Omnissa Newsletter 2025 Week 11

Upcoming Omnissa Events

Event	Link and description	Speakers	Date
Omnissa Tech Deep Dive: What’s new with Windows software distribution?	Omnissa Tech Deep Dive: What’s new with Windows software distribution? – March 26th, 8 am PST / 5 pm CET Whether you’re a newbie or a veteran of deploying Windows apps, this session will provide an A to Z discussion about software distribution, as well as best practices, troubleshooting, and new functionality.   Join us for several demos showing new ways to streamline deployment and configuration of applications.https://community.omnissa.com/events/event/34-omnissa-tech-deep-dive-whats-new-with-windows-software-distribution/	Jo Harder, Sr. Technical Marketing ArchitectGrischa Ernst, Windows Product Manager	26 March
Managing macOS in the Enterprise with Omnissa Workspace ONE	With macOS adoption on the rise, IT teams must balance security, compliance, and user experience. Join our deep-dive webinar about:Automate macOS provisioning and onboarding for a smooth user experienceEnforce security policies and compliance without disrupting workflowsOptimize software deployment, patch management, and application updatesLeverage remote management tools for troubleshooting and efficiency Welcome! You are invited to join a webinar: EUC TechInsights – Deep Dive: Managing macOS in the Enterprise with Omnissa Workspace ONE. After registering, you will receive a confirmation email about joining the webinar.	Simon Elberts, Senior Customer Success Engineer	When: April 1, 2025, at 4:00 PM (CET)
Omnissa Community Webinar: Increase the value of your Omnissa deployment with advanced data and automation: powered by Intelligence and Freestyle Orchestrator	Omnissa Community Webinar: Increase the value of your Omnissa deployment with advanced data and automation: powered by Intelligence and Freestyle Orchestrator – April 2nd, 5 pm CET/ 8 am PST We invite you to a live webinar where our Omnissa subject experts will deep dive into Omnissa’s platform services! Join us to discover how Omnissa Intelligence and Omnissa Freestyle Orchestrator can help you unlock advanced data insights and automation, maximizing the value of your Omnissa deployment.	TBD	02 April
Omnissa Tech Deep Dive: Enrich your access policies with more data for better security	Omnissa Tech Deep Dive: Enrich your access policies with more data for better security – April 16th, 8 am PST / 5 pm CET We invite you to join this session on April 16th to learn how Omnissa can protect your enterprise data based on knowledge rather than guesswork. We will discuss the security capabilities in the Omnissa platform, real-time and continuous data sharing, and access decisions based on more data about the user, devices, and session.https://community.omnissa.com/events/event/35-omnissa-tech-deep-dive-enrich-your-access-policies-with-more-data-for-better-security/	Peter Bjork, Principal Architect	16 April
Omnissa Community Webinar:  Big Game Hunting: Ransomware’s High-Stakes War on Enterprises	Big Game Hunting: Ransomware’s High-Stakes War on EnterprisesWe invite you to join an insightful session, where we will focus on the most successful cybercrime operation in history. As a professional in the EUC space, understanding how ransomware gangs operate, evolve, and target enterprises is essential.We’ll also cover what Omnissa architects and subject matter experts can do to harden defenses and prevent breaches. Join this session for critical insights into the ever-evolving threat landscape.Big Game Hunting: Ransomware’s High-Stakes War on Enterprises	Huib Dijkstra, Lead Solution Engineer	7 May
Omnissa ONE returns in 2025	SAVE THE DATEOmnissa ONE America Las Vegas, Cosmopolitan Hotel Sept 15th – Sept 17th Omnissa ONE Europe Amsterdam, Maritim Hotel Amsterdam Oct 7th – Oct 9th Omnissa ONE Asia Tokyo, ANA InterContinental Hotel  Nov 17th – Nov 19th

Release Updates: 

Workspace ONE Intelligent Hub 24.07.5 for macOS

• In this release, we have redesigned the profile version attributes shared in device state exchange and profile sampling to support UEM modern stack architecture.

Bugs Fixed:

• HUBM-9270: macOS HUB app crash while refreshing the catalog.
• HUBM-8965: Secure Channel race condition causing UEM connection issues.
• HUBM-9373: During manual upgrade, UI gets stuck while checking for update

Staged Rollout at 50% | Workspace ONE Boxer 25.02 for Android

• (Experimental) Rich text formatting in signatures and email compose screen

• This feature allows users to add different text styles and bulleted lists to their signatures.
• Users can configure different signatures with rich text formatting for multiple accounts.
• When composing, replying, and forwarding emails, the users can select the formatting icon from the bottom bar. As a result, several formatting options are available which can be applied to the emails.
• RTL languages such as Arabic and Hebrew are supported.
• Additional Information:

• If rich text formatting is activated, inline images are not supported in signatures.
• End users can turn on this functionality using a feature flag, Rich text compose. This feature flag is present in Advanced settings > Enable features.
• Accept Proposed New Time

• This feature allows a meeting organizer to respond with a single tap to new, proposed times from meeting attendees.
• When a meeting attendee declines or tentatively accepts an invite and proposes a new time for the meeting, the meeting organizer receives an email with a prompt that allows the organizer to accept or ignore the proposed time.
• Meeting organizers can see their own availability during the proposed slot before they respond to the proposed time.
• If the organizer accepts the proposed time, the meeting is moved to the proposed slot. New meeting invites are sent to all attendees and the attendees are prompted to respond to the new invite.
• Improvements in Collection of Application Logs

• Administrators can use KVPs to control log collection and enable plain text logging to help diagnose and resolve issues. When plain text logging is enabled, the logs might include additional details such as full email addresses, IP addresses, and connectivity data.
• By default, all plain text logging is deactivated for the end user which means that sensitive information is masked.
• End users are asked for their consent before changes such as turning on plain text logging, sending verbose logs (with masked or unmasked data), or enabling verbose logging, are applied.
• The following two KVPs IsVerboseLoggingEnabled and AccAllowLogsObfuscationDeactivation can be used to allow control over logging.
• IsVerboseLoggingEnabled

• This is an application level, boolean, KVP and the default value is false. As a result, verbose logging is turned off for the end user.
• A checkbox, Enable verbose debug logging is presented to the end user in Advanced settings.
• When the checkbox is selected, users are asked for consent and verbose logging is enabled. When the checkbox is cleared, verbose logging is deactivated.
• When the value of the KVP is set to true, verbose logging is always enabled for the end user and the Enable verbose debug logging checkbox is not present.
• AccAllowLogsObfuscationDeactivation

• This is an account level, boolean, KVP and the default value is false. As a result, plain text logging is turned off and sensitive data is always masked.
• When the KVP is configured as true and the IsVerboseLoggingEnabled KVP is set to true, a checkbox Activating Plain Text Logging is presented to the end users in Advanced settings.
• When the checkbox is selected, plain text logging is activated which means that sensitive data is not masked and collected during logging. When the checkbox is cleared or Workspace ONE Boxer application restarts, plain text logging is deactivated and sensitive data is masked again in the logs.
• Quality improvements and crash fixes

Workspace ONE Launcher 25.02.1 for Android 

Bugs Fixed

• ALAU-173928: Intermittent Crash Issue in Single App Mode After Upgrading to Launcher 25.02

Workspace ONE Intelligent Hub 25.02 for Android

• New badge to indicate internal beta applications. Display a beta badge for internal beta applications in the Hub Client to indicate their status to users
• Improvements to Terms of Use for Enrollment and Apps: Display the most current EULA with its expiry time and highlight those due soo

Bugs Fixed

• AAGNT-200750 – Persisted Event/Actions are not restored on Enterprise Reset for Zebra devices
• AAGNT-200883 – Zebra Date/Time profile – periodic sync setting not applied
• HUB-11624 – Pending Enrollment TOU Detail view is too small

Current Omnissa Security Advisories 

<<<No New OMSAs this week>>>

Find all latest advisories in the Omnissa Security Response Center

Omnissa UX Research Opportunities: 

• Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
• Interested in giving your opinion and making your voice heard? Check out what’s available!

Test drive a NEW Horizon Admin Portal for MSPs

• About: Research & Design are looking into creating a dedicated portal for Managed Service Providers (MSPs) to help manage their clients’ Horizon solutions.
• Opportunity: Play with a clickable prototype in a 45-minute, 1×1 interview via Zoom. Upon completing the Zoom interview you will receive Omnissa swag as a thank you.
• Relevant for: Customers who act as MSPs and manage Horizon solutions.
• SIGN UP HERE

WS1 UEM: Test the Usability of a REFRESHED Compliance Policy Feature

• About: Omnissa Design has made some updates such as: more flexibility in Conditions and Actions, now fully managed on Mac and Windows, ability to assign via Smart Groups, more granular policy Risk Levels, AND MORE!
• Opportunity: Play with a clickable prototype in a 45-minute, 1×1 interview via Zoom. Upon completing the Zoom interview you will receive Omnissa swag as a thank you.
• Relevant for: Admins involved with creating/managing compliance policies.
• SIGN UP HERE

KB Highlights & Announcements: 

• Exchange ActiveSync Header Change for Workspace ONE Boxer (6000769)
  We are introducing a new header for ActiveSync requests as part of our ongoing rebranding efforts. This change is critical for maintaining seamless connectivity for our customers.
  Action Required: 

If customers are using the Legacy header to identify the requests and eventually filter them, they must:  

• Update their configuration to use the new X-WorkspaceOne-Boxer-RequestId header to ensure uninterrupted service.  
• If SEG is used, it must be updated to version 2.31 or later.  

Important Note: Failure to update to the new header and in the SEG version will result in potential service disruptions after the Boxer v25.04 release. 

• We are shutting down my.workspaceone.com and resources.workspaceone.com on 18-Feb-2025, due to legal compliance requirements.
  All new Omnissa branded product binaries are being made available on customerconnect.omnissa.com . Some product releases are in progress and will be available soon.
  Any customer needing older product binaries can follow the request previous binaries flow, upon which they will receive a link to download older binaries.
• OMSA subscription services now available!
  We are THRILLED to announce that customers and interested parties can enroll and self-manage subscriptions to our OMSAs.
  Sign up from the Omnissa Security Response Page under the Omnissa Security Advisory (OMSAs) section.

Preparing for Workspace ONE Modern SaaS Rollout (Managed Hosting / Dedicated Cloud Customers)

• For Shared SaaS, environments have already been enabled or will be enabled automatically in the near future
• Familiarize yourselves with upcoming changes with Modern SaaS, including changes in workflows, terminology, and known issues. (See – TechZone article here.)​
• Request environment migration with the Omnissa account team (CSM, TAM, AE, SE) once ready. The team will work internally to request an enablement week on your behalf.​
• Environment clean-up* (resources outside of tenant boundary e.g., global resources).​

• Remove/migrate invalid resources (apps, profiles, policies) from the console.​
• Remove/migrate invalid SGs.​
• Ensure all users/devices are at or under Customer/Partner OGs. If users exist above Customer/Partner OGs with devices enrolled, device enrollment may be required.​
• Validate Smart Group & app exclusion. See KB here.​

• Update Workspace ONE UEM to the latest version prior to Mod Stack enablement, minimum UEM 24.06.​
• Review the list of known issues and changes aggregated in the weekly newsletter below. Ensure resolutions/workaround are implemented as applicable.​
• Develop a testing plan post migration and communicate with internal stakeholders.​
• KB Article Overview
• Announcement & Updates​

• Administration changes for Workspace ONE UEM Modern SaaS Architecture | Omnissa​
• Workspace ONE UEM – Modern SaaS Architecture Rollout – December Update (6000206)​​
• Smart Group exclusions now managed at version level in modern SaaS architecture enabled Workspace ONE UEM Environments (6000662)​
• Application and Profile management restricted to Customer Organization Group (and Partner Organization Group) or below in Modern SaaS architecture enabled UEM environments (6000196)​
• Introducing WS1 UEM Next-Gen SaaS: Device List View, Resource Delivery and Deployment Tracking Modernization Improvements in Tech Preview Environment CN135 (94042)​
• Modernization Update: Consolidated Modernized Services for Hosted SaaS (91520)​
• Known Issues – Resolved​

• Intelligent Hub for macOS must be upgraded to version 24.07.1 to prevent macOS Profile removal from being blocked with Mod Stack (Resolved in macOS Hub 24.07.1+)​
• Profiles Assigned Through Freestyle Workflows Installed on Unintended Devices (6000667)(Resolved in UEM 24.06.0.13+)​
• macOS Profiles shows “Installed but not assigned” and contains profile duplicates (6000682)(Resolved in macOS Hub 24.07.2+)​
• [Modern Architecture] ChromeOS Device Sync fails (6000731)
• ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Architecture Enabled UEM Environments (6000670)
• [Resolved] Tagging Operations Behavior Change in Mod Stack Enabled Environments (6000180) (Enhanced in Workspace ONE UEM 2406 Patch 22 and 2410)
• Known Issues – Ongoing​

• ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Architecture Enabled UEM Environments (6000670)​
• Evaluated device count higher than Assigned count in Deployment Tracking for Modern SaaS architecture enabled UEM Environments (6000191)​
• Known issues of Product Provisioning in the UEM modernized stack (6000686)​
• Workspace ONE UEM – Modern Stack Device-Based Events are not exported via Syslog Integration (6000677)​
• ARES-30657 – For some internal apps, devices receive lower app version instead of the highest assigned version in modern-architecture enabled UEM environments (6000718)
• FileVault Recovery Keys are missing for macOS devices after Modern Stack Migration (6000719)
• FileVault Disk Encryption Pop Up for macOS Devices after Modern Stack Update (6000722)
• [Modern Architecture] Devices Removed from Assignment Groups with “Enterprise Version” Filter (6000730)

High Priority KBs: 

• Omnissa new world link directory
  For an overview about links to customer portals and relevant information follow the above link.
• System Migration Changes Impacting Workspace ONE and Horizon Customers (97841)
  The end-user computing (EUC) division of Broadcom will transition from VMware-hosted systems to EUC-hosted systems in April and May 2024. This transition is part of our preparation to become a standalone entity following the acquisition of EUC by KKR.

Recently added KBs (Links) 

• Single App Mode Not Working with Native Apple Applications (6000792)
• [Modern Architecture] [AGGL-18264] Legacy Credentials Profiles pushed to Android Enterprise Devices (6000789)
• Horizon Connection Server Goes Offline and Requires Service Restart (6000786)

Recently updated KBs (Links)

• [AAGNT-198419] Managing WiFi on Android 12+ requires Location Services enabled (96763)
• [Resolved] CRSVC-53629 – Workspace ONE UEM – Devices assigned to a Compliance Policy with an Enterprise Wipe action may not receive assigned resources during enrollment (6000389)
• [Resolved] Tagging Operations Behavior Change in Mod Stack Enabled Environments (6000180)
• Announcing end of support for device administrator (Android Legacy) in Workspace ONE UEM (80971)
• Boxer Outage For Personal Use (6000117)
• End of Life Announcement for the Legacy App Catalog in Workspace ONE UEM for SaaS UEM Customers (95774)
• Horizon Client Feature Matrix for Horizon 8 and Horizon Cloud on Azure (80386)
• Horizon Cloud Service first-gen – Required Transition to Azure Database for PostgreSQL – Flexible Server (6000765)
• Horizon Connection Server Console shows Internal Error Occurred after an upgrade to 8.6 or Later (89986)
• Increased Data Consumption when “CaptureDEXData” is enabled in Launcher versions below 24.05 (6000065)
• Omnissa App Volumes with Microsoft Windows 10 and 11 Support (55755)
• Omnissa Horizon Connection Server Inaccessible over HTTP/HTTPS (6000184)
• Omnissa Horizon on Azure VMware Solution (AVS) Support (80850)
• Performing an end-to-end backup and restore for Omnissa Horizon View (1008046)
• Rebranding Changes in Omnissa Horizon Cloud Service – Dynamic Environment Manager, ThinApp, Horizon Edge Gateway, Horizon Cloud Connector (6000775)
• Renew Tunnel Server authentication certificate (93055)
• Supported versions of Windows 10 and Windows 11 on Horizon Client (58096)

Digital Workspace Techzone, Blog, Community and YouTube Updates 

• What is Omnissa App Volumes? | Omnissa
• Enforcing macOS Security Compliance Project Baselines: Workspace ONE Operational Tutorial | Omnissa
• Chip-to-cloud management with Intel® vPro | Omnissa
• Announcing Limited Availability of Horizon Cloud Service with Amazon WorkSpaces Core | Omnissa

3rd Party Blog Updates & Industry News 

• How To Configure Apple Platform SSO using Omnissa Workspace ONE UEM – After Six Computers

Beta, Lab and Tech Preview Updates 

Get started with Omnissa Beta-program

Currently available: 

• Intelligent Hub for Android Managed API Feature – Available until further notice
• MSAL Global Sign-in/Sign-out for Shared Devices– Available until further notice
• HCS for Partners – Available until 01/30/2026
• Horizon 8 on VCD – Available until 09/30/2025
• Tunnel for iOS  – Available until 3/07/2025  
• Windows Server Management  – Available until 3/28/2025
• Security Events Service – Available until 3/21/2025

Coming soon:

• Tunnel for macOS — March
• Tunnel for Android — March
• Omni– April/May
• Conditional Access – iOS Shared Device Mode for Entra ID  (Requires Shared SaaS UAT) — March

Past Omnissa Event Recordings

Omnissa Online	Recording of Omnissa Online Event: YouTube Recording	Various
EUC TechInsights – Reimagine Application Management: Unlock the Power of App Volumes	Is your application management strategy ready for a transformation? Join us to explore how decoupling applications from operating systems with portable VHDs can simplify deployments, enhance scalability, and boost efficiency. Discover	Jeff UlatoskiDirector Product Management	Feb 4, 2025 04:00 PM CET
EUC TechInsights – Stay Ahead in IT Management with Workspace ONE, why best things in life are not always free	Choosing the right device management platform goes beyond upfront costs and basic features. As your business grows, will your solution scale with you? Some platforms offer a solid start, but others require complex scripting, third-party add-ons, and workarounds—leading to hidden costs and increased risk. Welcome! You are invited to join a webinar: EUC TechInsights – Stay Ahead in IT Management with Workspace ONE, why best things in life are not always free. After registering, you will receive a confirmation email about joining the webinar.	Pim van de Vis	Feb 25, 2025 04:00 PM
Exploring Workspace ONE UEM Frontline and What’s New with Android Management API	o Session 1 – Omnissa Workspace ONE UEM and DEX for Frontline Use Cases – What’s new in Analytics for Frontline Deployments – What’s new in configuring the experience for Frontline devices (Launcher) – What’s new in managing and maintaining Frontline devices o Session 2 – What’s New with Android Management API – What is Android Management API? – AMAPI enhancements with Workspace ONE UEM 2410 – What’s next for AMAPI in 2025 Exploring Workspace ONE UEM Frontline and What’s New with Android Management API	Mitch Berk, Senior Director of Product Management; Owais Syed, Product Line Manager; Nick Brouillette, Group Product Line Manager & Manuel Perez, Product Manager	Feb 25 2025, 5:30pm CET

Latest Patch & Seed Script Updates: 

OS Updates Seed Script

• Most recent update :
  visionOS 2.4 beta (22O5199o), tvOS 18.4 beta (22L5218l), macOS 15.4 beta (24E5206s), iPadOS 18.4 beta (22E5200s), iOS 18.4 beta (22E5200s)
• Last Update: CW09

Device Model Seed Script

• Seed Script to support 

• iPhone 16e
• iPad Air M3
• Last update: CW10

Workspace ONE UEM 23.06

• Patch Level 23.6.0.47

• RUGG-13443 – Product fails to honour applicability rule when oemBuildVersion attribute is used more than once in applicability rule.
• FCA-208683 – Intelligence Opt-In flow showing error screen after clicking on ‘Opt-In’ button.
• AAPP-18903 – VPP app Epic Rover app fails to install.
• Last Update: CW11

Workspace ONE UEM 23.10

• Patch level 23.10.0.46

• RUGG-13443 – Product fails to honor applicability rule when oemBuildVersion attribute is used more than once in the applicability rule.
• HUBW-17234 – Fixing issue with apps stuck in SFD queue and not processing any app installs even when pushed manually.

Note: This fix is available as part of SFD version 23.10.7 that is seeded into UEM version 23.10.0.46.

• Last Update: CW09

Workspace ONE UEM 24.02

• Patch Level: 24.2.0.25

• RUGG-13443 – Product fails to honor applicability rule when oemBuildVersion attribute is used more than once in applicability rule.
• RUGG-13370 – Unable to save Schedule type Condition when the schedule date is in the year 2025 or later.
• CRSVC-58522 – Windows | Failed to fetch metadata from the server for workflows which causes delays in resources delivery.
• ARES-31047 – Launcher Profile configured with Custom Lookup fields failing to install on devices.
• AMST-42826 – Commands getting queued on Windows devices post console upgrade to 2406
• AGGL-17940 – Android app are removed from devices when renamed by administrator.
• AGGL-17575 – Android Credentials profile becomes corrupted when adding version if “Allow silent app access” is enabled.
• AGGL-10395 – Migration should be created with valid smart groups.
• AAPP-18691 – Cannot install some VPP Apps as we get an Associate Failure for the licenses.
• AAPP-18245 – During DEP enrollment, the Device OS version is not correctly read from the device.
• AAPP-17815 – Custom Command shows Pending under Troubleshooting tab in Device Details.
• Last Update: CW10

Workspace ONE UEM 2406

• Patch level 24.6.0.26

• ARES-31178 – ‘Installed but not assigned’ status incorrectly highlighted in red for seeded apps like Launcher on Device Details Apps summary page.
• FCA-209286 – [Mod Stack] Unenrolled devices are unexpectedly shown in Device List View filtered by Smart Group.
• AAPP-17712 – Added additional options in the MacOS Skip Setup Assistant profile.
• AGGL-18264 – Android Legacy profiles installing on Android Enterprise devices.
• AAPP-18119 – Assignment Preview MDM API throws 500 error for AppleTv platform.
• AMST-42768 – Dell Integration – Enrollment with dropship provisioning does not work as call to device services to get generic ppkg fails.
• AMST-43019 – Profiles with Unknown Context are removed from Device when modstack is enabled.
• RUGG-13304 – Relay Servers were unable to connect to the Console when default Mac address was used in the discovery text.
• Last Update: CW11

Workspace ONE UEM 2410

• Patch level 24.10.0.1

• FCA-209557 – “Query” action is not resulting in Device Check-In for macOS devices.
• FS-6714 – Hide Reported Time in device details page workflow tab and workflow page for mobile devices.
• FS-7038 – Not pushing global tags in while reporting metrics.
• FS-6781 – Spaceman error when clicking into a newly published workflow.
• AGGL-17575 – Android credentials profile becomes corrupted when adding version if “Allow silent app access” is enabled.
• ARES-31051 – API to fetch profiles in an organization group is failing intermittently with ‘Internal Server Error’.
• AMST-42286 – EAR update notifications not working.
• CRSVC-58722 – Extend syslog coverage to include all modern SaaS services.
• FS-6808 – Freestyle Getting Started page – change text to include mobile platforms.
• AGGL-18066 – Geofencing for Android profiles is not honored.
• FCA-208850 – Improved logic for offline devices within the data migration stored procedure for modern SaaS architecture.
• AAPP-17770 – iOS: Unable to retrieve the email address in “local identifier” for VPN profile.
• PPAT-18645 – Modern Stack only – Tunnel certificates are not delivered to the Windows Tunnel client on certificate renewal.
• CRSVC-58684 – Prevent incorrect Purchased app removals on the device.
• FCA-209732 – Right click issue caused by blinking popup when hover on devices when using Layout > Custom in UEM (2410).
• AAPP-18195 – SSO extension generates duplicate XML entries.
• AMST-42945 – Update Intel cloud service build to include commit and build tag info.
• MACOS-5482 – Update macOS selective app list sample source when sent from Intelligent Hub from MDM to MAC_OS_MUNKI.
• CRSVC-58522 – Windows | Failed to fetch metadata from the server for workflows, which causes delays in resources delivery.
• Last Update: CW10

Disclaimer

Please note: All information in this Newsletter is statically copied from various sources. Once published, these sources won’t be checked and the Newsletter won’t be updated retrospectively. In case of doubts, always check and refer to the linked source in Omnissa Docs, Techzone or Knowledgebase.