
The Community
Stay up to date…
VMware End-User Computing Blog Bringing you the latest VMware EUC news, trends and product innovations.
- Digital employee experience innovations improve enterprise application performance and ease of managementby Marshall Anne Busbee on November 7, 2023 at 8:01 am
Organizations are investing in digital employee experience (DEX) solutions to empower their employees to do their best work, on any device. While there are many reasons to deploy a DEX solution, one outcome of a successful DEX strategy is helping IT become more efficient and lowering mean time to […]
- Intel and VMware announce vulnerability management below the OSby Kenny Takahashi on November 7, 2023 at 8:01 am
We are back with more exciting developments to share from Intel and VMware Workspace ONE! Through our expanded partnership with Intel, telemetry data from Intel® Core™ processors will enable Workspace ONE Unified Endpoint Management (UEM) to capture insights on vulnerabilities below the […]
- Announcing an expanded partnership between VMware and Liquit, a part of Recast Softwareby Lisa Matragrano on November 7, 2023 at 8:01 am
The partner ecosystem of Workspace ONE is an important component in addressing a truly unified management and security solution on all endpoints. Our partner, Liquit, a part of Recast Software, already helps power the Enterprise App Repository (EAR) in Workspace ONE for Windows applications. Today […]
- Leveraging insights and automation to optimize VDI, DaaS, and app deploymentsby Sachin Sharma on November 7, 2023 at 8:01 am
Two months ago at VMware Explore 2023 in Las Vegas, we unveiled our Apps Everywhere vision, anchored by VMware App Volumes and Apps on Demand. The goal with our Apps Everywhere vision is to unify and simplify app delivery and lifecycle management across any VDI, DaaS, or published app deployment, […]
- VMware unveils macOS management upgrades for Workspace ONE at Explore Barcelona 2023 by Paul Mounkes on November 7, 2023 at 8:01 am
At VMware Explore Barcelona, you’ll learn about several End-User Computing (EUC) innovations, and many EUC plans will be unveiled. Some of those plans have to do with Workspace ONE, and we’re here to focus on some specifically for macOS management. This story starts with the completion of the […]
- What’s new in Anywhere Workspace at VMware Explore Barcelona 2023?by Jack Madden on November 7, 2023 at 8:00 am
Once again, we’re back in Barcelona for VMware Explore! Following up on our announcements from VMware Explore Las Vegas just two and a half short months ago, we are excited to share a range of updates. Catch up on Las Vegas and make the most of Barcelona Before we get to the announcements, we […]
- VMware named a leader in the Quadrant Knowledge Solutions SPARK Matrix for End-User Experience Management, Q3 2023by Andrew Scott on October 31, 2023 at 10:08 pm
We are excited to announce that VMware has been recognized as a Leader in the 2023 Quadrant Knowledge Solutions SPARK Matrix™ for End-User Experience Management (EUEM)! This designation validates the strong VMware EUEM offering that gives our customers the ability to solve challenges in employee […]
- VMware and AuthX collaborate to streamline healthcare workflowsby Riley Bui on October 27, 2023 at 10:26 pm
The healthcare industry is in the midst of a transformative shift toward using cloud-based solutions. VMware and AuthX are already on the leading edge of this trend, and we are proud to announce our partnership! AuthX, is a prominent leader in identity management and authentication software. They […]
- VMware Workspace ONE unveils next evolution of Android device management with AMAPI betaby Manuel Perez on October 20, 2023 at 3:22 pm
At VMware Explore, we took a deep dive into the next evolution in Android device management: Android Management API (AMAPI). Now, we’re excited to announce that the beta for AMAPI is live! The beta supports management of Android devices enrolled in Work Profile mode, which is used for BYO or […]
- The power of data and intelligence in the modern workplace: The VMware Anywhere Workspace vision at Explore Barcelonaby Ralf Gegg on October 19, 2023 at 12:15 am
As technology continues to evolve and shape the modern workplace, companies are turning to data and intelligence to help stay ahead of the competition. The VMware Anywhere Workspace platform is the perfect example of how companies are harnessing the power of technology to build the workspaces of […]

Arsen Bandurian: Technical Blog Digital Workspace, End User Computing, Enterprise Mobility, AutoID, WLANs, OSes and other technical stuff I happen to work with
- Check if a Microsoft Form comes from a trusted sourceby apcsb on November 6, 2023 at 10:14 am
When you open a Microsoft Form asking you for some sensitive data, do you know where will your data land? Could it be phishing? Read on to find out… Recently, I have received an email at work asking me to fill out a form with some of sensitive personal details (voluntary disclosure). I don’t mind... Continue Reading →
- Enhancing Windows Update Catalog metadata Accessibilityby apcsb on September 11, 2023 at 7:30 am
Microsoft has recently released a major update to the Windows Update catalog back-end, adding crucial information such as CVEs (Common Vulnerabilities and Exposures) addressed by the update and the CVE Score directly info API. This information is essential for Threat and Vulnerability Management decisions as well as Patch management and many organizations pay $$ for... Continue Reading →
- Quickly validate and enable manual application uninstall via Intune Company Portal using Graph APIby apcsb on August 3, 2023 at 7:04 am
I am back and the titles are getting longer! If you are an Intune admin, you will probably be happy to know that one of the most required features has landed: Uninstall Win32 and Microsoft store apps using the Windows Company Portal. One thing you need to be aware of, is that this feature is... Continue Reading →
- Building a custom Windows Update Report p1: Parsing HTML via PowerShell on modern systems (no IE)by apcsb on July 28, 2022 at 7:30 am
Wow, it’s been a while! A customer of mine recently wanted a detailed report that should include info such as how many weeks is the Windows on the machine behind the latest available Security Update. We’ve found to a way to combine Intune Data Warehouse and PowerBI to pull data that allows to identify the... Continue Reading →
- A case of OneDrive Personal Vault not coming up (0x8031000a, MDM, GPO and BitLocker)by apcsb on March 18, 2022 at 6:23 pm
Today I wanted to enable the Personal Vault feature on my Home PC. While following the wizard I got an error 0x8031000a “Your organization requires your device to join the domain before you can use the Personal Vault”. What does this have to do with MDM. GPO and BitLocker troubleshooting? Here’s some quick Friday entertainment!... Continue Reading →

- A guide to raising better support requestsby Jason Bayton on November 5, 2023 at 12:00 am
Dear support, There is a problem with my devices, they won't load my app. Does this look familiar? How about: A customer reports their remote control connection is unstable, and performance is unreliable. It has been like this for some weeks. Unfortunately these two examples are inspired by some of the many support requests I've observed in the last few weeks alone, with many more examples like this over the years I've been supporting customers and internal teams. Why are these examples of weak support requests? The information provided is just enough to suggest there's a problem, but doesn't offer near enough of what is needed to debug the issue and instead requires the assigned support person, or team, to reach out to gather more information in order to be able to start troubleshooting. In the first example, the support team will know: There's an app More than one device is affected, potentially. It's not confirmed but can be assumed based on the wording and still needs validating. They will not however know: How long it's been happening The app in question (package name, version, recent changes) What policies may be in scope to check for misconfigurations (in case of an EMM-enrolled device) How the app is distributed The devices in question (make/model/OS version) .. and much more contextual information, all of which the support team will be forced to reach out to attain, adding unnecessary back-and-forth before the issue can even be addressed. In the second example, support will know: The customer is using a remote control product It's not a one-time occurrence But won't know: What unreliable means; does the connection fail? Is it slow? Does it drop frequently? Device(s) info (make, model, OS version) Number of devices affected Who the customer(s) is If there are errors shown Steps to replicate the issue locally Environmental information, such as how devices are connecting to the internet .. and more again. Why does this matter? # By choosing to raise tickets similar to the examples above, it is guaranteeing the time to resolution for a problem will be considerably longer, more drawn-out, and require more effort on both ends. For internal teams communicating issues in this way it additionally demonstrates a lack of care and/or respect towards your colleagues' time and workload. The aim of raising a support request is to resolve an issue, whether that's a problem in production, a resource request, or anything else related to a block associated with a product or service at a personal or company level. Likewise, the aim of the support team is to resolve requests as quickly and efficiently as possible; they're supporting many customers and/or end users in most circumstances and having requests sitting unresolved negatively impact SLAs, KPIs, and often reflect poorly on the assigned support team or team member. The goal then for both sides of the request is the same, and one of the most effective ways to ensure a request is resolved with minimal friction is to reduce back-and-forth with support; that doesn't mean pre-empting any possible question a support team member could possibly have, rather it's about putting in more than the minimum effort when raising a request that offers greater insight into the request at hand for a faster resolution, and a win-win for both sides. So in contrast to the above, let's look at suggestions that can improve support requests. The following has a lean on mobility platforms and systems, but can naturally be adapted to other products and solutions Provide information upfront # Here's your basic checklist when raising an issue with support that will substantially reduce the delay to debugging: A concise description of the issue How long it has been happening How many devices are affected Any specific tenant/platform/policy details to identify you How many customers are known to be affected, and customer names (for MSP/internal support) Device identifiers (serial number, IMEI) of affected device(s) support can opt to focus on Device information, make, model, OS version, OS build number. Provide more than one if details aren't consistent across affected devices Affected app information, package name(s), app versions (for app related issues) Replication steps Any scoped policies or configurations applied Logs, pictures, video of issues respectively An example of a support request offering some of the above information - taking the above first example of a submitted issue - could look like this: Dear support, I have this week deployed a new app via MDM, however it is not showing up on my devices. The policy I am using is App deploy 1 and my tenant is Customer tenant 3. The devices targeted are a mixture of Android 11 & 12, I have checked and so far the app is not present on more than 10 devices, including the following IMEIs I have with me: 12345678901234 12345678901235 The application in question is my Package, a private application uploaded to the iFrame. I haven't had this issue with other applications from the Play Store so I'm unsure of why this one is failing. The policy saved fine and the app is showing pending install status. When considering the above, the contrast between the first and second version of this support request is stark. From the revised ticket the support team will know: This is a new issue It's affecting multiple devices, two of which are provided for review The customer environment, policy, and application names are provided for immediate troubleshooting The application is a private app, and is an exception to the norm of public apps being used The EMM is showing the app is assigned, but devices are not installing With the addition of a few sentences and additional contextual information, the support team will have all of the information needed to start immediately troubleshooting, negating the need to ask additional questions, or set up a call for more info. The only thing that would improve the above would be the addition of a bug report, since replication steps and video/image aren't relevant in this instance, though understandably fetching logs from devices may require assistance over a call, or at a minimum a detailed walkthrough. Naturally depending on the type of issue there may be a need for more, or different, information. The remote control issue referenced in the above second example for instance would typically additionally require environmental information, such as: Type of connection used (Wi-Fi, cellular) Connection quality Distance from router for Wi-Fi Inside a building or outside for cellular, signal strength (bars shown, or dBm) Can it be replicated on another network? Can it be replicated with another device? Average session lengths, if successful Replication steps to any reliable session end Are there firewalls in place, or network QoS policies active? Load the device is under normally, as a lower-spec device may struggle casting its screen while performing other activities Are prompts being received? In Kiosk deployments, apps may not be able to display over the locktasked kiosk environment, or the notification bar may be disabled All of this information isn't expected in an opening issue request, but considering any of this for inclusion will significantly help in reducing the back-and-forth required, so as the requestor of a support ticket, the more information you provide upfront, the sooner an issue can be resolved. Be reasonable with urgency # Is your request urgent? But is it really? It's both tempting and commonplace to see relatively minor requests raised as urgent or critical. The saying goes if everything is urgent, nothing is. If all requests carry an urgent or critical priority status, the efficacy of self-set priority will fade fast, and will potentially impact the speed at which your requests are addressed. Is the issue local to just yourself, or not replicable on multiple devices? It's likely not urgent, as it doesn't impact overall business function or productivity. Has a system update taken a store, or region, offline? That'll be urgent, or critical, depending on the defined SLAs in place with the support team. Keep in mind, the priority is not a substitute for poor time management, always aim to raise requests in due time when taking into consideration the SLAs offered by the support team. You probably don't need a call # One of the most common occurrences I've seen in recent years is the requirement from the support requestor to have a call to discuss the requests for further information needed by the support team. Further information being that which aims to obtain the missing information from the request that hasn't been provided upfront. What typically follows is support setting up a call with the requestor wherein the support team simply asks the questions once again through a different medium, and notes down the answers themselves. Obviously there are situations where calls are legitimately seeking assistance in obtaining the requested information (such as how do I find the OS version for the device or how do I collect device logs?) and these are wholly justifiable. But if your intention is to defer the questions asked until they're asked again over a call, this is once more going to significantly delay how quickly your issues can be resolved. Take the time to read the request for information, and offer best-effort answers based on your understanding for each question; even if only half of the questions are answered and a call is needed to cover off the remaining with additional context or explanation, you may have already provided enough information for the issue to be identified and again saved all sides time and effort where it doesn't need to be expended. Timely responses help everyone # If you're raising a support request, be prepared to engage with the support team in a timely manner. From the perspective of the support team, requests raised with little information and extremely slow responses are the worst. Not only can the request not be solved, but the support team is then burdened with adhering to SLAs and non-response processes that mandate multiple follow-ups for information, and this may be triggered multiple times through the lifecycle of a request. By raising a request and then treating it as your lowest priority, everyone suffers. Use the appropriate channels # Support teams may have a process in place for receiving requests through a multitude of channels, however often sending Teams/Slack/GChat messages directly to individual support personnel isn't one of them. It's certainly one of the easiest methods to get the attention of a support team member, but it has the potential to cause issues later. At best, it'll be a distraction, at worst the issue won't be properly logged and tracked, meaning there will be no formal request logged for the issue; this can present as a problem later if the issue requires retrospective review or similar issues exist and the team goes looking to reference. Do both sides a favour, log the request through the company-approved channels, and keep communication there. Go forth and raise better requests # Armed with the above advice, and a little insight from the other side, I trust you'll be able to create support requests both you and the support team you're raising to will benefit from. Just a few small changes to the approach of asking for help will make a world of difference. Good luck!
- A guide to raising better support requestsby Jason Bayton on November 5, 2023 at 12:00 am
Dear support, There is a problem with my devices, they won't load my app. Does this look familiar? How about: A customer reports their remote control connection is unstable, and performance is unreliable. It has been like this for some weeks. Unfortunately these two examples are inspired by some of the many support requests I've observed in the last few weeks alone, with many more examples like this over the years I've been supporting customers and internal teams. Why are these examples of weak support requests? The information provided is just enough to suggest there's a problem, but doesn't offer near enough of what is needed to debug the issue and instead requires the assigned support person, or team, to reach out to gather more information in order to be able to start troubleshooting. In the first example, the support team will know: There's an app More than one device is affected, potentially. It's not confirmed but can be assumed based on the wording and still needs validating. They will not however know: How long it's been happening The app in question (package name, version, recent changes) What policies may be in scope to check for misconfigurations (in case of an EMM-enrolled device) How the app is distributed The devices in question (make/model/OS version) .. and much more contextual information, all of which the support team will be forced to reach out to attain, adding unnecessary back-and-forth before the issue can even be addressed. In the second example, support will know: The customer is using a remote control product It's not a one-time occurrence But won't know: What unreliable means; does the connection fail? Is it slow? Does it drop frequently? Device(s) info (make, model, OS version) Number of devices affected Who the customer(s) is If there are errors shown Steps to replicate the issue locally Environmental information, such as how devices are connecting to the internet .. and more again. Why does this matter? # By choosing to raise tickets similar to the examples above, it is guaranteeing the time to resolution for a problem will be considerably longer, more drawn-out, and require more effort on both ends. For internal teams communicating issues in this way it additionally demonstrates a lack of care and/or respect towards your colleagues' time and workload. The aim of raising a support request is to resolve an issue, whether that's a problem in production, a resource request, or anything else related to a block associated with a product or service at a personal or company level. Likewise, the aim of the support team is to resolve requests as quickly and efficiently as possible; they're supporting many customers and/or end users in most circumstances and having requests sitting unresolved negatively impact SLAs, KPIs, and often reflect poorly on the assigned support team or team member. The goal then for both sides of the request is the same, and one of the most effective ways to ensure a request is resolved with minimal friction is to reduce back-and-forth with support; that doesn't mean pre-empting any possible question a support team member could possibly have, rather it's about putting in more than the minimum effort when raising a request that offers greater insight into the request at hand for a faster resolution, and a win-win for both sides. So in contrast to the above, let's look at suggestions that can improve support requests. The following has a lean on mobility platforms and systems, but can naturally be adapted to other products and solutions Provide information upfront # Here's your basic checklist when raising an issue with support that will substantially reduce the delay to debugging: A concise description of the issue How long it has been happening How many devices are affected Any specific tenant/platform/policy details to identify you How many customers are known to be affected, and customer names (for MSP/internal support) Device identifiers (serial number, IMEI) of affected device(s) support can opt to focus on Device information, make, model, OS version, OS build number. Provide more than one if details aren't consistent across affected devices Affected app information, package name(s), app versions (for app related issues) Replication steps Any scoped policies or configurations applied Logs, pictures, video of issues respectively An example of a support request offering some of the above information - taking the above first example of a submitted issue - could look like this: Dear support, I have this week deployed a new app via MDM, however it is not showing up on my devices. The policy I am using is App deploy 1 and my tenant is Customer tenant 3. The devices targeted are a mixture of Android 11 & 12, I have checked and so far the app is not present on more than 10 devices, including the following IMEIs I have with me: 12345678901234 12345678901235 The application in question is my Package, a private application uploaded to the iFrame. I haven't had this issue with other applications from the Play Store so I'm unsure of why this one is failing. The policy saved fine and the app is showing pending install status. When considering the above, the contrast between the first and second version of this support request is stark. From the revised ticket the support team will know: This is a new issue It's affecting multiple devices, two of which are provided for review The customer environment, policy, and application names are provided for immediate troubleshooting The application is a private app, and is an exception to the norm of public apps being used The EMM is showing the app is assigned, but devices are not installing With the addition of a few sentences and additional contextual information, the support team will have all of the information needed to start immediately troubleshooting, negating the need to ask additional questions, or set up a call for more info. The only thing that would improve the above would be the addition of a bug report, since replication steps and video/image aren't relevant in this instance, though understandably fetching logs from devices may require assistance over a call, or at a minimum a detailed walkthrough. Naturally depending on the type of issue there may be a need for more, or different, information. The remote control issue referenced in the above second example for instance would typically additionally require environmental information, such as: Type of connection used (Wi-Fi, cellular) Connection quality Distance from router for Wi-Fi Inside a building or outside for cellular, signal strength (bars shown, or dBm) Can it be replicated on another network? Can it be replicated with another device? Average session lengths, if successful Replication steps to any reliable session end Are there firewalls in place, or network QoS policies active? Load the device is under normally, as a lower-spec device may struggle casting its screen while performing other activities Are prompts being received? In Kiosk deployments, apps may not be able to display over the locktasked kiosk environment, or the notification bar may be disabled All of this information isn't expected in an opening issue request, but considering any of this for inclusion will significantly help in reducing the back-and-forth required, so as the requestor of a support ticket, the more information you provide upfront, the sooner an issue can be resolved. Be reasonable with urgency # Is your request urgent? But is it really? It's both tempting and commonplace to see relatively minor requests raised as urgent or critical. The saying goes if everything is urgent, nothing is. If all requests carry an urgent or critical priority status, the efficacy of self-set priority will fade fast, and will potentially impact the speed at which your requests are addressed. Is the issue local to just yourself, or not replicable on multiple devices? It's likely not urgent, as it doesn't impact overall business function or productivity. Has a system update taken a store, or region, offline? That'll be urgent, or critical, depending on the defined SLAs in place with the support team. Keep in mind, the priority is not a substitute for poor time management, always aim to raise requests in due time when taking into consideration the SLAs offered by the support team. You probably don't need a call # One of the most common occurrences I've seen in recent years is the requirement from the support requestor to have a call to discuss the requests for further information needed by the support team. Further information being that which aims to obtain the missing information from the request that hasn't been provided upfront. What typically follows is support setting up a call with the requestor wherein the support team simply asks the questions once again through a different medium, and notes down the answers themselves. Obviously there are situations where calls are legitimately seeking assistance in obtaining the requested information (such as how do I find the OS version for the device or how do I collect device logs?) and these are wholly justifiable. But if your intention is to defer the questions asked until they're asked again over a call, this is once more going to significantly delay how quickly your issues can be resolved. Take the time to read the request for information, and offer best-effort answers based on your understanding for each question; even if only half of the questions are answered and a call is needed to cover off the remaining with additional context or explanation, you may have already provided enough information for the issue to be identified and again saved all sides time and effort where it doesn't need to be expended. Timely responses help everyone # If you're raising a support request, be prepared to engage with the support team in a timely manner. From the perspective of the support team, requests raised with little information and extremely slow responses are the worst. Not only can the request not be solved, but the support team is then burdened with adhering to SLAs and non-response processes that mandate multiple follow-ups for information, and this may be triggered multiple times through the lifecycle of a request. By raising a request and then treating it as your lowest priority, everyone suffers. Use the appropriate channels # Support teams may have a process in place for receiving requests through a multitude of channels, however often sending Teams/Slack/GChat messages directly to individual support personnel isn't one of them. It's certainly one of the easiest methods to get the attention of a support team member, but it has the potential to cause issues later. At best, it'll be a distraction, at worst the issue won't be properly logged and tracked, meaning there will be no formal request logged for the issue; this can present as a problem later if the issue requires retrospective review or similar issues exist and the team goes looking to reference. Do both sides a favour, log the request through the company-approved channels, and keep communication there. Go forth and raise better requests # Armed with the above advice, and a little insight from the other side, I trust you'll be able to create support requests both you and the support team you're raising to will benefit from. Just a few small changes to the approach of asking for help will make a world of difference. Good luck!
- Ask Jason: How should we manage security and/or OS updates for our devices?by Jason Bayton on October 24, 2023 at 12:00 am
Damien asked, through the Mobile Pros Slack community: We have approx 5000 COPE devices with just over 4000 of them Samsung all managed using WS1 UEM. Should we use e-FOTA? If not what? What about BYOD devices? Our security team is advising us to cut access to those who don’t have a patch of 2 months old. Our minimum version is OS 12 but this would mean cutting the access to quite a few devices whose manufacturer is no longer rolling out patches! I can do this via compliance policies on WS1 but I find this a bit extreme. [..] Jason, not sure if you can weigh in here? 😉 This is such a common question, and rightly so because it's one of those subjects that tends to involve more than one part of the business, with various understandings, opinions, and perceptions on what's secure across the whole mobility estate, not Android alone. Jason says # For your question it's a little varied by use case but most popularly day to day for updates I tend to use the windowed update policy to push app and system updates overnight (or off the clock), and occasionally check in to see if anything is struggling. Not being a Samsung house for the last few years I've not leaned on e-FOTA [recently] but I absolutely would for major update management (or rather, postponement) for testing, since the 90 days AE offers comes with caveats. It has many more features than typical OTA management as well I'm sure you could get used to 🙂 For cutting off, 2 months doesn't even permit the normal 90 day update cycle many OEMs offer. Perhaps over 6 months isn't unreasonable, but a non-supported device should be considered in the context of its supported counterparts. What was patched in 6 months after EOL? Probably nothing critical, possibly nothing overtly vulnerable. OEMs can technically get away with 12 months of SMR from new, and then only patch critical, which may be 10 a year, or none in 3. An arbitrary period of time doesn't make the best sense in that regard particularly for BYOD where your biggest concern is breaching the work personal divide, and any vuln capable of that would be talked about. You'd be ruling out almost brand new devices after just a year - in an extreme example. Instead, I would (and do) monitor CVEs for impacting vulnerabilities and make a call to cut off devices that don't have the associated SMR once available. It's a monthly check but honestly compared to the support burden of arbitrary blocking of devices based on a number plucked from the sky it's my preference. Fully managed estates without the additional protection of profile isolation I err to the side of replacement at EOL. Exceptions exist for this too though, kiosk devices fully locked down with no user access will be inherently less vulnerable than knowledge worker devices; there's a sliding scale of risk to consider based on use case as I mentioned, and that comes down to the risk appetite of the organisation.
- Ask Jason: How should we manage security and/or OS updates for our devices?by Jason Bayton on October 24, 2023 at 12:00 am
Damien asked, through the Mobile Pros Slack community: We have approx 5000 COPE devices with just over 4000 of them Samsung all managed using WS1 UEM. Should we use e-FOTA? If not what? What about BYOD devices? Our security team is advising us to cut access to those who don’t have a patch of 2 months old. Our minimum version is OS 12 but this would mean cutting the access to quite a few devices whose manufacturer is no longer rolling out patches! I can do this via compliance policies on WS1 but I find this a bit extreme. [..] Jason, not sure if you can weigh in here? 😉 This is such a common question, and rightly so because it's one of those subjects that tends to involve more than one part of the business, with various understandings, opinions, and perceptions on what's secure across the whole mobility estate, not Android alone. Jason says # For your question it's a little varied by use case but most popularly day to day for updates I tend to use the windowed update policy to push app and system updates overnight (or off the clock), and occasionally check in to see if anything is struggling. Not being a Samsung house for the last few years I've not leaned on e-FOTA [recently] but I absolutely would for major update management (or rather, postponement) for testing, since the 90 days AE offers comes with caveats. It has many more features than typical OTA management as well I'm sure you could get used to 🙂 For cutting off, 2 months doesn't even permit the normal 90 day update cycle many OEMs offer. Perhaps over 6 months isn't unreasonable, but a non-supported device should be considered in the context of its supported counterparts. What was patched in 6 months after EOL? Probably nothing critical, possibly nothing overtly vulnerable. OEMs can technically get away with 12 months of SMR from new, and then only patch critical, which may be 10 a year, or none in 3. An arbitrary period of time doesn't make the best sense in that regard particularly for BYOD where your biggest concern is breaching the work personal divide, and any vuln capable of that would be talked about. You'd be ruling out almost brand new devices after just a year - in an extreme example. Instead, I would (and do) monitor CVEs for impacting vulnerabilities and make a call to cut off devices that don't have the associated SMR once available. It's a monthly check but honestly compared to the support burden of arbitrary blocking of devices based on a number plucked from the sky it's my preference. Fully managed estates without the additional protection of profile isolation I err to the side of replacement at EOL. Exceptions exist for this too though, kiosk devices fully locked down with no user access will be inherently less vulnerable than knowledge worker devices; there's a sliding scale of risk to consider based on use case as I mentioned, and that comes down to the risk appetite of the organisation.
- Pixel 8 series launches with 7 years of software supportby Jason Bayton on October 5, 2023 at 12:00 am
Google yesterday announced the Pixel 8 series, something I almost missed being wholly occupied with the release of Android 14 and all the new enterprise docs and features that came with it. (You can see what's new here and find my notes on articles and such shared yesterday here). There are plenty of new features exclusive to the model, but the biggest announcement as far as I'm concerned is that of software support. Second only to Fairphone's commitment just a few weeks ago of up to 10 years of support for the Fairphone 5, Google as one of the larger OEMs on the market has come very close with a commitment of 7 years, both major OS and security patch support is guaranteed here, meaning the Pixel 8 should find its way up to Android 20/21 by 2030. Today we announced our commitment to providing seven years of software support for Pixel 8 and Pixel 8 Pro, including Android OS upgrades, security updates and regular Feature Drops. That means your Pixel 8 and Pixel 8 Pro will be supported all the way into 2030. - Google The announcement post is not quite explicit enough as the above quote could be later construed to mean a mix of both OS and security patches, allowing Google to stop at Android 18 if desired given each major release benefits from CVE backporting for 3 years (as it stands in 2023, at least), however with further digging their own documentation offers a black-and-white commitment of both OS updates and security updates until 2030: Phone Guaranteed Android version updates until at least: Guaranteed security updates until at least: Pixel 8 & Pixel 8 Pro October 2030 October 2030 Pixel Fold June 26, 2026 June 25, 2028 Pixel 7a May 8, 2026 May 7, 2028 Pixel 7 & Pixel 7 Pro October 2025 October 2027 As you may notice from the above, this is a reasonable increase in support over previous devices, including the just-released Fold. This achievement looks to be linked to the new Tensor G3. Tensor, Google's in-house chip, offers them end-to-end control over the hardware they ship, and the support they provide. This is in contrast to many OEMs on the market reliant on the likes of Qualcomm and MediaTek, vendors with many chipsets available and little financial incentive to offer extended support on most of them (exceptions to this exist, see again Fairphone's use of the QCM6490).
While we're looking at software updates, Google took the opportunity to announce a change to how they release updates: As part of this effort, our security updates, bug fixes and feature updates won’t roll out on a specific day each month. Instead, we’ll deploy updates as soon as they’ve completed the necessary tests to ensure they improve the experience for all Pixel customers. - Google This is good news for Pixel customers. Though it may appear as if guaranteed zero-day updates are being dropped, in reality Google are foregoing a rigid schedule in favour of better-tested, more reliable updates overall, they may just not arrive on the same day every month. Finally, Google also promise component availability for the full period of support, ensuring for as long as Google provides updates, customers and organisations will be able to repair their devices. That's a pretty big deal. Another nail in the coffin for 3 years of support # To save rewording what I wrote in the Fairphone article: OEMs offering just 3 years of security updates are basically offering one, maybe two OS version upgrades at a push, and just enough patching to tick a box for minimum viable lifecycle. For consumers with more aggressive hardware cycles (carriers offering annual upgrades, younger generations/enthusiasts swapping more often to keep up trends) it can be argued the effort to reward isn't too skewed, since beyond 3 years of security updates you're catering to a much smaller market. But for enterprise? Not even close. Organisations for years have far, far outrun this lifecycle, and have suffered the higher TCO associated with replacing devices out of security update support to protect their environments. It's somewhat improved over the older standard 18 months as a typical EoL for software support (around the time MADA started referencing it), but it's long been desired to get this well up towards the 7 year mark. - Fairphone raises the bar with commitment to Android updates As it happens, well up towards the 7-year mark is exactly where the 8 series sits, making it a pretty compelling choice for enterprise use. If they confirm decent (3+ year) hardware availability also, to allow organisations to purchase more as they need them rather than changing to a newer model, that'd take the cake.

The Bearded Wonder From Down Under All things VMware Workspace ONE, Identity and everything in between.
- Introducing Rollcall - Azure Active Directory to Workspace ONE Access SCIM Proxyby The Bearded Wonder From Down Under on November 19, 2020 at 3:57 am
I don't even know where to start here!This project has been one of the most frustrating but […]
- The Elusive Cloud Based Windows Deploymentby The Bearded Wonder From Down Under on April 28, 2020 at 6:51 am
It's a bit like Bigfoot. Some have said they've seen it, and can suggest how it might work. Some […]
- Imaging Windows 10 Devices for Workspace ONE - Part 2: Creating, Capturing and Deploying a Reference Imageby The Bearded Wonder From Down Under on April 27, 2020 at 6:41 am
Now that you have a WDS environment that can complete some basic task sequences and deploy images, […]
- Imaging Windows 10 Devices for Workspace ONE - Part 1: Installing Windows Deployment Servicesby The Bearded Wonder From Down Under on April 25, 2020 at 3:02 am
Full disclose straight up - this is a long one.I often get asked that once we remove SCCM from a […]
- So I wrote my first Appby The Bearded Wonder From Down Under on April 15, 2020 at 6:30 am
And it was exhausting! I've never really been interested in coding, but with being in front a […]

Brooks Peppin's Blog Managing Windows in the Modern Workplace
- A Beginners Guide to Azure AD Join – Everything you Need to Knowby Brooks Peppin on April 26, 2023 at 6:58 pm
Welcome to the beginner’s guide to Azure AD join! As businesses increasingly rely on cloud-based solutions, Azure Active Directory has become an essential tool for ... Read more
- Understanding Windows Feature Updates in Microsoft Intuneby Brooks Peppin on December 19, 2022 at 10:07 pm
Deploying Windows 10/11 feature updates with Microsoft Intune is much simpler than traditional methods. You no longer have to “push” out the full patch or ... Read more
- Intune vs. Workspace ONE: 15 Pros and Cons (2022 Edition)by Brooks Peppin on October 17, 2022 at 4:53 pm
Microsoft Intune and VMware Workspace ONE are both industry-leading Unified Endpoint Management (UEM) solutions. If you look at any Gartner Magic Quadrant chart from the ... Read more
- How to Fix Hybrid Azure AD Join Error 0x801c005b: error_computer_signature_check_failureby Brooks Peppin on September 30, 2022 at 12:34 am
Seeing error 0x801c005b alongside error_computer_signature_check_failure when attempting to Hybrid Azure AD join your Windows devices? This error will prevent the hybrid join process from completing. ... Read more
- How to Deploy Custom ADMX Settings with Intuneby Brooks Peppin on August 23, 2022 at 4:05 pm
Starting in the 2208 release of Intune, Microsoft has added the ability to import custom ADMX files to the console and deploy to clients. This ... Read more

Many Miles Away Helping you succeed with end user computing technologies
- Integrating VMware Identity Services with Oktaby Darryl Miles on November 1, 2023 at 5:24 am
VMware Identity Services is a relatively new service that allows organizations to centrally manage their cloud-based identities in Workspace ONE … More
- Getting Started with VMware Digital Employee Experience (DEX)by Darryl Miles on August 17, 2023 at 10:21 am
VMware Digital Employee Experience (DEX) measures workplace experience, analyzes data, helps deliver a high-level employee experience, and helps remediate issues … More
- Enabling and Troubleshooting VMware Horizon True SSOby Darryl Miles on August 12, 2023 at 3:22 am
True SSO was introduced by VMware Horizon back in 2016. It allows users to authenticate with Workspace ONE Access using … More
- Configure Okta as an Identity Provider for VMware Workspace ONE Accessby Darryl Miles on July 25, 2023 at 6:58 am
This blog article describes how to configure Okta as the identity provider to Workspace ONE Access. You can use this configuration … More
- Streamline 3rd party application access with VMware Horizon by leveraging Azure AD B2B Guest...by Darryl Miles on July 25, 2023 at 4:17 am
Most organisations need to provide secure access to third party organisations to their on-premises applications. How can you achieve this … More

Sam Akroyd Thoughts on Tech
- VMware Explore EU: Session Previewby Sam Akroyd on October 10, 2022 at 10:13 am
Its that time again, just 6 weeks until VMware launch the new annual event in Barcelona. The session catalog has been announced and its full of great content, but with 100s of options, which sessions stand out for me? If anyone has followed my blogs for the past few years, you’ll know I was a
- VMware Explore US – What’s New?by Sam Akroyd on September 5, 2022 at 8:17 am
Last week VMware debuted their new annual event, VMware Explore. Gone was the VMworld banners of years gone by, replaced with a slick new brand, promising inclusivity for developers, security folk and others alongside the thousands of VMware followers. Aside from the clientelle though, whats new? VMware Explore made its debut last week, and as
- vSphere+ is here! What is it and why is worth upgrading to it?by Sam Akroyd on July 6, 2022 at 2:36 pm
This week VMware announced vSphere+ with a lot of fanfare, but what is it, and why should customers be looking at switching their traditional perpetual on-prem licences to it? Read on and hopefully you’ll learn a thing or two…. Having been fortunate to having sat on both the operational IT and vendor side, you get
- Who are the next big hitters in the world of tech?by Sam Akroyd on June 21, 2022 at 1:30 pm
One of the great things of being in the world of tech is not just appreciating the next product or feature coming into the products that your business is releasing. Don’t get me wrong – thats awesome cause you can see customers adopting and consuming those new features, but at heart, I’m still the kid
- Managing Windows with SaltStack Config – Part 2: Roles & Configby Sam Akroyd on March 15, 2022 at 4:08 pm
In the previous blog we got started with managing Windows using SaltStack Config, getting familiar with winrepo and installing software in line with our standard server builds. Next we are going to expand upon that and add the correct Windows roles, configuration and settings to our Windows Server builds. Anyone who has been (un)fortunate to

- Workspace ONE UEM and Windows Multi Userby techhub981158167 on August 23, 2023 at 3:48 pm
Multi User or Shared Device, if you want to look at it that way, is something that has been supported with VMware Workspace ONE UEM but more so for Mobile Operating Systems rather than Windows. VMware has received feedback from several customers on wanting to be able to support a Windows Multi User use case. … Continue reading Workspace ONE UEM and Windows Multi User →
- Workspace ONE UEM 2306 releaseby techhub981158167 on August 18, 2023 at 2:13 pm
I don’t often post about software releases but given the amount of updates and new features in 2306 I though I would call it out. I won’t go into huge detail as that’s what Release Notes are for, but I did want to call out a couple of features that caught my eye. The full … Continue reading Workspace ONE UEM 2306 release →
- Workspace ONE Intelligent Hub Notificationsby techhub981158167 on June 20, 2023 at 1:25 pm
A look at VMware Workspace ONE Intelligent Hub notifications. The test device was an Oppo Android device that was enrolled into Workspace ONE in Registered mode rather than full device enrollment, full enrollment also works but it just happened this device was Registered.
- Workspace ONE Assist and Registered Modeby techhub981158167 on June 9, 2023 at 3:25 pm
Is it possible to use Workspace ONE Assist when a device is Hub Registered? In short, yes. In this video I will take a look at remote Assist on an Android device when it is enrolled into VMware Workspace ONE UEM as Hub Registered rather than full device enrolment.
- VMware Workspace ONE ITSM Connector for ServiceNow 3.0by techhub981158167 on April 26, 2023 at 8:22 am
A little over a year ago, February 2022 from memory, VMware released a Connector from Workspace ONE UEM to ServiceNow which meant that some features from Workspace ONE UEM would be open to Support staff that had access to ServiceNow. This allows you to carry out common tasks such as change passcode, device wipe, enterprise … Continue reading VMware Workspace ONE ITSM Connector for ServiceNow 3.0 →

Thomas Cheng Welcome to my digital home!
- Proofpoint Certified Insider Threat Specialist Course 3 – A Day in the Life of an Insider Threat...by techiecheng on March 29, 2023 at 8:38 pm
Proofpoint recently released a three-part training webinar on identifying and mitigating insider threats. By viewing and taking the exam after all the sessions, Proofpoint will award you with a certificate. This post will recap what I learned in course 3 of this series.
- Proofpoint Certified Insider Threat Specialist Course 2: Building a Successful Insider Threat...by techiecheng on March 29, 2023 at 6:59 pm
Proofpoint recently released a three-part training webinar on identifying and mitigating insider threats. By viewing and taking the exam after all the sessions, Proofpoint will award you with a certificate. This post will recap what I learned in course 2 of this series.
- Proofpoint Certified Insider Threat Specialist Course 1 – Getting Started with Insider Threatsby techiecheng on March 26, 2023 at 4:47 am
Proofpoint recently released a three-part training webinar on identifying and mitigating insider threats. By viewing and taking the exam after all the sessions, Proofpoint will award you with a certificate. This post will recap what I learned in course 1 of this series.
- ‘Invalid credentials. Try again.’ when signing onto Workspace ONE UEM console with Active...by techiecheng on September 23, 2022 at 4:00 pm
Awhile back, I wrote a post on the error when signing into UEM with my AD credential. “Please contact Administrator” when signing onto Workspace ONE UEM console version with Active Directory credential Today, I got a different error when signing in with my AD credential to our shared SaaS/sandbox CN135: ‘Invalid credentials. Try again.’ I
- The true beauty of the Apple Beta Software Programby techiecheng on June 6, 2022 at 4:00 pm
Throughout the years, I’ve written many blog posts related to iOS update. Prevent users from installing iOS beta software in VMware Workspace ONE UEM by AirWatch Managing iOS update with Workspace ONE UEM Schedule iOS Update with VMware AirWatch Stop iOS update on its track with VMware AirWatch iOS 12.2 is here and how it

VirtuallyUnboxed Lifting the lid on everything virtual
- End of support for vSphere 6.5.x and 6.7.xby virtuallyunboxed on October 20, 2022 at 4:31 pm
In case you missed it, last week marked the end of general support for vSphere 6.5 and 6.7. This is the same regardless of whether you were using it for data centre services or EUC services like Horizon.
- Desktop Repurposing v4by virtuallyunboxed on October 20, 2022 at 4:23 pm
This year, myself and Matt Evans joined forced again, along with newcomer, Jonathan D'arcy to review some of the best desktop repurposing tools on the market. As with previous years we reviewed imaging and performance. However, this year we also took a look at the accompanying management solutions.
- VMware SASE and Cloud Web Securityby virtuallyunboxed on January 22, 2022 at 3:11 pm
Let's start with the basics! SASE is a Gartner term and is an abreviation of Secure Access Service Edge. Still not much help right? Well lets start explaining this by looking at how people typically work, espeically remotely, and how their traffic is secured. Most of you that ever work remotely will most likely use a device level VPN. This uses software on your device to create a tunnel into your company data centre and allows you to remotely access internal resources. This is how most companies have done it for many years, and it really dates back to the days when all a companies resources were in their own data centre. Tunnelling all the traffic back into the data centre was the perfect way to reach everything a remote user would need.
- Workspace ONE UEM and Workspace ONE Access Integration for Hub Servicesby virtuallyunboxed on March 2, 2021 at 4:06 pm
I know there are a lot of SaaS customers out there who have only been using basic MDM functionality within Workspace ONE. The platform has moved on a lot in the last few years and if you haven't already seen it i strongly suggest you check out hub services. This takes the Workspace ONE agent that is used for device management and adds additional functionality to the application such as a unified app catalogue, people search and a notifications platform to name but a few!
- Workspace ONE Access FIDO2 integrationby virtuallyunboxed on February 19, 2021 at 2:33 pm
As of this month (Feb 2021) All Workspace ONE Access SaaS tenants, now supports FIDO2 as an authentication method. So, I thought i'd put together a short video showing how easy it is to configure it and some different device types using the solution.

Mobile Jon's Blog My WordPress Blog
- Demystifying the Microsoft Authentication Broker for Intune on iOSby [email protected] on November 9, 2023 at 4:07 pm
Recently, I was working with a new client who is having issues with Azure AD/Entra Conditional Access. Essentially their issues stemmed from requests on iOS devices that were missing device information when authenticating to Microsoft services. Historically, AAD-CA has never been the easiest Microsoft tech to comprehend or work with. This is something I was
- Bringing Neurodiversity to VMware Explore 2023: Barcelonaby [email protected] on November 1, 2023 at 6:26 pm
Back in August, I had the pleasure of sharing the stage with a few amazing individuals as I highlighted here. It was an absolutely amazing time sharing the stage with Lauren and Phillip Monk (who in the last few months I have gotten to know and has been great for me). Many of us with
- Windows 365 and VMware App Volumes Delivers Instant Apps to Cloud PCsby [email protected] on October 23, 2023 at 11:44 pm
Recently, I covered the first piece of the VMware Horizon and Windows 365 integration. Accessibility inside of the Horizon client and the Blast Extreme protocol elevate Windows 365 in a huge way. Today, we are covering the second part of this integration with App Volumes. Something I am coining “Instant Apps to Windows 365” handles
- Okta Desktop Password Sync Delivers Platform SSO to MacOSby [email protected] on October 17, 2023 at 3:16 am
Back in 2022, I wrote about a neat announcement called Platform SSO. The road to delivering it for many vendors have been SO DAMN LONG. Finally, in the second half of 2023, we are starting to see vendors deliver what I dub Enterprise Connect 2.0 (one could argue it would really be Enterprise Connect 3.0
- Deep Dive into the New Microsoft Teamsby [email protected] on October 9, 2023 at 6:58 pm
Late last week, Microsoft brought the new Microsoft Teams application to GA for Windows and MacOS. It has been a long time coming as the experiment of putting lipstick on the pig that was Skype and Lync and building something special. Today, we will discuss the architecture, show you how to get ready, talk about
VMware Workspace ONE The un-official subreddit for VMware Workspace ONE. I recently started learning/managing Workspace One for the company I work for, I came to reddit to find others and saw that there wasn’t a community, so I started one. Our discord is here https://discord.gg/Zhr3TqMMf6
- Forcing a Windows Update ex Windows 11 23H2by /u/XxGet_TriggeredxX on November 10, 2023 at 5:33 am
What is the best way to force a windows update to users who are out of compliance? Would this be done in the Updates part of the profile or is this a custom XML that is needed? submitted by /u/XxGet_TriggeredxX [link] [comments]
- Got Nudge finally working in Workspace Oneby /u/XxGet_TriggeredxX on November 10, 2023 at 3:59 am
Hi All, I am not sure if this has been solved already but in case someone else needs it I finally got a working Nudge profile in WS1 (Workspace One) I hope this may help others that were facing a similar issue. <dict> <key>PayloadDescription</key> <string>Configures Nudge settings</string> <key>PayloadDisplayName</key> <string>Nudge</string> <key>PayloadIdentifier</key> <string>com.github.macadmins.Nudge.18C362D7-5CF2-49B4-BDBC-296A2C3E690E</string> <key>PayloadOrganization</key> <string></string> <key>PayloadType</key> <string>com.github.macadmins.Nudge</string> <key>PayloadUUID</key> <string>18C362D7-5CF2-49B4-BDBC-296A2C3E690E</string> <key>PayloadVersion</key> <integer>1</integer> <key>osVersionRequirements</key> <array> <dict> <key>aboutUpdateURL</key> <string></string> <key>aboutUpdateURLs</key> <array/> <key>majorUpgradeAppPath</key> <string></string> <key>requiredInstallationDate</key> <date>2023-11-29T17:17:00Z</date> <key>requiredMinimumOSVersion</key> <string>14.1.1</string> <key>targetedOSVersions</key> <array/> <key>targetedOSVersionsRule</key> <string></string> </dict> </array> <key>userInterface</key> <dict> <key>actionButtonPath</key> <string>/System/Library/PreferencePanes/SoftwareUpdate.prefPane</string> <key>iconDarkPath</key> <string>/Library/Application Support/Logos/dark.png</string> <key>iconLightPath</key> <string>/Library/Application Support/Logos/light.png</string> <key>updateElements</key> <array> <dict> <key>_language</key> <string></string> <key>actionButtonText</key> <string></string> <key>customDeferralButtonText</key> <string></string> <key>customDeferralDropdownText</key> <string></string> <key>informationButtonText</key> <string></string> <key>mainContentHeader</key> <string></string> <key>mainContentNote</key> <string></string> <key>mainContentSubHeader</key> <string></string> <key>mainContentText</key> <string>IMPORTANT: Please ensure you are disconnected from VPN before attempting to update.\n\nA fully up-to-date device is required to ensure that IT can your accurately protect your device.\n\nYou may only defer this notification until the end of the update deadline. After the deadline has passed this notification will increase in frequency until this update is applied.\n\nPlease close out of unsaved work before updating.\n\nTo begin the update, simply click on the button above and follow the provided steps.</string> <key>mainHeader</key> <string>Your device requires a security update</string> <key>oneDayDeferralButtonText</key> <string></string> <key>oneHourDeferralButtonText</key> <string></string> <key>primaryQuitButtonText</key> <string></string> <key>secondaryQuitButtonText</key> <string></string> <key>subHeader</key> <string>A friendly reminder from the "Your Company Here" IT team</string> </dict> </array> </dict> </dict> submitted by /u/XxGet_TriggeredxX [link] [comments]
- Demystifying the Microsoft Authentication Broker for iOSby /u/Electronic-Bite-8884 on November 9, 2023 at 4:11 pm
submitted by /u/Electronic-Bite-8884 [link] [comments]
- WS1 Launcher Loginby /u/slaguru on November 9, 2023 at 2:35 pm
Hey all Anyone any ideas how to change the Rocket icon on the WS1 Launcher Login Screen to a custom pic. Is it SDK ? Thanks submitted by /u/slaguru [link] [comments]
- Useful Workspace One Scriptsby /u/XxGet_TriggeredxX on November 8, 2023 at 9:59 pm
Hi Workspace One Admins, What are some useful scripts/sensors that you use in your everyday work that makes life easier. These can be PowerShell/Bash/ZSH etc. Here is a sensor I use for reporting free space on Windows Devices $driveInfo = Get-WmiObject -Query "SELECT * FROM Win32_LogicalDisk WHERE DriveType = 3 AND DeviceID = 'C:'" $freeSpaceGB = [math]::Round($driveInfo.FreeSpace / 1GB, 2) Write-Output ($freeSpaceGB.ToString("F2") + " GB") #Sample output: 276.05 GB Please share your useful scripts/sensors so that all can benefit and make our lives easier submitted by /u/XxGet_TriggeredxX [link] [comments]
- Anyone ever migrate from on-prem AD to Okta in WS1?by /u/discoshanktank on November 8, 2023 at 6:38 pm
We're in the process of migrating away from active directory and using Okta for WS1. Has anyone done this before? Any tips before we go down this road? I haven't had much luck looking through WS1 documentation submitted by /u/discoshanktank [link] [comments]
- Friendly name updateby /u/Escles on November 8, 2023 at 11:48 am
Hi all!, Does anyone know if WS1 will re-evaluate friendly names or if there is a way to do force that? I just made changes to how it should appear and all previously enrolled machine still have the old format. Thanks in advance submitted by /u/Escles [link] [comments]
- Upgrading Mobile Phones from Android to Apple. Best Way to Migrate data?by /u/Sprattakus on November 7, 2023 at 3:44 pm
We are doing a mass upgrade from Android to iOS for our mobile devices. We currently have ABM enrolling all mobile devices on initial setup. What is the best way to migrate contacts, photos, messages, etc. from Android to iPhone when the "Migrate from Android" option isn't showing up due to WS1 enrollment? submitted by /u/Sprattakus [link] [comments]
- Hub crashing upon opening; validity not before 2118...by /u/GeekgirlOtt on November 6, 2023 at 11:58 pm
profile > device mgr > airwatch profile verify is shpwing validity period not before 2118 and valid until 2128 ? Assuming this is the reason for the app crashing ? Anyone seen anything like this at all before ? UPDATE: Hub crash related to outdated iOS version. Sep 2023 Hub release requires iOS 15 or later. submitted by /u/GeekgirlOtt [link] [comments]
- New user: utilize ws1 UEM for Windows 11 upgrade from 21H2 to 22H2by /u/SnooOpinions1394 on November 5, 2023 at 3:36 am
Hey everyone, new here. I want to utilize WS1 UEM to perform a Windows 11 in place upgrade from 21H2 to 22H2. This may spawn more spread out questions but what would the be best path forward? I have a windows update profile but my test devices do not do updates and I was also thinking about creating a batch package as well, need some help and direction. Thank you! submitted by /u/SnooOpinions1394 [link] [comments]
- Clear Chrome cache Androidby /u/NotAnAccountant1984 on November 3, 2023 at 9:15 pm
I’m looking to delete Chrome browser cache on multiple devices. I can’t figure it out. I’ve tried using a profile and app configuration. I can’t get BrowsingDataLifetime syntax to work. I would settle for only opening an incognito tab, but I don’t think that’s available for Android. Has anyone else ran into this issue? submitted by /u/NotAnAccountant1984 [link] [comments]
- How to restrict/prevent users from uninstalling the Intelligent Hubby /u/FixZealousideal9252 on November 3, 2023 at 5:08 pm
Hello, If a user is local admin of a Windows 10 device, is there a way to prevent the Intelligent Hub from being uninstalled? Best Regards submitted by /u/FixZealousideal9252 [link] [comments]
- Application stuck in Queueby /u/BedDesperate1600 on November 2, 2023 at 6:02 pm
Hello, Does anyone have an idea why an application could get stuck in Queued? The device looks good from UEM. WNS is connected. Compliant. It's checking in. I can query the device. However the application that was requested to be installed on the device is just sitting as "Queued - Install Application" under Commands for hours now. Any ideas how to remedy this? submitted by /u/BedDesperate1600 [link] [comments]
- Integrating Workspace ONE Access with Azure ADby /u/FixZealousideal9252 on November 2, 2023 at 7:57 am
Hello my sysadmins! Going a bit crazy here, so before I end up quitting my job, haha, can someone help? Guidance? https://darrylmiles.blog/2022/06/06/integrating-workspace-one-access-with-azure-ad/ Following the above guide, the Integration between Workspace ONE Access and Azure AD has supposedly been done. To test the configuration, I opened a new web browser and browse to my Workspace ONE Access tenant and I was redirected to Azure AD but I get an error message "Access denied". Has anyone come across this issue? submitted by /u/FixZealousideal9252 [link] [comments]
- Question - How to send Push Notification using Intelligence Freestyle workflow ?by /u/jmnugent on November 1, 2023 at 4:31 pm
Hello All !, I'm researching and trying to learn how to implement some Compliance Policies in WS1 (to "encourage" User to update iOS on their devices). To work towards that,.. I've used the classic UEM ui under "Compliance Policies" to successfully send a Push Notification. However,. I'd also love to be able to figure out how to develop an Intelligence Freestyle Workflow to do the same. Such as: Filter: Any iOS Device where "Available Updates" includes whatever current iOS version is still not yet installed (example now would be "iOS 17.1.0") I found this Blog page: https://digitalworkspace.one/2022/02/07/settings-for-sending-uem-notifications-with-intelligence/ .. where it recommends: Application = "IntelligentHub" Message Type = "apns" When I create my workflow and use the "TEST" button.. I get a "202 success" .. however the Push Notification never comes through to my test-devices. What am I doing wrong here ?.. UPDATE: I just discovered in the WS1 UEM console.. if I look under the target-device that I'm testing with,. the MORE \ TROUBLESHOOTING log does indeed seem to indicate 2 events at the times I attempt to send an APNS popup Notification Send Message Confirmed - WS1 Intelligence Connector - Admin Account : Shadow Admin {big long string GUID} It does show a MESSAGE TYPE "APNS" But nothing actually pops up on the iPhone I'm test-targeting. If I exit WS1 Intelligence and just go back to the normal "Compliance Policies" area of UEM,. I can successfully send Popups to my iPhone. So it is sort a working,. just not in Intelligence \ Freestyle submitted by /u/jmnugent [link] [comments]
- Enrolment complete splash screenby /u/iamdaveb1 on October 31, 2023 at 9:28 pm
Has anyone developed any tools that can provide the end user with a splash screen once the enrolment/apps/policies are fully complete? Our users skip through the oobe and esp landing at the desktop, setup bitlocker PIN and await applications to complete installation. Some security bits are hidden from a users prying eyes. So it would be good to tell an expectant user to wait until the said “splash screen” appears, which requires a final reboot. I have seen something from Microsoft in the past where someone developed a tracking page that ticked off everything that was installing, including all policies/apps etc before stating completion and forcing a reboot. But this was just a visual demo from an MS customer and not actually seeing the product or code. Any thoughts? Cheers submitted by /u/iamdaveb1 [link] [comments]
- how do you create token enrollment with workspace one for android?by /u/WoodShades on October 31, 2023 at 5:22 pm
Looking all over but not sure where / how to find the ability to create token enrollment for AW on Android. Anyone else know how to? submitted by /u/WoodShades [link] [comments]
- Sudden issue with device enrollment user API endpointby /u/padpooch on October 31, 2023 at 11:35 am
Hi, I'm currently helping a company managing their devices with WS1, and I've been working with them for about 1 year now. We use a bunch of different scripts to update device informations quickly. However one of them, which is used to change device owners, is not working properly anymore all of a sudden. I checked through Postman to see what was going on, expecting to see somekind of error that would help me fix the issue. But somehow, the PATCH endpoint /devices/{id}/enrollmentuser/{enrollmentuserid} mostly doesn't do anything whenever I give some valid user to a valid device, although it returns a 200 OK response. When checking that same device on the console, I can see the owner still remains the old one and hasn't been changed at all. Only a few device + user combinations seem to work but I haven't found any common parameter between these working combinations yet. Since I'm always getting OK 200 no matter the update outcome, I have no idea what's going on. Anyway this shouldn't even happen in the first place, since we could easily give any device to any user for months until now. Does/did anyone have the same issue as ours? Did some update break this endpoint? Note: I noticed the message about MacOS and iOS compatibility as shown in the screenshot. And the devices I'm trying to update are all Macbook Pro. https://preview.redd.it/rnz8udlyqixb1.png?width=755&format=png&auto=webp&s=091c0873585f63b911bc6f3e4eed59a36ff69fe0 submitted by /u/padpooch [link] [comments]
- Intelligent Hub Automatic Updatesby /u/FixZealousideal9252 on October 30, 2023 at 9:08 am
Workspace ONE (WS1) Intelligent Hub Does Not Automatically Update on Windows 10. We have check the Intelligent Hub Automatic Updates checkbox. The configuration for this is under All Settings > Devices & Users > Windows Desktop > Intelligent Hub Application. Has anyone seen this before? submitted by /u/FixZealousideal9252 [link] [comments]
- Cannot delete App Catalog after transfer to a new iPhoneby /u/jadvpetc on October 28, 2023 at 12:38 am
I forgot to unenroll my old device from the "hub" app (I think it's called AirWatch?), and it carried over the old "App Catalog" bookmark app to my new iPhone. Now I cannot delete it, and it co-exists with the new "App Catalog" bookmark app on my phone, which is quite annoying. Is there anyway to remove the old "App Catalog" app? Really appreciate so far I have tried below: remove the app from the General -> iphone storage, but it doesn't really delete the app remove the profile, but it doesn't remove the old app catalog submitted by /u/jadvpetc [link] [comments]
The Support Insider VMware Support News, Alerts, and Announcements
- From upgrading vSphere to troubleshooting issues with Tanzu Kubernetes Grid: Top 10 VMware Tanzu Knowledge Base Articles in September 2023.by Marcela Gleixner on October 11, 2023 at 12:18 pm
From upgrading vSphere to troubleshooting issues with Tanzu Kubernetes Grid: Top 10 VMware Tanzu Knowledge Base Articles in September 2023.
- 10 most popular KB articles in September 2023, for VMware Tanzu Application Service, BOSH and more.by Marcela Gleixner on October 9, 2023 at 9:54 pm
10 most popular KB articles in September 2023, for VMware Tanzu Application Service, BOSH and more.
- Top 10 Most Popular Knowledge Articles for Horizon, WorkspaceONE, End User Computing (EUC), Personal Desktop for September, 2023 by Jamie Gravatte on October 6, 2023 at 4:31 pm
Tweet Get answers and solutions instantly by using VMware’s Knowledge Base (KB) articles to solve known issues. Whether you’re looking to improve your productivity, troubleshoot common issues, or simply learn something new, these most used and most viewed knowledge articles are a great place to start. Here are the top 5 most viewed KB articles … Continued
- Top 10 Most Popular Knowledge Articles for HCX, SaaS, EPG Emerging Products Group for September, 2023 by Jamie Gravatte on October 5, 2023 at 2:26 pm
Tweet Get answers and solutions instantly by using VMware’s Knowledge Base (KB) articles to solve known issues. Whether you’re looking to improve your productivity, troubleshoot common issues, or simply learn something new, these most used and most viewed knowledge articles are a great place to start. Here are the top 5 most viewed KB articles … Continued
- Top 10 Most Popular Knowledge Articles for SRM, vSan, Core Storage for September, 2023 by Jamie Gravatte on October 4, 2023 at 7:00 pm
Tweet Get answers and solutions instantly by using VMware’s Knowledge Base (KB) articles to solve known issues. Whether you’re looking to improve your productivity, troubleshoot common issues, or simply learn something new, these most used and most viewed knowledge articles are a great place to start. Here are the top 5 most viewed KB articles … Continued
- Top 10 Most Popular Knowledge Articles for VMware Cloud for September, 2023 by Jamie Gravatte on October 4, 2023 at 2:09 pm
Tweet Get answers and solutions instantly by using VMware’s Knowledge Base (KB) articles to solve known issues. Whether you’re looking to improve your productivity, troubleshoot common issues, or simply learn something new, these most used and most viewed knowledge articles are a great place to start. Here are the top 5 most viewed KB articles … Continued
- Top 10 Most Popular Knowledge Articles for ESXi, VCenter, Automation Operations, vCF, and vCD for September, 2023 by Jamie Gravatte on October 2, 2023 at 4:51 pm
Tweet Get answers and solutions instantly by using VMware’s Knowledge Base (KB) articles to solve known issues. Whether you’re looking to improve your productivity, troubleshoot common issues, or simply learn something new, these most used and most viewed knowledge articles are a great place to start. Here are the top 5 most viewed KB articles … Continued
- VMware Skyline Advisor Pro Proactive Findings – September 2023 Editionby James Walker on October 2, 2023 at 3:33 pm
Tweet VMware Skyline Advisor Pro releases new proactive Findings every month. Findings are prioritized by trending issues in VMware Technical Support, issues raised through post escalation review, security vulnerabilities, issues raised from VMware engineering, and nominated by customers. For the month of September, we released 37 new Findings. Of these, there are 31 Findings based … Continued
- 10 Top New Articles for Horizon, WorkspaceONE, End User Computing (EUC), Personal Desktop from August, 2023: by Jamie Gravatte on September 15, 2023 at 6:01 pm
Tweet Discover the top 10 new articles for Horizon, Workspace ONE, End User Computing (EUC), and Personal Desktop from August 2023. These articles cover a range of important topics and resolutions, including issues with Workspace ONE UEM application pools and services failing to start, problems with editing or creating DDUI profiles in Workspace ONE UEM, decoding … Continued
- 10 Top New Articles for HCX, SaaS, EPG Emerging Products Group from August, 2023: by Jamie Gravatte on September 14, 2023 at 4:30 pm
Tweet Discover the latest insights and solutions for VMware’s emerging products group (EPG) in our August 2023 roundup. From addressing network connectivity issues in Windows Virtual Machines to optimizing migration scalability in HCX, these articles offer valuable guidance. Learn how to resolve problems like private key exposure in NSX-T syslog, firewall rule issues in NSX-T … Continued