Release Updates Week 14
Workspace ONE Content for iOS 24.02.1
- Bug fixes and general improvements
Workspace ONE Content for Android 24.02.1
- Bug fixes and general improvements
Workspace ONE Tunnel for Windows 24.01
- Performance optimizations for client-server communication, improved network throughput, and reduced memory footprint.
Workspace ONE Tunnel for Android 24.01.1
- In this release, we’ve made a few updates containing general quality and performance improvements with no new features.
- Resolved Issues
- PPAT-16597: Race condition during device check-in may cause Tunnel to block network connectivity and cause issues with device check-out.
VMware Workspace ONE Intelligent Hub for macOS 24.01.1
- Crashes fixes and performance improvements.
- Resolved Issues
- HUBM-8080 – Applications installed by macOS Hub are getting removed from the device.
New Apple Builds Are Now Available
New builds of the following software are now available:
- iOS and iPadOS 17.5 Beta 1 (21F5048f)
- macOS 14.5 Sonoma Beta 1 (23F5049f)
- tvOS 17.5 Beta 1 (21L5543d)
- watchOS 10.5 Beta 1 (21T5545f)
- visionOS 1.2 Beta 1 (21O5555e)
Important KB Articles and Announcements
Please note: KBs may get updated after being referenced here. Please always follow the link to the original post in kb.vmware.com
Workspace ONE UEM – Configure Idle Session Timeout for Directory and Basic administrators (97395)
- Workspace ONE UEM 2302 introduced security measures affecting Basic and Directory Administrator settings as noted on KB 90067, among which was a lowering of the timeout for Idle Sessions to 15 mins across all environments. The lowered timeout value impacted usability of the Console negatively and contributed to poor user experience. To address the feedback received on this subject, we are introducing an enhancement to allow more granular control over the Idle Session Timeout value applied to Directory and Basic administrators of your organization. Details of the enhancement and availability across environments, are noted below.
Horizon admin console is not loading after upgrading to 2312 (97455)
- In Horizon Connection Server, you see these errors similar to :
2024-03-12T19:53:17.208-07:00 WARN (1CF4-25A8) <ws_tomcatservice_init> [SharedCredManager] Certificate CertificateId:[issuer=CN=xxxxxx.certsso.vdi.vmware.com,serial=59648306213191121459708101582141891896]: wrong subject: ‘xxxxxx.certsso.vdi.vmware.com‘
2024-03-12T19:53:17.271-07:00 INFO (1CF4-25A8) <ws_tomcatservice_init> [SharedCredManager] Removed unusable certificate CertificateId:[issuer=CN=xxxxxx.certsso.vdi.vmware.com,serial=59648306213191121459708101582141891896]
2024-03-12T19:53:17.271-07:00 DEBUG (1CF4-25A8) <ws_tomcatservice_init> [SharedCredManager] Imported 1 signing certificates and 0 encryption certificates from LDAP, total=2
2024-03-12T19:53:17.271-07:00 DEBUG (1CF4-25A8) <ws_tomcatservice_init> [SharedCredManager] Choosing preferred credential
2024-03-12T19:53:17.271-07:00 ERROR (1CF4-25A8) <ws_tomcatservice_init> [SharedCredManager] Cannot initialise shared credentials manager: No valid certificates exist
2024-03-12T19:53:17.287-07:00 DEBUG (1CF4-25A8) <ws_tomcatservice_init> [SharedCredManager] Cannot initialise shared credentials manager com.vmware.vdi.logger.Logger.debug(Logger.java:44)
com.vmware.vdi.sharedcredman.SharedCredException: No valid certificates exist
com.vmware.vdi.sharedcredman.SharedCredException: No valid certificates exist
at com.vmware.vdi.sharedcredman.SharedCredManager.a(SourceFile:732)
at com.vmware.vdi.sharedcredman.SharedCredManager.a(SourceFile:732)
at com.vmware.vdi.sharedcredman.SharedCredManager.e(SourceFile:377)
at com.vmware.vdi.sharedcredman.SharedCredManager.e(SourceFile:377)
at com.vmware.vdi.sharedcredman.SharedCredManager.initAndRegister(SourceFile:145)
at com.vmware.vdi.sharedcredman.SharedCredManager.initAndRegister(SourceFile:145)
2024-03-12T19:53:17.287-07:00 DEBUG (1CF4-25A8) <ws_tomcatservice_init> [SharedCredManager] Deregistering shared credentials manager
..
In-product feedback(IPF) feature discontinued in Horizon Releases (97293)
- As part of the VMware by Broadcom – EUC separation, we have decided to remove the IPF from Horizon Admin Console as it is an in-house tool made by VMware by Broadcom.
- Any new releases from 2312.1 onwards will not have the support for the IPF feature in the Horizon.
- For older releases before 2312, the Feedback option will be present, but the functionality will not work as the Lumos Feedback Service will be turned off.
- Customers would like to use USB device on Horizon agent via USB redirection.
But USB redirection will not work as message comes up on Horizon Client stating that “Already Redirected by Exclusive Sharing”. - This indicates that the relevant USB device is redirected under Storage Device Redirection (“SDR”), which is available after Horizon 8 2206.
But in actual, SDR is not configured in Horizon client and the relevant USB is not redirected under SDR. - Current implementation of SDR makes use of Drive Letter to judge status of USB device.
In case that USB media is mounted on “D” Drive at client PC and if Horizon client fails in reading physical volume information, then current implementation considers that this as redirected under SDR. - Therefore customers is not able to share the relevant USB media via USB redirection with agent.
Upcoming Changes to Firebase Cloud Messaging for Android (2024) (97418)
- On June 20th, 2023, Google announced the deprecation of several APIs used by applications to integrate with Firebase Cloud Messaging (FCM), the default push notification service used by Workspace ONE UEM to communicate with Intelligent Hub on Android. Google will begin taking the deprecated APIs offline in June 20th, 2024. Organizations may need to update Workspace ONE UEM are required to continue using FCM for real-time device management.
- In a scenario where an endpoint device has a security policy with a “Not Defined” value, if this policy is configured from a baseline, after un-assigning the baseline, it does not revert to its original “Not Defined” value.
- This article describes how security policy with a “Not Defined” value is not reverted to its original value after the baseline is unassigned.
- Before applying the Windows baseline Microsoft tool, SecEdit.exe takes the backup of the security policies. When a baseline is unassigned, SecEdit.exe restores the original backup. SecEdit.exe does not take a backup of the security policies with “Not Defined” values. Hence, on restore, it does not restore policies with “Not Defined” values.
Workspace ONE Content – Documents with RTL tables are not supported (93688)
- Workspace ONE Content does not allow users to edit the office documents which are having tables with RTL written text in them. This is a specific case when the documents contains tables having text in RTL format.
These documents can be Word document, Powerpoint document, or any MS Office document. The editing is not supported because RTL rendering in table is not supported and hence these documents may tend to loose information if edited.
VMware EUC related Security Advisories:
—No New Security Advisories this week—
High Priority KBs
- End of Life Announcement for the Legacy App Catalog in Workspace ONE UEM for SaaS UEM Customers (95774)
We are announcing the End of Life (EOL) for the UEM Legacy Catalog for UEM SaaS customers only at this time. If you are a On-Premises UEM Customer, this notice does not impact you at this time, further communications will follow for timelines on migrating On-Premises UEM Customers to the Intelligent Hub App Catalog. - Workspace ONE UEM – Updated requirements for on-premise cumulative patches (94706)
The base GA version for current Workspace ONE UEM releases is being revised through updated installers. On-premise customers will need to consume a revised installer for a given major version before any future cumulative patches can be deployed for that major version. These revised installers are required to address compatibility issues with regular cumulative patches. - Introducing Workspace ONE (WS1) UEM Next-Gen SaaS
VMware is excited to announce that the resource management & tracking improvements, the first major feature-based milestone in the Workspace ONE UEM Modernization Journey, is now available for customer testing. These improvements will be enabled in limited testing environments (CN135) starting on Thursday August 24, 2023. - Getting Ready for Android 14 (2023)
- Getting Ready for Apple Major OS Releases 2023
Recently updated or added KBs (Links)
- Upcoming Changes to Firebase Cloud Messaging for Android (2024) (97418)
- Workspace ONE UEM: End of Life of deprecated Workspace One UEM APIs (95397)
- Workspace ONE UEM – Configure Idle Session Timeout for Directory and Basic administrators (97395)
- Upcoming Change for Workspace ONE UEM Basic Administrator Password & Session Policies (90067)
- Recommendation against using port 443 for Content-Gateway (94257)
- [Workspace ONE Content] Pre-requisites for background downloads to work in Content iOS app (94030)
- Workspace ONE Content – Documents with RTL tables are not supported (93688)
- Some of the security policies are not removed from the endpoint device after unassigning Workspace ONE UEM Windows 10/11 baselines. (97203)
- [CRSVC-44714] Missing SAN in EJBCA Certificate Template Causes Profile Installation Failures (96811)
- In-product feedback(IPF) feature discontinued in Horizon Releases (97293)
- Horizon admin console is not loading after upgrading to 2312 (97455)
- Thin or Zero Clients with USB printer redirection and VMware Integrated Printing (89812)
- USB device is unexpectedly treated as though redirected under Storage Device Redirection (SDR) (97012)
- Failed to connect to VDI with BLAST when UAG uses self-signed certificate and loadbalancer is between Client and UAG (95208)
- HTML5 Session Performance Issues with IE11 – slow to launch and refreshing the page can result in a white screen (85820)
- Horizon Upgrade Rollback when VMware Horizon service fails to stop (92685)
- Horizon Drag and Drop Feature do not function if Windows Drive redirection Group Policy is used (93132)
Digital Workspace Techzone, Blog and YouTube Updates
- Creating custom macOS security baselines with the macOS Security Compliance Project and Workspace ONE
- Can Root Cause Analysis (RCA) Be Done Faster?
- Distributing Scripts to macOS Devices: Workspace ONE Operational Tutorial
3rd Party Blog Updates & Industry News
- Ruben Spruijt: Discover Digital User Experience (DEX)
- Matt Coppinger: Deploy and manage NVIDIA#Jetson based AI robotic devices
- Samsung: Knox cloud service 24.04
April Software Releases
| System | Component | Release | Announcement | Release Date |
| Windows | Tunnel Win10 | 24.01 | Release Notes | 01.04.24 |
| iOS | Content | 24.02.1 | Release Notes | 03.04.24 |
| Android | Content | 24.02.1 | Release Notes | 03.04.24 |
| macOS | Hub | 24.01.1 | Release Notes | 03.04.24 |
Upcoming EUC Events
| Event | Details | Date |
| Apps Everywhere: Mastering the Eight Activities of Modern App Management | Steven McGovern, EUC Division, Broadcom; Jeff Ulatoski, EUC Division, Broadcom; Gary Taylor, Kyndryl; Samit Halvadia, Rimo3 https://www.brighttalk.com/webcast/19382/609108 | Apr 23 2024, 6:00pm CEST |
| EUC Customer Success Quarterly Webcast Series | Next EUC Customer Success Quarterly Webcast Session 1— Windows Modern Management Session 2— Digital Employee Experience https://www.vmware.com/learn/2381400_REG.html Next EUC Customer Success Quarterly Webcast Coming Soon!Watch our latest webcasts: •Managing, Automating, and Supporting a Frontline Device Fleet •What’s New with Horizon Cloud Service next-gen and Improving VMware Horizon User Experience with Workspace ONE Intelligence •Windows 10 Multi-User Support for UEM & Revolutionize your IT Environment with Freestyle OrchestratorWatch all additional previous webcasts On-Demand here. | 3/26/2024 TIME: 8:30 AM PT DURATION: 90 Minutes |
| EUC TechInsights Recordings | https://vmwaretv.vmware.com/channel/EUC+TECH+INSIGHTS/322091202 Sander Noordijk Laurens van Duijn Pim van de Vis | |
| VMUG | Watch On-Demand webcasts here.Register for upcoming live webcasts here.Register for Regional VMUG events here. | |
| End User Computing Webinars | Sign up for upcoming webcasts and watch VMware On-Demand webcasts here. |
EUC UX Research Opportunities
- Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
- Interested in giving your opinion and making your voice heard? Check out what’s available!
- Bonus: We give VMware swag to Customers who participate
Opportunity #1
- Build Custom Alerts in Workspace One!
- What: Play with a clickable prototype and tell us what you think.
- How: On your own time in Maze, a user testing tool. It will record your audio and computer screen.
- Time: It can take up to 10 minutes.
- TEST LINK HERE
Latest Patch & Seed Script Versions
- OS Updates Seed Script
- Most recent update: iOS 17.4.1 (21E237)
- Last Update: CW14
- Seed Script for latest Device Model Information
- Seed Script for latest Device Model Information Seed Script to support new MacBook Air M3 model Mac15,2 models
- Last update: CW11
- Workspace ONE UEM 22.09
- Patch Level 22.9.0.45
- CRSVC-43327: Increased CPU usage by CiscoISE App pool.
- AGGL-16159: Android VPN profile shows “Failed to save profile” error when trying to modify the profile or add a version to the profile.
- Last Update: CW50
- Workspace ONE UEM 22.12
- Patch Level 22.12.0.44
- ARES-28093: Unable to view the XML file of specific iOS profiles if option to sign certificate is enabled
- Last Update: CW13
- Workspace ONE UEM 23.02
- Patch Level 23.02.0.43
- ARES-28053: Web links report is empty.
- AMST-40945: Increase application installation timeout.
- AMST-40942: Reduce unnecessary calls between UEM and OEM provisioning service.
- Last Update: CW14
- Workspace ONE UEM 23.06
- Patch Level 23.06.0.27
- AMST-40785: Windows BIOS profile missing custom BIOS Attributes after saving.
- PPAT-16520: Performance improvement in Tunnel sync endpoint.
- LUEM-843: Latest Hub version from server should contain build version.
- AMST-40943: Reduce unnecessary calls between UEM and OEM Provisioning Service.
- MACOS-4372: Environment unable to automatically install Intelligent Hub macOS application.
- AAPP-17132: Fix phone number data mismatch in default attribute segment of device state.
- Last Update: CW14
- Workspace ONE UEM 23.10
- Patch Level: 23.10.0.10
- AMST-38952: Windows BIOS profile missing custom BIOS Attributes after saving.
- LUEM-835 Latest Hub version from server should contain build version.
- AMST-38933: Reduce unnecessary calls between UEM and OEM Provisioning Service.
- ARES-28244: When we add two or more Geofencing locations to the profile, only one Geo location displays in UI.
- AMST-40955: Unable to save iOS SDK profiles.
- AMST-40972: Profile with multiple Credential payloads is failing while adding new version.
- MACOS-4368: Environment unable to automatically install Intelligent Hub macOS application.
- RUGG-12568: Create additional logging for Smart Group removal flows.
- FS-5031: Cannot use negative integers in WorkFlow condition checks.
- CMCM-190922 Localization blocks upload of managed content.
- Last Update: CW14
- Workspace ONE UEM 24.02
- Patch Level: 24.2.0.1
- ARES-28448: On the App DT page, the alignment of the first device record is not proper, and some of the device details are getting overlapped.
- CRSVC-47469: Reset offline checkin job hydration status to support retrigger.
- RUGG-12963: Incorrect installation status for apps under Device details > Application page.
- AMST-40776: Incorrect target set for profiles when DSM overrides are created.
- CRSVC-47441: Change modern-stack orchestrator job to one min.
- CRSVC-47729: Compliance overrides to DSM migration not working.
- AMST-39074: WNS Details are not showing on the Network or Summary page.
- CRSVC-47761: Workflow migration to ES does not migrate the workflow choice set boolean correctly.
- Last Update: CW14
Welcome to the anywhere workspace 
Leave a comment