Omnissa Pass

Joseph Klimczak April 21, 2025 No Comments

Omnissa Pass: Elevating Enterprise Authentication with Passwordless Security

In today’s digital landscape, traditional passwords have become a significant vulnerability, often leading to security breaches and user frustration. Recognizing this challenge, Omnissa introduces Omnissa Pass, a cutting-edge multi-factor authentication (MFA) solution designed to enhance security while simplifying the user experience.

🔐 What is Omnissa Pass?

Omnissa Pass is a mobile application that provides secure, passwordless authentication for enterprise applications and services. By leveraging FIDO2 passkeys, it offers a modern approach to authentication, eliminating the need for passwords and reducing the risk of credential theft. Users can authenticate using biometric methods or device-based credentials, ensuring both security and convenience.

🚀 Key Features

Passwordless Authentication: Utilizes FIDO2 passkeys to enable secure, password-free logins.
Multi-Factor Authentication (MFA): Combines device-based credentials with biometric verification for enhanced security.
Device Compliance Checks: Integrates with Omnissa Access to ensure that only compliant devices can authenticate, enforcing organizational security policies.
Seamless Integration: Works across various platforms and integrates with existing enterprise systems, facilitating a smooth transition to passwordless authentication.

📱 Availability

Omnissa Pass is available for download on major mobile platforms:

iOS: Download from the App Store
Android: Download from Google Play

🛡️ Enhancing Security with Omnissa Access

When paired with Omnissa Access, organizations can enforce strict access controls based on device compliance and user authentication. This integration ensures that only authorized users on compliant devices can access sensitive corporate resources, aligning with Zero Trust security principles.

🌐 Embracing the Future of Authentication

By adopting Omnissa Pass, enterprises can:

Reduce Security Risks: Eliminate vulnerabilities associated with traditional passwords.
Improve User Experience: Offer a seamless and intuitive authentication process.
Ensure Compliance: Meet regulatory requirements with robust security measures.

Transitioning to passwordless authentication with Omnissa Pass not only strengthens security but also enhances overall user satisfaction.

For more information and to explore how Omnissa Pass can benefit your organization, visit the Omnissa Tech Zone.

Blog WorkSpace One

Fetch – Windows Application Lifecycle Tool for Workspace ONE UEM Omnissa

Joseph Klimczak March 26, 2025 No Comments

Fetch Review: Simplifying Windows Application Management

Hi there folks!

After spending some time with Fetch, I’m excited to share my review of this innovative tool that addresses one of the biggest challenges in Windows Desktop management—Application Management.

The Challenge of Application Management

Workspace ONE Administrators know how complex and time-consuming it can be to make applications available on managed devices. Traditionally, the process involves manually downloading installers, preparing binaries, and creating detailed application entries within Workspace ONE UEM. This often leads to delays and inconsistencies in deployments.

What is Fetch?

Fetch is a Windows application designed to streamline and automate the deployment of native Windows applications within Workspace ONE. By automating the process of downloading installers, uploading binaries, and creating Native Windows Application entries complete with all required metadata, Fetch drastically reduces the manual workload and potential for errors.

With a robust database boasting over 7,000+ unique applications and a staggering 62,000+ application versions, Fetch offers an extensive resource that simplifies the deployment process.

Below is a snapshot of the tool in action:

Key Workflows Offered by Fetch

Fetch enhances the application management process with four main workflows:

1. Application Search and Creation:

• Simply search for an application by name and automatically generate its corresponding Native App entry in Workspace ONE UEM.

2. Software Asset Management Integration:

• Upload a Software Asset Management or Application Report (like the Installed Apps report from Workspace ONE Intelligence, Software Deployment Report from SCCM, or a Powershell report of network devices). Fetch checks its extensive database for matching applications, then assists in creating the corresponding Native App in UEM.

3. Application Version Management:

• Interrogate your current Workspace ONE UEM environment to discover if updated versions of applications are available. Fetch then enables you to upload and create the updated application version seamlessly.

4. Manifest-Based Deployment:

• Upload a manifest (template) containing details of your organization’s existing Native Windows Applications along with your installer files. Fill in the necessary metadata, and Fetch processes the manifest to upload the installers and create the apps in UEM accordingly.

The Verdict

As a reviewer, I found that Fetch effectively addresses many of the hurdles traditionally faced by Workspace ONE Administrators. Its automation of repetitive tasks not only saves time but also reduces the likelihood of manual errors, ensuring that application deployments are both consistent and efficient. The extensive database is a clear highlight, providing a strong foundation that supports a wide array of applications and versions.

If you’re looking for a tool that simplifies and accelerates Windows application management, I highly recommend giving Fetch a try. For more detailed instructions and to download the tool, check out the documentation and download Fetch.

Happy managing!

WorkSpace One

Omnissa Events

Joseph Klimczak February 5, 2025 No Comments

Omnissa Tech Deep Dive: What’s New with Omnissa DEX?

19 February 2025, 11:00 AM 12:00 PM

Link to the Event

Omnissa Tech Deep Dive: What’s new with Windows software distribution?

19 March 2025, 11:00 AM 12:00 PM

Link to the Event

Omnissa Tech Deep Dive: Enrich your access policies with more data for better security

16 April 2025, 11:00 AM 12:00 PM

Link to the Event

Blog WorkSpace One

Windows Server Management is coming to Workspace ONE UEM

Joseph Klimczak January 28, 2025 No Comments

Omnissa is enhancing Workspace ONE UEM with Windows Server support, enabling seamless management of all Windows computing devices. With a beta launch on the horizon, users can expect robust features like enrollment, software distribution, and server-specific analytics. Join our upcoming webinar for in-depth insights and to participate in the beta!

As an extension of the robust Windows Desktop functionality, Omnissa is introducing Windows Server support. Windows Server will be added to the long list of Workspace ONE UEM computing devices–first in beta introduction, with general availability to follow.

Soon you will be able to manage all Windows computers via Workspace ONE UEM. Below is a high-level overview, as well as an invitation to a webinar where more details will be discussed.

Find out more in [THIS] Techzone post by Jo Harder.

Blog How 2 Docs WorkSpace One

How to Disable Windows Recall in Workspace ONE: A Step-by-Step Guide

Joseph Klimczak October 4, 2024 No Comments

Here is the updated blog post with the custom XML code:

Securing Your Windows PCs Against Recall Using Workspace ONE UEM

With the introduction of Windows 11 Copilot+ machines, Microsoft introduced a feature called Recall, designed to create an explorable timeline of your PC’s past actions. While useful for users, Recall has raised privacy concerns, particularly due to its ability to capture sensitive data like passwords and MFA codes.

Why Disable Recall?

Recall captures screenshots of a user’s activity, posing security risks. If malicious actors exploit this, sensitive information could be exposed. This poses a substantial concern for IT admins responsible for securing corporate networks and personal data.

Disabling Recall in Workspace ONE UEM

Step 1: Create a Windows Profile

• Navigate to Devices > Profiles & Resources.

• Select Add Profile, choose Windows Desktop, and configure general settings like profile name and target devices.

Step 2: Add Custom XML to Disable Recall

You will need to create a custom XML profile using SyncML commands that disable the Recall feature on managed Windows devices. Insert the following SyncML commands:

To Disable Recall:

<Replace>
  <CmdID>34e7f8c0-1dd4-42ed-bbcc-07da966bc0e0</CmdID>
  <Item>
    <Target>
        <LocURI>./User/Vendor/MSFT/Policy/Config/WindowsAI/DisableAIDataAnalysis</LocURI>
      </Target>
    <Meta>
      <Format xmlns="syncml:metinf">int</Format>
    </Meta>
    <Data>1</Data>
  </Item>
</Replace>

To Re-enable Recall on Profile Removal:

<Delete>
  <CmdID>34e7f8c0-1dd4-42ed-bbcc-07da966bc0e0</CmdID>
  <Item>
    <Target>
        <LocURI>./User/Vendor/MSFT/Policy/Config/WindowsAI/DisableAIDataAnalysis</LocURI>
      </Target>
    <Meta>
      <Format xmlns="syncml:metinf">int</Format>
    </Meta>
    <Data>1</Data>
  </Item>
</Delete>

These commands ensure that Recall is disabled on the initial profile installation and that it will revert to default behavior if the profile is removed.

Step 3: Publish the Profile

Save and publish the profile to all applicable devices. Ensure the affected devices are listed as expected. A reboot might be necessary for the changes to take full effect.

Conclusion

Until Microsoft addresses Recall’s security flaws, disabling this feature using Workspace ONE UEM is a crucial step for organizations prioritizing privacy and security. By following the steps outlined here, IT administrators can ensure their managed devices are protected from potential security risks posed by Recall.

Blog How 2 Docs Sec Ops WorkSpace One

Session Management IS BACK

Joseph Klimczak July 2, 2024 No Comments

Optimizing Admin Experience: Changing the Timeout Time on Workspace ONE

In today’s fast-paced digital landscape, ensuring a seamless and efficient user experience is paramount. Workspace ONE, a comprehensive digital workspace platform, allows organizations to manage and secure any app on any device. One critical aspect of user experience in Workspace ONE is the session timeout setting. By customizing the timeout duration, administrators can strike a balance between security and convenience. Here’s how you can change the timeout time on Workspace ONE to optimize your organization’s workflow.

Why Adjust the Timeout Time?

Enhanced Security: Shorter timeout periods can help protect sensitive information by ensuring that unattended sessions are automatically logged out, reducing the risk of unauthorized access.
User Convenience: On the flip side, longer timeout periods can enhance user productivity by minimizing disruptions and the need to frequently log back in.
Compliance: Adjusting the timeout duration can also help meet specific compliance requirements that mandate certain session management practices.

Steps to Change the Timeout Time in Workspace ONE

Changing the session timeout setting in Workspace ONE is a straightforward process. Follow these steps to configure the timeout duration according to your organization’s needs:

Access the Workspace ONE UEM Console:
Log in to your Workspace ONE UEM console with administrative credentials.
Navigate to the Appropriate Settings:
Go to Groups & Settings > All Settings > Admin > Console Security > Session Management
Modify Session Timeout:
Locate the Idle Session Timeout. This setting controls the duration of inactivity before a session is automatically logged out.
Set the Desired Timeout Duration:
Enter the desired timeout duration in minutes. For example, setting it to 15 minutes will log users out after 15 minutes of inactivity.
Save the Changes:
Click Save to apply the changes. The new timeout setting will be enforced across all devices managed by Workspace ONE.

Best Practices for Setting Timeout Duration

Assess User Needs:
Consider the typical workflow and needs of your users. For instance, customer-facing roles might benefit from longer timeout periods, while roles dealing with highly sensitive data might require shorter durations.
Balance Security and Convenience:
Aim for a timeout period that provides a reasonable balance between security and user convenience. Common timeout durations range from 5 to 30 minutes.
Regular Review:
Periodically review and adjust the timeout settings as needed to ensure they remain aligned with evolving security policies and user requirements.

Conclusion

Customizing the timeout time in Workspace ONE is a simple yet effective way to enhance both security and admin experience.

Blog End User Tools WorkSpace One

What’s New in Device Management: Highlights from WWDC 2024

Joseph Klimczak June 14, 2024 No Comments

Apple’s Worldwide Developers Conference (WWDC) 2024 unveiled several key updates in device management aimed at enhancing security, efficiency, and flexibility for administrators managing Apple devices. Here’s an in-depth look at the significant changes:

Enhanced Activation Lock Management

Activation Lock, a critical feature for device security, has seen improvements in management. Apple has streamlined processes to ensure that devices remain secure, even when lost or stolen while providing administrators with effective tools to manage these locks. This ensures robust security without compromising user experience.

Advanced Software Update Controls

Managing software updates has become more flexible and controlled. Administrators now have the ability to delay updates, enforce mandatory updates by specific dates, and more. These granular controls help maintain device security and functionality with minimal disruption to users.

Safari Management Capabilities

Apple has introduced enhanced controls for managing Safari. Administrators can now enforce security settings, manage extensions, and configure browsing policies more comprehensively. This is particularly beneficial for schools and businesses needing to maintain a secure and controlled browsing environment.

Apple Business Manager and School Manager Enhancements

Significant enhancements have been made to Apple Business Manager and School Manager. These updates facilitate easier device deployment and management, with improved setup workflows, more powerful management tools, and streamlined app and content distribution processes. These changes aim to reduce the burden on IT departments and enhance efficiency.

Support for visionOS

With the introduction of VisionOS, Apple has extended its management capabilities to this new platform. This integration allows administrators to manage visionOS devices alongside iOS, iPadOS, and macOS devices, ensuring a unified and simplified management experience across all Apple devices.

Managed Apple ID Migrations

A new feature allows for the seamless migration of managed Apple IDs. This is crucial for organizations transitioning between management systems or updating their infrastructure. It simplifies the process, ensuring that user data and settings are preserved during migrations.

Apple Lock Turn Off

Apple has introduced a new feature that allows administrators to turn off Apple Lock remotely. This feature is particularly useful in situations where devices need to be reassigned or repurposed quickly, ensuring that they can be unlocked and set up without delays.

Privacy and Security Enhancements

Continuing its commitment to privacy and security, Apple has introduced enhanced privacy controls within its device management framework. These controls ensure user data protection while providing administrators with the tools necessary to manage devices effectively, helping organizations comply with privacy regulations.

Conclusion

The updates announced at WWDC 2024 underscore Apple’s dedication to providing robust, secure, and user-friendly device management solutions. These enhancements offer greater control, flexibility, and security for administrators across various environments, from educational institutions to large enterprises. As Apple continues to innovate, these tools will undoubtedly become even more essential for effective device management.

For a comprehensive understanding, you can watch the full session on device management from WWDC 2024 here.

Blog VMware WorkSpace One

Remembering to Be Nice to the Support People During the VMware to Omnissa Transition

Joseph Klimczak June 1, 2024 No Comments

Transitioning from one technology platform to another is always challenging, especially for support teams, who bear the brunt of user frustrations, technical issues, and steep learning curves involved. As your organization shifts from VMware Suppor to Omnissa, it’s crucial to remember the human element behind the technology. Your support people are the unsung heroes in this process, and treating them with kindness and respect can make a world of difference.

Here’s why—and how—you should be nice to your support team during this critical transition.

The Human Element in Technological Transitions

Support teams are at the frontline of any technology transition. They manage the technical complexities, address user concerns, and ensure that operations continue smoothly. During a shift from VMware to Omnissa, they will likely face:

Increased Workload: Transition periods often mean extra hours and heightened stress as support teams handle simultaneous systems.
Learning Curve: Even experienced support personnel need time to adapt to new technologies, understand new protocols, and develop new troubleshooting techniques.
User Frustration: Users accustomed to VMware will inevitably encounter difficulties with Omnissa, and support teams will be the first point of contact for their frustrations.

Why Kindness Matters

Morale and Motivation: Support staff who feel appreciated and respected are more likely to stay motivated and perform better under pressure. A kind word can boost their morale and help them tackle challenges more effectively.
Productivity: A positive work environment enhances productivity. When support teams are treated with courtesy, they are more likely to go the extra mile to resolve issues swiftly and efficiently.
Team Cohesion: Encouraging a culture of kindness fosters team cohesion. When everyone supports each other, the transition process becomes smoother and less stressful for all involved.

How to Be Kind to Your Support Tech

Show Appreciation: Simple gestures like saying “thank you” or acknowledging their hard work can go a long way. Consider small tokens of appreciation like team lunches, shout-outs in meetings, or thank-you notes.
Be Patient: Understand that transitioning from VMware to Omnissa is complex. Avoid placing unrealistic demands and give your support team the time they need to solve issues.
Offer Constructive Feedback: If you encounter problems, provide feedback that is constructive rather than critical. Focus on solutions and improvements rather than just pointing out faults.
Communicate Clearly: Clear communication helps prevent misunderstandings. When logging support tickets or describing issues, be as detailed and clear as possible to help the support team address problems more efficiently.
Be Empathetic: Try to put yourself in their shoes. Recognize the pressures they are under and offer empathy and understanding rather than adding to their stress.

Conclusion

Transitioning from VMware to Omnissa is a significant change that involves everyone. By remembering to be nice and showing appreciation for their hard work, you not only foster a positive working environment but also contribute to a smoother and more successful transition. After all, technology might drive the process, but it’s the people behind the technology who make it all possible. Let’s remember to be kind to them.

Blog VMware WorkSpace One

Unlocking Seamless Management with DEEM and Workspace ONE

Joseph Klimczak December 19, 2023 No Comments

In today’s dynamic work landscape, the integration of cutting-edge technologies isn’t just advantageous; it’s a necessity. As businesses strive for enhanced efficiency, productivity, and security, the collaboration between DEEM and Workspace ONE emerges as a transformative force, reshaping the realm of digital management.

What is DEEM?

Digital Employee Experience Management (DEEM) is a strategic approach that centers on optimizing digital experiences within an organization. It delves into understanding how employees interact with digital tools, aiming to enhance these interactions for improved productivity, engagement, and overall satisfaction.

The Power of Workspace ONE

On the other hand, Workspace ONE, a robust digital workspace platform, stands as a cornerstone in modern IT solutions. It orchestrates seamless management of devices, applications, and data, fostering a cohesive and secure digital environment.

Integration of DEEM with Workspace ONE

The amalgamation of DEEM principles with Workspace ONE signifies a paradigm shift in digital management. This integration facilitates a holistic view of the employee experience, aligning digital capabilities with user needs and expectations.

Key Benefits of DEEM and Workspace ONE Integration:

Enhanced Employee Productivity: The synergy between DEEM and Workspace ONE ensures that the digital environment is optimized for efficiency. By understanding user behavior and preferences, IT teams can tailor digital experiences, leading to increased productivity.
Proactive Issue Resolution: DEEM’s monitoring capabilities, when integrated with Workspace ONE’s management suite, enable proactive identification and resolution of digital hurdles. Predictive analytics and insights empower IT teams to address potential issues before they impact productivity.
Optimized Digital Workspaces: Workspace ONE’s ability to manage diverse digital assets complements DEEM’s focus on user experience. Through seamless device management, application delivery, and data security, organizations can curate personalized and productive digital workspaces.
Agile IT Operations: The combined prowess of DEEM and Workspace ONE streamlines IT operations. Automation, simplified workflows, and centralized management empower IT teams to focus on strategic initiatives while ensuring a seamless digital experience for users.
Data-Driven Decision-Making: DEEM’s data analytics, when integrated into Workspace ONE’s framework, provides valuable insights. These insights enable data-driven decision-making, ensuring continuous improvement in digital experiences and resource allocation.

Embracing the Future of Digital Management

As businesses navigate the complexities of modern digital landscapes, the fusion of DEEM and Workspace ONE emerges as a beacon of innovation. This integration transcends conventional management approaches, propelling organizations toward a future where digital experiences are not just optimized but also deeply aligned with user needs.

Final Thoughts

The synergy between DEEM and Workspace ONE is more than a mere collaboration; it’s a transformative force. It empowers organizations to harness the true potential of digital technologies while placing user experience at the forefront. As businesses strive for digital excellence, this integration stands as a testament to the evolution of digital management strategies.

How 2 Docs VMware WorkSpace One

Creating a Workspace ONE Sensor to Check Mac Warranty

Joseph Klimczak October 6, 2023 No Comments

Creating a Workspace ONE Sensor to Check Mac Warranty

Managing your organization’s IT assets efficiently includes keeping track of warranty information for devices such as Mac computers. Workspace ONE, a comprehensive, unified endpoint management (UEM) solution by VMware, allows you to create custom sensors to monitor various aspects of your endpoints, including warranty status. In this blog post, we’ll guide you through creating a Workspace ONE sensor to check the warranty status of Mac devices.

Prerequisites

Before we begin, ensure that you have the following prerequisites in place:

Workspace ONE UEM Console: Access to the Workspace ONE UEM console with the necessary permissions to create sensors.
Mac Serial Number: The serial number of the Mac computer for which you want to check the warranty status.

Step 1: Log In to Workspace ONE UEM Console

Log in to your Workspace ONE UEM console using your administrator credentials.

Step 2: Create a New Sensor

2.1. Navigate to “Devices & Users” > “Sensors” in the Workspace ONE UEM console.

2.2. Click on the “+Add” button to create a new sensor.

Add Sensor

Step 3: Configure the Sensor

3.1. Give your sensor a descriptive name, such as “Mac Warranty Check.”

3.2. In the “Sensor Type” field, select “Script.”

3.3. In the “Script” field, enter the following script (Python script to check Mac warranty):

#!/bin/bash

currentUser=$(stat -f%Su /dev/console)
ACEplist="/Users/$currentUser/Library/Application Support/com.apple.NewDeviceOutreach/Warranty.plist"
if [ -f "$ACEplist" ];  then
  endDate=$(/usr/libexec/PlistBuddy -c "Print :coverageEndDate" "$ACEplist")
  date=$(date -j -f %s $endDate +%F)
  echo "$date"
else
  echo "Not Found"
fi

Step 4: Assign the Sensor to Mac Devices

4.1. After saving the sensor, go to “Devices & Users” > “Device List View” in the Workspace ONE UEM console.

4.2. Select the Mac devices you want to assign the sensor to.

4.3. Click on “Actions” and choose “More Actions” > “Sensors.”

4.4. select the “Mac Warranty Check” sensor from the list of available sensors.

4.5. Click “Save” to assign the sensor to the selected Mac devices.

Step 5: View Warranty Status

Now that you’ve assigned the sensor to Mac devices, it will run according to the configured frequency. To view the warranty status:

5.1. Navigate to “Devices & Users” > “Device List View.”

5.2. Select a Mac device from the list.

5.3. go to the “Sensors” tab in the device details.

5.4. You will see the “Mac Warranty Check” sensor listed with its status.

The sensor will regularly check the warranty status of the assigned Mac devices and provide updates in the Workspace ONE UEM console.

By following these steps, you can efficiently monitor the warranty status of Mac devices within your organization using Workspace ONE. This proactive approach to device management helps ensure that devices are under warranty, reducing the risk of unexpected repair costs and downtime.