Microsoft has recently released a major update to the Windows Update catalog back-end, adding crucial information such as CVEs (Common Vulnerabilities and Exposures) addressed by the update and the CVE Score directly info API. This information is essential for Threat and Vulnerability Management decisions as well as Patch management and many organizations pay $$ for... Continue Reading →
Viewing the encrypted Apple profiles in Workspace ONE UEM console
Apple has an option to encrypt the MDM profile payloads (both iOS and macOS). But then when you try to view the profile XML in the console (ex. migrating payloads between UAT and Production environments, working with custom profiles) - they are encrypted! Turns out, there is a way to view the XML w/o having... Continue Reading →
Integrating Workspace ONE reporting with PowerBI
Last week one of my customers asked if Workspace ONE data could be used in PowerBI. Since Workspace ONE Intelligence Reports are included in every WS1 edition and are accessible via API - this is the easiest way to expose data to external systems. But how exactly? Even though I've never used PowerBI before, after... Continue Reading →
App version management in Android Enterprise – Managed Play Closed Tracks and their nuances
If you think my titles are wordy, check the official title of good old Robinson Crusoe! Anyway, today we will look at two important things: Using Managed Google Play feature called Closed Tracks to control app versions and update cycles in two scenarios:Multiple "deployment rings" for different device groupsDeveloper having customers with different update cyclesImportant... Continue Reading →
Enroll a Fully Managed non-GMS Android device using ADB
When dealing with non-GMS Android devices (specialized rugged devices, devices in China) one big challenge is actually enrolling them, since the code that enrolls a Fully Managed device is not part of AOSP. As I mentioned in my post about China, only a few vendors took care of this. In this post we you will... Continue Reading →
iOS 14.2 Xamarin bug – using Workspace ONE Intelligence Automations to improve user experience
There is currently an issue (confirmed by Microsoft) with Xamarin-based apps built for iOS 14.2 - they crash when deployed via MDM (but do not crash if installed manually from store) and only on the newer devices (iPhone XR etc). In this post I will show a solution that we came up with together with... Continue Reading →
Android 11 COPE and the end of Internal apps
We know about the changes to Android 11 COPE, and how they affect the EMMs. One aspect that was slightly overlooked though, is what happens to Internal apps, which many organizations are still employing. We have recently released a KB, which caused a bit of panic between customers and colleagues. Let’s dive deeper and see... Continue Reading →
Use compliance data in Azure AD Conditional Access policies by integrating Workspace ONE UEM with Microsoft
The title says it all! The feature has been available for a while in a closed preview status, but with 2008 it has moved to Public Preview! Similarly, Microsoft moved the APIs on their side to Public Preview as well, listing VMware Workspace ONE as the ONLY (currently) supported EMM. Needless to say, we are... Continue Reading →
Android management in China – what are your options?
After I published the article regarding the enrollment of Android devices in closed networks, the hottest question was how to apply it for China. The answer is as usual “it depends”. If you want to know more – read on! What’s the problem?What options are available?What is the optimal approach? What’s the problem? Problem is... Continue Reading →
Watch your certificates when working with Apple devices!
A while ago a colleague turned to me for help. Customer tested iOS, Android and Win10 with a SCEP server. Win10 and Android had no issues, but on iOS the certificates failed to install with a cryptic error. I decided to write a blog about it, because I expect a second wave of such issues... Continue Reading →