Today I needed to move my custom domain name from an old (and messy) AAD test tenant to a (sparkling) new one. Problem is, you can't simply delete the old custom name, since your user's UPNs and Email addresses are using it (AAD actually presents a nice screen, showing all the dependencies, but I am... Continue Reading →
Adding FIDO2 + Windows Hello fingerprint auth to Workspace ONE
This will be a short "recipe" type of post on how to showcase a new feature that was introduced in latest Workspace ONE Access SaaS release (sorry, no news for on prem now): FIDO2 auth. The video shows Yubikey, which I don't have, so I will be using Windows Hello (which in turn will use... Continue Reading →
Impress your users with an animated logon page in VMware Identity Manager!
Friday is here! First, credit goes to where credit is due - to my UK colleagues. Subscribe to their Twitter and blog - they are useful, and they don't spam nonsense! https://twitter.com/i/status/1148574735636336641 Now, let's figure out why it didn't work for the first time... Making it happen First, go to VIDM Management Console -> Identity... Continue Reading →
New Workspace ONE 19.x Open Enrollment Trainings!
Our training colleagues have just posted the schedule for the NEW open enrollment trainings on Workspace ONE 19.x! Including the Live Online options for those who prefer not to travel (cloud solutions are awesome). See the schedules and links below. Which one would you take? I am planning to attend the troubleshooting one! Workspace ONE:... Continue Reading →
WS1 UEM 1904: Fixing the ObjectGUID warning and improving SAML SSO security
If you use SAML SSO to log into the Workspace ONE UEM (AirWatch) console, you may see this warning after upgrading to 1904. First - don't panic! Everything still functions! Now that we're calm, let's find out what it is and how to address it. On the menu today: What is this strange warning and... Continue Reading →
Custom login URL for cloud WorkspaceONE Portal nice and easy
With WorkspaceONE deployed, many users begin their day at the main page of the WS1 Portal. Which, if you are using a cloud version, is usually hosted at a URL like <yourname>.vmwareidentity.eu (or com/etc for other regions). Many don't like this and want something like login.mycorp.com instead. Here's a short note on how to make... Continue Reading →
Modern mobile security: people or devices? (with Dilbert)
The IDC stats on mobile threats show that Top6 are user behaviour based, and not tech related. Why does that happened and what can be done? Read on and enjoy some Dilbert along the way!
Device Compliance with Identity Manager – the less obvious implementation details
Everyone likes the idea of Device Compliance checks. It allows us to differentiate between Company-issues, BYOD-enrolled, private and totally foreign devices, assess their security posture and execute access decisions based on this vital data, expanding our Conditional Access options. It is also extremely easy to use, just like that (VIDM Admin Console): Device Compliance can... Continue Reading →