Andreano Lanusse

Most likely there is LB config issue that is impacting the client and server, review your LB configuration as described here https://docs.vmware.com/en/VMware-Avi-Load-Balancer/30.2/Solutions-Guide/GUID-53C08E69-E5EA-4921-AB74-0AAF048FACF7.html Ensure you are not doing ssl offloading on the LB. Finally , check this article that provide great details on how tunnel handle communication. https://techzone.omnissa.com/resource/understand-and-troubleshoot-tunnel-connections

Check the following article on how to use PKCS12 certificate for secure authentication with UEM API https://techzone.omnissa.com/resource/configuring-workspace-one-uem-api-pkcs12-certificates

@Jolly_IMU you need to check the UAG lote, more specifically the esmanager.log to get more details on the 404 error, that might is redirecting to another path. Change the logs to debug, reproduce the issue and download the log.

@Robin Harmsen, The updated navigation has been made available in Shared SaaS UAT environments - CN135, CN137, CN138.. It will be rolled out in production in an upcoming UEM release.

Microsoft recently released the Recall (preview) feature with Windows 11 and lots of feedback out there regarding the security and privacy issues, one of them the fact that the data Recall collects is actually unencrypted when a user is logged on to their device, which can expose personal data and for corporate devices confidential information. The following blog by @Kevin Ten Eyck, @Andreano Lanusse and Dean Flaming shows how to turn-off Recall on Windows devices with Workspace ONE UEM, in addition to demonstrate with other examples how information can be exposed with the recall feature. https://techzone.omnissa.com/blog/securing-your-windows-pcs-against-recall-workspace-one-uem

It’s the DS certificate, are you using wildcard cert?

@Asma Alfayyad make sure you assigned the UEM certificate to the virtual service. Under the virtual service configuration check SSL Certificate field, you need to assign the UEM certificate.

Scripts differ from Sensors in that they do not return a specific value, rather they return an execution status. The console shows the script status on the device details page based on the execution code as: Executed - Workspace ONE UEM displays this status after the exit code returns a 0. Failed - Workspace ONE UEM displays this status after the exit code returns any value that is not a 0. The syntax on your script is basically a line calling Exit 0 or Exit 1. Hope this helps.

@Mohamed Abdelhamid we are targeting 2402 on-premises sometime this summer. Stay tuned !!!

There are some changes coming that will improve the navigation on UEM Console, it's already available in few Shared SaaS UATs environments (CN135, CN137, CN138), we encourage all customers to try out the new experience before we rolled out in production with the next UEM release. Attached a preview of what is coming. For more information visit this KB https://kb.omnissa.com/s/article/97771.

@Sascha Warno published this article late last year to help our customer to migrate their Workspace ONE Access on-premises instance to the Cloud, the article helps you understand what it takes to perform this migration and describes the necessary steps to plan and execute the migration. https://techzone.omnissa.com/resource/workspace-one-access-premises-cloud-migration

In case you want to learn more about Chrome OS management and the steps to enroll and manage Chrome OS devices in Workspace ONE UEM, this Workspace ONE Tutorial gives you all the information you need to start https://techzone.omnissa.com/managing-chrome-os-devices-workspace-one-operational-tutorial

If you are looking to implement True SSO in complex multi-forest environments check out the following blog that provides key technical information to be considered doing the implementation and beyond. https://techzone.omnissa.com/blog/deploying-horizon-8-and-true-sso-multi-forest-environments

If you are a Citrix Administrator and want to learn more about how Horizon is designed, you need to check the Tech Zone article Introduction to VMware Horizon for Citrix Practitioners, the content is organized in a manner to be readily consumable by Citrix practitioners. The intent is to help Citrix practitioners understand components in a Horizon environment, compared to how they are typically organized in a Citrix Desktops & Apps deployment. It is not a comparison of features in Citrix against what is available in Horizon. The content is not a complete list of Horizon’s features and capabilities. This asset intends to help you understand the basic Horizon environment, and point you to resources for more detailed information so that you can continue your learning about the Horizon platform.

Great blog post that helps IT administrator to set up and use OCSP with the AirWatch CA for secure access to resources with Workspace ONE. https://techzone.omnissa.com/blog/implement-ocsp-revocation-checking-secure-workspace-one-access-certificate-based

With the new Device Tags rule added to the device compliance engine in Workspace ONE UEM, administrators have greater control over the conditions to determine if the device is not compliant, administrators can manually tag a device or leverage automated workflows to determine device compliance based on the device posture. The Streamlining Device Compliance and Tags with Workspace ONE UEM blog post brings more technical details and use cases on how to apply that, check it out!!!

Lot's of talk about the concepts behind Zero Trust, but the real question is how to leverage Workspace ONE and Horizon, as my existing investments in other products to implement Zero Trust? You can find the answer in Tech Zone, where we published several guides implementing different use cases, to get started check out the following articles: Zero Trust Secure Access to On-Premises Web Applications with VMware Zero Trust Secure Access to Traditional Applications with VMware Compliance Integration with MS Office 365 using Workspace ONE Access Compliance Integration with MS Office 365 using Workspace ONE Tunnel If you are starting with Zero Trust and need to learn the bases, check out the Understand Zero Trust Resource Page https://techzone.omnissa.com/understanding-zero-trust

If you want to understanding how Workspace ONE cloud services approach security, the key mechanisms, and processes that EUC uses to manage information security, as well as describing shared responsibilities for providing security in a modern cloud computing environment, check out the Workspace ONE Cloud Services Security article

New guide published in Tech Zone providing the steps on how to integrate Workspace ONE with Apple Vision Pro, enabling IT professionals and users to optimize productivity apps and Horizon on visionOS devices.

Great tutorial that can help IT admins to go through the steps to deploy scripts to macOS devices using the Scripts resource within Workspace ONE UEM. https://techzone.omnissa.com/distributing-scripts-macos-workspace-one-operational-tutorial

Windows multi-user functionality is now available in early access mode for Workspace ONE Unified Endpoint Management (UEM) devices. Check out this blog to learn more details and how to get early access. https://techzone.omnissa.com/blog/introducing-workspace-one-uem-windows-multi-user

Workspace ONE UEM leverages the iOS update framework to keep iOS devices up-to-date, check out this tutorial to learn: How Workspace ONE UEM handles conflicting updates for iOS. Details the steps for assigning updates for iOS devices. Explains additional management options for changing assignments and monitoring the status of an update on iOS devices

Looking to integrate several components of Workspace ONE, check the Platform Integration article on Tech Zone https://techzone.omnissa.com/resource/platform-integration

Lots of challenge those days around VPN solution, Workspace ONE Tunnel brings a new approach to increase security and end-user privacy, such as: Per application and per domain tunneling specifies the endpoint applications that can generate traffic towards the tunnel, significantly limit the surface of attack in case the endpoint is infected with malware. Designed around privacy, end-user knows what traffic is getting tunneling, allowing the separation of personal and corporate traffic. IT has the option to allow only Workspace ONE managed, registered and compliant devices to send traffic through the tunnel. Policies can be created to allow non-IT managed devices to access the web only but not internal resources, protecting the corporate infrastructure from vulnerable user-owned devices. Workspace ONE Tunnel integrates with the core of the OS platform, enabling split-tunneling to reduce load on the backend only tunneling the required traffic. Workspace ONE Tunnel integrates with Mobile Threat Defense to enable Phishing and Content protection on mobile devices, preventing malicious content from being loaded while applying device traffic rules and policies. Check out the Secure Remote Access to Applications (VPN Replacement) resource page to learn more how to transition from legacy VPN solutions and take the modern Tunnel approach.

The following article explain in-depth how to Load Balance Horizon connections for external access with Unified Access Gateway, most important how to work with Horizon protocols and configure for properly load balancing. https://techzone.omnissa.com/resource/understand-and-troubleshoot-horizon-connections