-
Posts
31 -
Joined
-
Last visited
-
Days Won
1
About Sascha Warno
![](http://content.invisioncic.com/g330460/monthly_2024_05/VMwarebyBcomlogo.png.fdc51ae9723b9b7cfffa45a407acc392.png)
Social Links
- X
- Personal Blog or Website
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Workspace ONE UEM Autopilot / Microsoft Entra ID enrolment not working
Sascha Warno replied to EmilK's topic in Windows
@EmilK what is your UEM environment? Is this a shared SaaS? Usually there error is different, but your env needs to be added to the AirWatch by VMware app if its a newer shared or dedicated SaaS. We wont add On Premises MDM there. Other points, how do you authenticate into Entra ID? How do you sync users into UEM? Is the ImmutableID/ AAD mapping attribute in UEM set as String or Binary?- 4 replies
-
- Enrolllment
- Identity / Access Management
-
(and 1 more)
Tagged with:
-
Some things to check. The users in UEM have the same externalId as the users in Access? Also if you check in Hub Services under system settings does it show your UEM environment without error?
- 3 replies
-
- Enrolllment
- Windows
-
(and 2 more)
Tagged with:
-
VMWare Workspace ONE products sent via API delayed
Sascha Warno replied to Daniel's topic in Android
@Stefano Altieri please open a ticket with that information. Support would need to check what the API logs show. -
Integrating PKI with Workspace ONE UEM
Sascha Warno replied to loopkin's topic in General Discussion
What should be encrypted? Do they want to use it for SMIME? For that we got the Escrow gateway. https://docs.omnissa.com/bundle/CredentialEscrowGatewayV2310/page/OverviewofCredentialEscrowGateway.html You can use it together with the credentials payload. -
VMWare Workspace ONE products sent via API delayed
Sascha Warno replied to Daniel's topic in Android
My initial check was in Beta env. Tested in another environment and works fine there. Also had some others check and works for them. https://xx.awmdm.com/API/mdm/devices/3602/commands?command=SyncDevice would be the right one. -
VMWare Workspace ONE products sent via API delayed
Sascha Warno replied to Daniel's topic in Android
It should be https://xx.awmdm.com/API/mdm/devices/3602/commands?command=SyncDevice but I'm getting the same 500 error. Trying to check what could be the issue. What environment is that on and which version is it? -
VMWare Workspace ONE products sent via API delayed
Sascha Warno replied to Daniel's topic in Android
This would always be down to the device check in so it will pick up the command. Did you try to send a device command to SyncDevice via API together with the reprocess Product call to all targeted devices? -
Setting Up True Single Sign-On™ (True SSO™) in Horizon
Sascha Warno replied to Ramesh V's topic in Horizon 8
Shared this internally, Engineering is validating from their side still before adding it to the KB. Also with instant clones you will always see delays until they are hybrid joined right?! The method was tested with persistent machines. But the underlying issue would be the same. -
Matt Coppinger started following Sascha Warno
-
Horizon Cloud next-gen API documentation link
Sascha Warno replied to Ivan de Mes's topic in Horizon Cloud
This one? https://developer.omnissa.com/horizon/apis/horizon-cloud-nextgen/#api- 2 replies
-
- api
- Horizon Cloud
-
(and 1 more)
Tagged with:
-
With Windows you have quite a lot of ways to install applications and we add different ways in UEM to deliver those applications to devices based on use case. @Camille Debay created a great write up to go through all the different options that affect installations on Windows. Make sure to give it a look on Tech Zone to be as informed as can be before rolling out you apps. https://techzone.omnissa.com/resource/windows-application-installation-behavior
-
Okta is pretty flexible with its own authentication policies and routing rules, so you won't create any kind of loops even so you integrate them both as IdP for Access and Acces as IdP for Okta. You would create a set of rules and enforce Okta's own login methods for the Access SP/Application, whilst setting up Okta as authentication method for enrollments for example in the default access policy in Access. You and then leverage Access as IdP or IdP Authenticator in Okta. The newer method of the integration uses Access as possession factor inside of Okta authentication policies. For that you create a webapp in Access and specify a policy for it that requires Mobile SSO and compliance. You could even go further and integrate Okta as IdP yet again just to use it as MFA solution if you want to have a step up auth from Mobile SSO and compliance. I'm writing on a guide at the moment for Techzone, just a lot of configs to cover. There are also other solutions if compliance is the priority by using Tunnel or APIs to talk to Okta's Workflow solution.
-
Good to know, got around testing today and couldn't replicate and just wanted to ask how you import the settings or if you create new.
- 12 replies
-
- Azure
- EnrollmentServer
- (and 4 more)
-
You followed this guidance? https://avinetworks.com/docs/latest/load-balancing-ws1-access-with-nsx-alb/ cannot really relate the error from your screenshot to it, as this seems sshd process and on high port numbers. Is the health monitoring failing or in general? you can do a packet capture on the traffic and check it in wireshark.