Omnissa Newsletter 2025 Week 29

Upcoming Omnissa Events

Event	Link and description	Speakers	Date
Omnissa Tech Deep Dive: Windows device provisioning	What’s the difference between Drop Ship Online vs. Offline and which to use when?  What’s a PPKG file? This tech deep dive session will clearly explain and demonstrate the behind-the-scenes activities that enable provisioning new Windows devices. Join our subject matter experts @Jo Harder and @Joshua Spencer for some valuable tech content!👉 Register here: Omnissa Tech Deep Dive: Workspace ONE UEM Windows Device Provisioning, Enrolling, and Onboarding	Jo Harder, Joshua Spencer	23 July5 PM – 6 PM CEST 11 AM – 12 PM EDT 8 AM – 9 AM PDT
Omnissa Tech Deep Dive: Horizon 8 and Nutanix AHV hypervisor	In this session, you’ll get a technical overview of how Horizon 8 integrates with the Nutanix AHV platform. We’ll walk you through the key features and architecture of AHV, explore why it’s a strategic choice for hypervisor support, and share Omnissa’s vision and launch plans around this integration.Whether you’re already working with Horizon or just beginning to explore hypervisor options, this event will give you the context and confidence to understand how Horizon 8 fits into the Nutanix ecosystem—and what it means for your environment moving forward.👉 Register here: Omnissa Tech Deep Dive: Horizon 8 and Nutanix AHV hypervisor!		28 August5 PM – 6 PM CEST 11 AM – 12 PM EDT 8 AM – 9 AM PDT
Omnissa ONE returns in 2025	SAVE THE DATEOmnissa ONE Global Las Vegas, Cosmopolitan Hotel Sept 15th – Sept 17th👉 More information and registration: Omnissa ONE 2025.Omnissa ONE EMEA Amsterdam, Maritim Hotel Amsterdam Oct 7th – Oct 9th Omnissa ONE Japan Tokyo, ANA InterContinental Hotel  Nov 17th – Nov 19th

Release Updates:

Workspace ONE Content 25.06.1 for iOS

In this release, we have made a few updates containing general quality and performance improvements with no new features.

Workspace ONE ITSM Connector for ServiceNow 8.0

• Location

• Service desk associates can now see the last known GPS coordinates of a device, including the latitude and longitude, on a map. This action helps to locate missing or lost devices along with the previously available actions Find Device and Enable Lost Mode(iOS).
• Enable Location settings to use this feature.
• Compliance Policies
• Sevice desk associates can verify the Compliance Policy to determine which policy is failing on a device so they can fix an issue. To use this feature, at least once security or compliance policy must be assigned to the device. You can see policies by navigating to Security > Compliance > Compliance Policies.

• Horizon Enterprise 8 Integration
• Service desk associates can now investigate and remediate Horizon Enterprise 8 issues from within any ServiceNow ticket. Use cases in this version include:

• Find sessions per user
• Find sessions per email ID
• Disconnect session
• Logoff session
• Reset machine
• Restart machine
• Extend ITSM Connector to Horizon Helpdesk Actions
• Prerequisites for using are:

• Minimum Horizon version – Horizon 8.12 (2312)
• Enable Cloud Pod Architecture (CPA)
• Bring Workspace ONE UEM ITSM component out of the native UI
• In the native UI, the dependency on formatters and related tabs was removed. The load time of the ITSM Connector has been significantly improved. Now, the ITSM Connector will show up as a button even in the native UI (same as the SoW UI).

Omnissa Access

Support for SIEM Integration in Omnissa Access Cloud

Omnissa Access Cloud now offers the ability to forward Access audit information to third-party Security Information and Event Management (SIEM) systems as Syslog events. Access Cloud can forward audit events to SIEM and Syslog servers in the cloud or in customer data centers. This release includes native adapters for a Syslog server, Splunk, and CrowdStrike Next-Gen SIEM, with support for more SIEMs coming in a future release. The integration requires mutual TLS (mTLS) authentication between Access and the external system.

Omnissa Workspace ONE Hub Services

Configurable support contact information in Support tab

Intelligent Hub administrators (console admins) can now configure IT Support’s email ID and phone number for their users. Users can subsequently go to the Contact section under the Support tab to get help.

Before the release of this feature, console admins could not overwrite system defaults. Now, they can control whether users see system default support information or configured information. Together with templates, admins can configure unique support info for different user groups.

This feature is now available for Hub for Web. It is expected to be rolled out for all Hub clients at a later time.

Conditional Entitlements Phase 1: Lock Apps based on Access Policy

Access policy rules set by admins in Omnissa Access determine which apps an end user can launch, based on factors such as their network range, device type, or group membership. Currently, all apps are available to the user in the Hub catalog, and when they launch an app that is restricted by Access policy rules, they are denied access during the launch process.

The new conditional entitlements enhancement to the Hub catalog improves the user experience by locking (greying out) apps that a user is restricted from launching based on Access policy rules. The user interface only reflects existing restrictions that have been configured in the customer tenant, and does not change any behavior for unrestricted apps.

This is Phase 1 of a two-phase rollout of conditional entitlements. In Phase 2, Hub Services admins will have the option to either display (as locked) restricted apps or hide them entirely from end users.

This feature is currently limited to the Hub web portal only.

The scope of this feature is limited to only those apps on which Access policies are applicable.

Current Omnissa Security Advisories

• OMSA-2025-0001: Horizon Client for Windows addresses local privilege escalation vulnerability (CVE-2025-25230)
• OMSA-2025-0002: Omnissa Unified Access Gateway (UAG) updates address Cross-Origin Resource Sharing Bypass vulnerability (CVE-2025-25234)

Find all latest advisories in the Omnissa Security Response Center

Omnissa UX Research Opportunities: 

• Our goal is to gather insight into user behaviors, motivations, and goals, so we can use those insights to inform and strengthen product and design decisions.
• Interested in giving your opinion and making your voice heard? Check out what’s available!

NEW Opportunity: The great Freestyle debate – weigh in now!

• About: Omnissa has 2 Freestyle’s – one in Intelligence and another in UEM. Although one day the goal is to combine, for now, the 2 will remain separate. Design has a few proposals to help clarify the differences between the 2 tools and give guidance on which to use. Check them out and let us know which you prefer.
• Opportunity: 8-minute interaction where you’ll get to play with different clickable prototype concepts and rate them on a series of attributes. This won’t require talking or typing, just multiple choice, AND you can do this in your own time.
• Who is this relevant for: Customers and Employees using Freestyle in UEM and/or Intelligence.
• Choose your favorite Freestyle concept here → available until end of day 7/25.

KB Highlights & Announcements:

•  

Preparing for Workspace ONE Modern SaaS Rollout (Managed Hosting / Dedicated Cloud Customers)

• For Shared SaaS, environments have already been enabled or will be enabled automatically in the near future
• Familiarize yourselves with upcoming changes with Modern SaaS, including changes in workflows, terminology, and known issues. (See – TechZone article here.)​
• Request environment migration with the Omnissa account team (CSM, TAM, AE, SE) once ready. The team will work internally to request an enablement week on your behalf.​
• Environment clean-up* (resources outside of tenant boundary e.g., global resources).​

• Remove/migrate invalid resources (apps, profiles, policies) from the console.​
• Remove/migrate invalid SGs.​
• Ensure all users/devices are at or under Customer/Partner OGs. If users exist above Customer/Partner OGs with devices enrolled, device enrollment may be required.​
• Validate Smart Group & app exclusion. See KB here.​

• Update Workspace ONE UEM to the latest version prior to Mod Stack enablement, minimum UEM 24.10.​
• Review the list of known issues and changes aggregated in the weekly newsletter below. Ensure resolutions/workaround are implemented as applicable.​
• Develop a testing plan post migration and communicate with internal stakeholders.​
• KB Article Overview
• Announcement & Updates​

• Administration changes for Workspace ONE UEM Modern SaaS Architecture | Omnissa​
• Workspace ONE UEM – Modern SaaS Architecture Rollout – December Update (6000206)​​
• Smart Group exclusions now managed at version level in modern SaaS architecture enabled Workspace ONE UEM Environments (6000662)​
• Application and Profile management restricted to Customer Organization Group (and Partner Organization Group) or below in Modern SaaS architecture enabled UEM environments (6000196)​
• Introducing WS1 UEM Next-Gen SaaS: Device List View, Resource Delivery and Deployment Tracking Modernization Improvements in Tech Preview Environment CN135 (94042)​
• Modernization Update: Consolidated Modernized Services for Hosted SaaS (91520)​
• Known Issues – Resolved​

• Intelligent Hub for macOS must be upgraded to version 24.07.1 to prevent macOS Profile removal from being blocked with Mod Stack (Resolved in macOS Hub 24.07.1+)​
• Profiles Assigned Through Freestyle Workflows Installed on Unintended Devices (6000667) (Resolved in UEM 24.06.0.13+)​
• macOS Profiles shows “Installed but not assigned” and contains profile duplicates (6000682) (Resolved in macOS Hub 24.07.2+)​
• [Modern Architecture] ChromeOS Device Sync fails (6000731)
• ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Architecture Enabled UEM Environments (6000670)
• [Resolved] Tagging Operations Behavior Change in Mod Stack Enabled Environments (6000180) (Enhanced in Workspace ONE UEM 2406 Patch 22 and 2410)
• Known Issues – Ongoing​

• ARES-28824 – Known Issue with Sorting Applications on Device Details Page with Modern SaaS Architecture Enabled UEM Environments (6000670)​
• Evaluated device count higher than Assigned count in Deployment Tracking for Modern SaaS architecture enabled UEM Environments (6000191)​
• Known issues of Product Provisioning in the UEM modernized stack (6000686)​
• Workspace ONE UEM – Modern Stack Device-Based Events are not exported via Syslog Integration (6000677)​
• ARES-30657 – For some internal apps, devices receive lower app version instead of the highest assigned version in modern-architecture enabled UEM environments (6000718)
• FileVault Recovery Keys are missing for macOS devices after Modern Stack Migration (6000719)
• FileVault Disk Encryption Pop Up for macOS Devices after Modern Stack Update (6000722)
• [Modern Architecture] Devices Removed from Assignment Groups with “Enterprise Version” Filter (6000730)

High Priority KBs: 

• Upcoming Changes to the Cloud Distribution Network (CDN) URL for Omnissa Access and Hub Services (6000795)
• Horizon Cloud Service transition to Omnissa (6000824)
• Preparing for Omnissa Innovation Updates (6000840)
• Legacy Domain End of support and required action for Workspace ONE Cloud-Hosted domain vmwservices.com (6000843)
• Workspace ONE UEM – Upcoming Update to the Intelligence, Token Service, ESR, and CNS URL scheme – Action Required (6000867)
• Update Workspace ONE Boxer for iOS and Android with new Workspace ONE domain (6000868)
• Update Workspace ONE Content for iOS and Android with new Workspace ONE domain (6000869)
• Update Workspace ONE SDK for iOS and Android with new Workspace ONE domain (6000872)
• Update Workspace ONE Web for iOS and Android with new Workspace ONE domain (6000873)
• Update Workspace ONE Intelligent Hub for iOS and Android with new Workspace ONE domain (6000874)
• Update Workspace ONE PIV-D Manager for iOS and Android with new Workspace ONE domain (6000875)
• Omnissa Intelligence Migration to New Domains (6000876)
• Upcoming Changes to the Cloud Notification Service (CNS) URL for Omnissa Hub Services (6000877)
• Update Workspace ONE Email Notification Service (ENS) for OnPrem with updated Omnissa domain (6000878)
• Updates for WS1 Intelligence integration in UAG (6000879)
• Update to Workspace ONE Launcher (6000880)
• Update Workspace ONE App Wrapping & Plugins with new Workspace ONE domain (6000881)
• Upcoming Changes: Required Update to Intelligence SDK to Continue Sending Analytics Data to Omnissa Intelligence (6000882)
• Domain Migration :: Upcoming Changes to the Token URLs and Intelligence API URLs for Omnissa Workspace ONE ITSM Connector app for ServiceNow (6000883)
• Update Workspace ONE Intelligent Hub for MacOS with updated Omnissa domain (6000885)
• Update Workspace ONE Tunnel for iOS and Android and ChromeOS with updated Omnissa domain (6000886)
• Workspace ONE (on-prem) DEX for Windows and macOS (6000890)
• Workspace ONE DEX for Horizon (URL Migration) (6000891)
• DEX for UEM SaaS for Windows and macOS (URL updates) (6000892)
• Legacy domain suggested upgrade sequence (6000894)
• Omnissa World Link Directory
  For an overview about links to customer portals and relevant information follow the above link.
• System Migration Changes Impacting Workspace ONE and Horizon Customers (97841)
  The end-user computing (EUC) division of Broadcom will transition from VMware-hosted systems to EUC-hosted systems in April and May 2024. This transition is part of our preparation to become a standalone entity following the acquisition of EUC by KKR.

Recently added KBs (Links) 

• Multi-Staging Logout Moves Device to Incorrect OG on 24.10 Patch 17 (6000970)
• HUBI-12475 – Mobile SSO (for Apple) authentication may fail if Device Auth Type is set to biometric or biometric-passcode. (6000971)
• Black Screen on Horizon Client with Intel GPU and H.264/HEVC/AV1 (Driver 32.0.101.6881) (6000974)
• Assignment and installation data may be misreported for devices assigned to Internal app versions with exclusions (6000978)
• Employee Experience DEEM Agent Proxy Configuration (6000979)
• iOS Intelligent Hub shows the default device name instead of Device Name immediately after enrollment in UEM only mode. (6000982)

Recently updated KBs (Links)

• Apple’s Volume Purchase Program (VPP) installation/syncing/license issues/errors when integrating with Workspace ONE (2960900)
• [Action required] Upgrade Chrome OS devices to Workspace ONE UEM Extension 25.06 (6000169)
• ps to collect logs for Workspace ONE Content App, UEM – Content and Content Gateway (6000910)
• gh memory usage in AirWatch Cloud Connector due to accumulation of temporary files (6000958)
• Patch instructions to address CVE-2025-32463 found in Photon sudo package used in Omnissa Access (6000965)

Community and YouTube Updates 

• Workspace ONE Hub Services Overview Tours – VIEW DEMO
• App Volumes Overiew Tours – VIEW DEMO
• Horizon Overview Tours – VIEW DEMO
• Workspace ONE UEM Overview Tours – VIEW DEMO

3rd Party Blog Updates & Industry News 

• Introducing WOMBAT! Workspace ONE macOS Baselines Authoring Tool
• Workspace ONE Launcher deployment upgrade best practices

Beta, Lab and Tech Preview Updates 

• Get started with Omnissa Beta-program

Currently available:

• Intelligent Hub for Android Managed API Feature – Available until further notice
• MSAL Global Sign-in/Sign-out for Shared Devices– Available until further notice
• HCS for Partners – Available until 01/30/2026
• Horizon 8 on VCD – Available until 12/31/2025
• HCS vSphere Edge – Available until 01/30/2026
• Horizon 8 on Nutanix (Select customers only)
• Omni – Available until 7/31/2025
• Windows Server Management (Select customers only) – Available until 7/31/2025
• Omnissa Security Events Service – Available until 7/19/2025
• Conditional Access – iOS Shared Device Mode for Entra ID Beta– Available until further notice
• Apple macOS Platform SSO with Omnissa Access* – Available until 7/17/2025
• Device Trust for WS1 Tunnel* – Available until 7/17/2025

Coming soon:

• Identity Services – Migration to Entra ID for UEM* (Limited Availability) – July
• Launcher – July

Past Omnissa Event Recordings

Omnissa Online	Recording of Omnissa Online Event: YouTube Recording	Various
Omnissa Tech Deep Dive: Bringing VDI goodies to your physical desktops and laptops	We invite you to a demo-packed session, where you will learn how to bring the benefits of App Volumes and DEM (Dynamic Environment Manager) to your physical Windows devices.This brings the same benefits and features you know from your Horizon VDI environments to your desktops and laptops. You have full control over the application lifecycle, ensuring the best user experience and more! Omnissa Tech Deep Dive: Bringing VDI goodies to your physical desktops and laptops	Pim van de Vis	Jun 18
Unified Windows Management: Windows Server Management (Beta) and Windows Multi-user in Workspace ONE UEM	This webcast will focus on the Omnissa Workspace ONE Windows Server Management Beta and Windows Multi-user management support.Unified Windows Management: Windows Server Management (Beta) and Windows Multi-user in Workspace ONE UEM	Grischa Ernst, Product Line ManagerCamille Debay, Product Line Manager – Windows ManagementSaurabh Jhunjhunwala, Staff Customer Success Engineer	17 June
Omnissa Tech Deep Dive: Bringing VDI goodies to your physical desktops and laptops	We invite you to a demo-packed session, where you will learn how to bring the benefits of App Volumes and DEM (Dynamic Environment Manager) to your physical Windows devices.This brings the same benefits and features you know from your Horizon VDI environments to your desktops and laptops. You have full control over the application lifecycle, ensuring the best user experience and more! Omnissa Tech Deep Dive: Bringing VDI goodies to your physical desktops and laptops	Pim Van De Vis, Customer Success Engineer	18 June
Omnissa Tech Deep Dive: Enrich your access policies with more data for better security	@Peter Björk will cover the security capabilities in the Omnissa platform, real-time and continuous data sharing, and access decisions based on more data about the user, devices, and session.Omnissa Tech Deep Dive: Enrich your access policies with more data for better security	Peter Björk	Apr 16 2025
Increase the value of your Omnissa deployment with advanced data and automation: powered by Intelligence and Freestyle Orchestrator	Join us to discover how Omnissa Intelligence and Omnissa Freestyle Orchestrator can help you unlock advanced data insights and automation, maximizing the value of your Omnissa deployment.Increase the value of your Omnissa deployment with advanced data and automation: powered by Intelligence and Freestyle Orchestrator	Evan HurstNigitha AlugubelliMitch Berk	Apr 2 2025

Latest Patch & Seed Script Updates:

OS Updates Seed Script

• Most recent update :

• macOS 26 beta 2 (25A5295e)
• visionOS 26 beta 2 (23M5279f)
• tvOS 26 beta 2 (23J5295e)
• iPadOS 26 beta 2 (23A5276f)
• iOS 26 beta 2 (23A5276f)
• Last Update: CW26

Device Model Seed Script

• Seed Script to support
• iPad Air 11-inch (M3) Wi-Fi
• Last update: CW26

Workspace ONE UEM 23.10

• Patch level 23.10.0.52
• AGGL-18082 – Move Google API calls from Entity Reconcile Service to Integration Service for events like User Group Edited.
• Last Update: CW25

Workspace ONE UEM 24.02

• Patch Level: 24.2.0.34
• AAPP-18714 – Unable to install a few internal and purchased apps due to error 12008 – MDM Command invalid.
• Last Update: CW29

Workspace ONE UEM 2406

• Patch level 24.6 Patch 41

All Environments

• UM-9083 – Issue with Directory Admin login post making any changes to the admin role/account.
• CRSVC-62807 – Privilege Esclation via Secondary Contexts Path Traversal in UEM DevicesV1Controller.

Modernized Environment

• FCA-209954 – Add a label to the ‘About’ page in UEM for environments which have the modern architecture enabled.
• Last Update: CW29

Workspace ONE UEM 2410

• Patch level 24.10.0.19

All Environments

• MACOS-5335 – Unable to refresh a sensor for a macOS device from the Device Details page.
• FCA-210831 – Admin account roles not readable.
• FCA-210742 – Errors while navigating to different pages in the UEM console.
• ESI-549 – Launcher CICO fails when enrolment restriction for device model is present, despite device being in allowlist.
• AGGL-18884 – Credential payload upload certificate failing for ChromeOS.
• AAPP-19271 – Custom DEP now supports min OS version enforcement.
• Last Update: CW29

Workspace ONE UEM 2506

• Patch level 25.06.0.0

Admin Experience

• FCA-205420: EnrollmentUserCredentials lookup value in message template generates message preview in bad formatting.
• FCA-206116: Console events do not log some Admin Role Events.
• FCA-207442: SSP testCookie is set while JavaScript implementation without explicitly defining the attributes.
• FCA-207572: Device List View filter for internal storage does not display actions in the UI.
• FCA-207745: UEM console sends email notifications for account modifications when the home button is pressed using the new deployment method.
• FCA-207895: UEM console makes an incorrect request at landing page for the admin user who enables 2FA and configures landing page.
• FCA-208029: EID Value and Phone Number are not getting populated for iPad devices.
• FCA-208136: The API call “DeviceExtensiveSearchAsync” does not work properly with multiple filters.
• FCA-208232: “POST /devices/gps/search” API call does not honour date ranges.
• FCA-208380: Custom message template for Admin Activation is not getting selected correctly.
• FCA-208389: WS1 API request continuously fails with a 500 internal server error for mdm/devices/search endpoint.
• FCA-208390: The “Apply” button on filters does not work when devices list is opened from Assignment Groups page.
• FCA-208419: NetworkInfoSearch API is not using the steps that appear in the official documentation.
• FCA-208708: Administrator Password Reset Email is not appearing as a customizable message template.
• FCA-208958: A DOM-based cross-site scripting (XSS) in onmodalexit query parameter leads to full ATO/environment compromise.
• FCA-209732: When hovering over devices from Device List View (Layout → Custom), a blinking popup makes it harder to use right-click options (UEM 2410).
• FCA-209861: Admin Account Settings > Notifications does not show the “Maintenance and Upgrade” option when “AdminSaaSNotificationsDLManagementFeatureFlag” is enabled.
• FCA-209869: ‘Query Device’ action is not working for a bulk selection of devices on the list view.
• FCA-209873: Images vanish from custom message templates after they are saved.
• FCA-209897: Filtering for ‘Container’ as a management mode is also returning ‘Hub Registered’ devices on the Device List View.
• FCA-209901: Event log incorrectly displaying “sysadmin” as the admin when ‘Find Device’ action is performed on an Android device.
• FCA-209920: Intelligent Hub is redirecting to the login screen when an admin updates the IP address, when user name by IP range is enabled.
• FCA-209970: The Device List View OS version filter does not work for iOS devices.
• FCA-210004: Bulk Action for ‘Delete Device’ results in a “Save Failed” error.
• FCA-210023: Event data opens an error screen in the Device Details > Troubleshooting tab.
• FCA-210177: Unable to reset the password of a basic admin account in UEM with MFA enabled.
• FCA-210276: Admin role comparison does not work.
• FCA-210331: UAT environments migrated to the new Access URLs without Access being ready for new Access endpoint URL usage.
• FCA-210440: The /devices/extensivesearch API in MDM API V1 does not filter device records with MAC address.
  Android Management
• AGGL-17018: CICO with Launcher Apps are not always removed when combined with App assignments.
• AGGL-17044: Android devices are intermittently not added to Smart Groups that filter by manufacturer and model.
• AGGL-17096: “IsEncrypted” API call for Android is not working.
• AGGL-17113: VPN profile URL whitelist does not get applied through profile UI.
• AGGL-17115: Application configuration shows inconsistent behavior for Check-in and Check Out users on Android devices.
• AGGL-17575: Android Credentials profile becomes corrupted when adding a version if “Allow silent app access” is enabled.
• AGGL-17940: Android apps are removed from devices when renamed by administrator.
• AGGL-18098: When rebooting devices from UEM Console, an incorrect warning message appears.
• AGGL-18123: Workspace ONE UEM may fail to configure per-app VPN with Tunnel for Android devices.
• AGGL-18137: Android Enterprise Factory Reset Protection profile is not prompting option to remove FRP prior to wiping device.
• AGGL-18264: Android Legacy profiles are incorrectly installing on Android Enterprise devices.
• AGGL-18400: Last Reboot is not reported or is reported inaccurately in UEM console.
• AGGL-18561: Unable to Override Privacy Settings.

Assist

• AET-18974: Assist Chat features are not visible when the Session is launched from RemoteManagementV1/V2 Controller MDM API.
• Core Platform
• CRSVC-50701: Enhanced logging functionality now obfuscates full API key entries.
• CRSVC-51190: The targeted logging test fails with an error even after it is re-enabled with the right password and later disabled it.
• CRSVC-53629: Resource delivery is blocked by Compliance Policy with Enterprise Wipe action.
• CRSVC-57801: Compliance policy evaluation has been enhanced to immediately reflect updates to policy rules.
• CRSVC-58522: Failed to fetch metadata from the server for workflows, causing delays in resources delivery.
• CRSVC-60875: Device Wipe Log does not load successfully.
• CRSVC-62002: Attempts to enable device-based targeted logging are failing.
• CRSVC-62148: Administrator at a child OG is unable to re-evaluate Compliance Policies managed by a parent OG.
• CRSVC-62531: Workspace ONE DB upgrade maintenance schema conflict resulting in job failure.
• CRSVC-62714: Cross-tenant IDOR allows uploading the MIME Sign-in certificate not belonging to the tenant for an iOS exchange resource.
• CRSVC-62832: ‘ConnectSync’ webhook event is not showing on UEM console under Event notifications list.

Enrollment

• ENRL-4305: Enrolment blocked by server timeout in customer’s OGs in UEM console.
  Enrollment and Service Integrations
• ESI-103: Tags are not getting assigned for devices being enrolled through Dropship Provisioning.
• ESI-554: Registered device records have incorrect user info link.

Freestyle Orchestrator

• FS-5588: Workflows install retired app version.
• FS-5716: Windows application installation fails with an error.
• FS-6560: ‘Failed’ sensor status incorrectly parsed by workflow as ‘condition not met’.
• FS-7790: Workflow completion rate drastically dropped upon update.

iOS Management

• AAPP-17070: In an iOS desktop device profile with DDUI, aw-tag for Allow Find My Device is incorrectly located.
• AAPP-17815: Custom Command shows ‘Pending’ under the Troubleshooting tab in Device Details.
• AAPP-17981: Notifications are not sent upon successful installation of iOS update.AAPP-18028: ABM resources don’t get installed upon enrollment.
• AAPP-18183: Personal or User-installed apps display in console even though privacy settings aren’t enabled for it.
• AAPP-18397: DEP Await Configuration ends prematurely before the device is fully configured.
• AAPP-18577: Per App rules for iOS VPN profile are enabled by default when adding a new version of the profile.
• AAPP-18578: Schedule OS Update commands in queueing state are not removed when the device is excluded from the Smart Group.
• AAPP-18601: Unable to edit iOS profiles.
• AAPP-18837: Supervised iOS devices cannot be deleted.
• AAPP-18840: The count of ‘Not encrypted devices’ is not matching in the Device Dashboard and Device list view pages.
• AAPP-18864: Repeated UserList sample processing leads to DB CPU spike.
• AAPP-18868: Enhanced Single App Mode to Address Support for native Apple Applications.
• AAPP-18903: App installation fails when VPP licenses request is not confirmed as complete.
• AAPP-19172: Cannot update iOS Devices due to page not found error.
• AAPP-19307: Unable to enroll the iOS 18.5 devices when enrollment restriction policy is set to iOS 18.4.1.
• AAPP-19353: When trying to manually trigger an installation as a UEM admin for select vpp applications, you get a “access denied” gray banner.

Launcher

• LAUN-21: Customize Single App Floating Button should not be displayed when profile type is multi-app or template.LAUN-22: Launcher layout page is not scrollable when many apps are added.
• LAUN-54: Adding apps to an existing Launcher profile under Products fails.
• LAUN-58: Globalization Failure on Latest Canoncial.
• LAUN-61: Editing attributes of an app on the launcher profile canvas allows changing the application ID to an already existing different app bundle ID.
• LAUN-63: Web Links with the same name prevent Android Enterprise Launcher canvas from changing and saving the proper link.

macOS Management

• MACOS-5322: macOS devices are not completing enrollment as expected and get stuck on “waiting for management” server while DEP enrollment.
• MACOS-5408: Disk encryption profiles are incorrectly delivered to excluded devices.
• MACOS-5594: Privacy preferences profile fails to install on macOS devices.
• MACOS-5817: Re-enrolled macOS device is not installing profiles unless device record is deleted prior to re-enroll.

Resource Management

• ARES-28988: Application’s User Ratings list cannot be exported by a UEM admin.
• ARES-29119: Application_UUID is missing in response of GET API mdm/devices/{deviceUuid}/apps/search for Windows and Mac devices.
• ARES-29230: Alert to ‘Leave’ or ‘Cancel’ configuration is received when adding criteria under ‘When to Call Install Complete’ in Deployment Options for Windows apps.
• ARES-29493: BIOS Password Profiles are not applied to devices when deployed via workflows.
• ARES-29876: Getting “page not found” error, when you click Query button at Resources > Apps > Internal > 3CX Desktop App > Devices.
• ARES-29939: Unable to save the iOS Boxer application configuration when the ‘Enable FastSync’ App Policy is applied.
• ARES-30062: Exporting the list of evaluated devices from an Application’s Deployment Tracking page results in a failed export.
• ARES-30074: A Spaceman error occurs while searching for a number on Profile List View page.
• ARES-30565: ‘Setting Group’ sub-filter within ‘Platform’ filter on Profile List View page does not filter the profiles.
• ARES-30844: Filtering devices by installation status details or last action fails on the Internal App Deployment Tracking page.
• ARES-30919: Profile not being removed from device when ‘Remove’ action is performed from Device Details Profiles tab.
• ARES-30935: Admin is unable to view iOS profiles if any of their payload values have white spaces.
• ARES-30970: For some profiles, unassigned smart groups are still visible under ‘Assignment Groups’ column on Profile List View.
• ARES-31047: Launcher Profile configured with Custom Lookup fields fails to install on devices.
• ARES-31178: ‘Installed but not assigned’ status is incorrectly highlighted in red for seeded apps like Launcher on Device Details Apps summary page.
• ARES-31350: Deleting a child OG crashes Profile List View of parent OG if a Smart Group of child OG was assigned to a profile existing at Parent OG.
• ARES-31581: ‘Distribution’ tab on Windows Internal app Assignment page is missing several options when editing assignments from Deployment Tracking page.
• ARES-31813: Saving SDK profile shows error has occurred but entered details are still present when the profile is opened for viewing.
• ARES-32056: Opening or editing Android Enterprise profiles displays error if DDUI is enabled in the UEM environment.
• ARES-32065: Incorrect total profile count is sometimes displayed on the Device Profiles list.
• ARES-32251: Profiles on Device Details Profiles tab are listed in reverse alphabetical order.
• ARES-32296: Unable to apply Dependency App filter for Windows Internal apps on Internal App List View page.
• ARES-32356: While publishing a VPP app, device preview page displayed ‘Added’ devices even when no changes are made to the assignment.
• ARES-32372: Inactive profiles are sometimes not visible on Profile List view.
• ARES-32380: Admin at child OG receives a ‘Door Locked’ error while accessing Deployment Tracking page of an app added at parent OG.
• ARES-32467: ‘View’ instead of ‘Assign’ displayed against internal app versions on App List View even when no direct or workflow assignments exist.
• ARES-32641: When trying to delete the profiles, it gives a ‘Door Locked’ error.
• ARES-32708: A few profiles are not visible on Device Profiles list in Partner enabled UEM environments.
• ARES-32733: Force removal of Internal app from Device Apps list sometimes gives ‘Door Locked’ error.
• ARES-32773: A duplicate entry is sometimes present on Device Apps list with status as Installed but not assigned for app installed via Workflow.
• ARES-32924: Sometimes, assigned apps are not visible in Intelligent Hub app catalog.
• ARES-33156: An error is displayed when editing profiles that have excluded Smart Groups but no assigned Smart Groups.

Rugged Device Management

• RUGG-13452: Pull service configuration file fails to download in OGs with trailing spaces in the OG name.
• RUGG-13523: Zebra printer enrollment does not honor SiteURL overridden on child organization groups and uses values at Global.

Tunnel

• PPAT-17434: Tunnel client not reconnecting once device regains compliance.
  User Management
• UM-9541: Cross-tenant IDOR allows viewing email message templates that do not belong to us.
• UM-9640: Unable to add devices on Productivity Organization Group.

Windows Management

• AMST-41583: Compliance status for firewall does not show correctly at the start of device.
• AMST-41874: Unable to delete an OG, getting an error “Save Failed Delete Failed”.
• AMST-41960: Application installation status is not reported correctly on UEM.
• AMST-42059: Firewall Profile fails to install on Windows 11 systems.
• AMST-42286: EAR update notifications are not working.
• AMST-42316: Device unassigned from SG still shows Sensor data for the excluded devices.
• AMST-42458: Certificate profiles are not installing with optional assignment while leveraging the Modern SaaS Architecture.
• AMST-42513: Shared Device Log page does not show correct count and page numbers.
• AMST-42613: ARM64 OOBE enrolled Windows devices stuck in Pending Hub state.
• AMST-42648: Devices getting enrolled with Container type management.
• AMST-42717: PPKG disappear in UEM but shows in DB.
• AMST-42753: API/system/users/delete fails with 500 error if action exceeds 30 sec timeframe for completion.
• AMST-42758: Friendly name is not updated when Windows staging enrolled device is checked out by a designate user.
• AMST-42785: The Compromised Status shows as unknown after Modstack.
• AMST-42826: Windows device does not check in after receiving WNS notification.
• AMST-42846: Smart Group device count is not updated until the Smart Group is re-saved manually.
• AMST-42971: ARM64 devices are unable to use Registry detection criteria.
• AMST-42987: AirWatch CA certificate is not getting installed with manual push of the SCEP profile.
• AMST-43082: AppX app deployment is not working after Hub and SFD were upgraded in UEM 24.2.0.18.
• AMST-43251: Certificates are retained on devices after profile removal.
• AMST-43407: Admin account stuck in DELETE IN PROGRESS state when trying to remove the admin.
• Last Update: CW28

Disclaimer

Please note: All information in this Newsletter is statically copied from various sources. Once published, these sources won’t be checked and the Newsletter won’t be updated retrospectively. In case of doubts, always check and refer to the linked source in Omnissa Docs, Techzone or Knowledgebase.