Group change for Zebra Printers does not automatically update the SmartGroup subscriptions.
- MACOS-5322 - MacOS devices not completing enrollment as expected and Getting stuck on “waiting for management” server while DEP enrollment.
- ARES-30902 - Devices failing to install Internal App within 24 hours of receiving install instructions may install latest version afterwards.
- Last Update: CW03
- Patch Level: 24.2.0.23
- UM-8892 - Admin group creation UI fails to save when locale is non-English.
- RUGG-13304 - Relay servers were unable to connect to the Console when the default Mac address was used in the discovery text.
- RUGG-13280 - Manual Sort is not working for the manifests in Files or Actions component.
- RUGG-13278 - Export functionality for the assigned device list in a Product is not working.
- RUGG-13256 - Page crashing while re-processing the product on devices.
- RUGG-13040 - Products being pushed to unintended devices when assignment rules have integer-based custom attributes.
- FCA-208683 - Intelligence opt-in flow showing error screen after the first step
- FCA-208159 - Remove setting for enabling in-product support from the console.
- ESI-399 - Console enrolls device with token registered to another user.
- CRSVC-56124 - Make previous supported versions compatible to auto-update ACC.
- CRSVC-55376 - ITrafficThrottling does not appear to be registered correctly for Device Management - Mutual TLS CFG.
- CRSVC-52195 - Fix Windows certificate sample sorting to avoid duplicate key error.
- ARES-28716 - iOS Public App Search shows Page Not Found error when switching country.
- AMST-42501 - Firewall Profile failing to install on Windows 11 systems.
- AMST-42060 - Queue is backing up frequently.
- AAPP-18323 - Cannot install user-based VPP app on Device that are user enrolled.
- AAPP-18090 - VPP apps install delay.
- Last Update: CW51
- Patch level 24.6.0.18
- ARES-30950 - Changing organiZation group from App or Profile Deployment Tracking page does not automatically refresh the deployment tracking data specific to that OG.
- ARES-31053 - While editing app assignments, Device Preview screen shows platform as ‘Win_RT’ instead of Windows.
- AAPP-18588 - An error has occurred’ page is seen when a new Purchased app is saved for publishing.
- AAPP-17449 - Apple device does not respect ‘Enrollment Type’ restriction policy.
- FCA-209412 - Page not found error thrown when accessing the ‘Cookie Usage’ screen.
- ARES-29109 - Creating a DDUI profile with payloads containing dynamic tabs nested within a static tab results in a corrupted payload.
- AAPP-18266 - Device initial configuration with DEP enrollment might fail intermittently.
- AAPP-17946 - Empty app config is delivered to the device in a specific update scenario of internal iOS app.
- RUGG-13278 - Export functionality for the assigned device list in a product is not working.
- MACOS-5398 - Fastlane notifications were not being sent for application publish.
- MACOS-5322 - macOS devices not completing enrollment as expected and getting stuck on “waiting for management” server while DEP enrollment.
- ARES-31051 - MDM Get API to fetch profiles (by OG UUID) configured in an OG is returning ‘Internal Server Error’.
- CMEM-187120 - MEM: Powershell - No longer able to manually sync/block/allow mailboxes under the email list view.
- AAPP-18289 - Added a new profile key to Skip Web Content Filtering during DEP Setup on iOS.
- RUGG-13303 - Organization Group change for Zebra Printers does not automatically update the SmartGroup subscriptions.
- MACOS-5387 - Recovery keys in DST were removed if the security information sample does not contain FDE_PersonalRecoveryKeyCMS value and FDE_Enabled is true.
- ARES-30951 - Spaceman error received when clicking any hyperlink in the View Install Status popup within the custom layout of the Apps List View for internal apps.
- AAPP-18564 - Update VppUser flow to allow vppUser edit.
- FCA-209283 - Update Workspace ONE UEM Logo across the console.
- CRSVC-57534 - Incorrect Application installation & management status displayed in Device Details and Deployment Tracking for Applications.
- CRSVC-57544 - Uploaded mobileconfig profiles now works with Desired State Management.
- Last Update: CW04
Disclaimer
Please note: All information in this Newsletter is statically copied from various sources. Once published, these sources won’t be checked and the Newsletter won’t be updated retrospectively. In case of doubts, always check and refer to the linked source in Omnissa Docs, Techzone or Knowledgebase.
Comments
Post a Comment