VMware Identity Manager Cloud Release Notes
VMware Identity Manager Connector 2016.11.1 | 17 NOVEMBER 2016 | Build 4642246
VMware Identity Manager Integration Broker 2.8 | 17 NOVEMBER 2016 | Build 4601559
Release date: November 17, 2016
What's in the Release Notes
The release notes cover the following topics:
This version of VMware Identity Manager includes support for the following new features.
Workspace ONE Application
- Workspace ONE app delivering internal enterprise mobile apps to unmanaged devices
You can use the Workspace ONE app to distribute public mobile applications and internal enterprise mobile apps to unmanaged devices through the Workspace ONE app catalog. This allows you to create a private app store to distribute all types of apps through Workspace ONE. The internal app does not have to use the AirWatch SDK. If it uses the AirWatch SDK, you can remote wipe the data from these apps when the user leaves the company or the device goes out-of-compliance (such as jail broken).
- Workspace ONE app providing Adaptive Management for Android devices
Now your Android users (both with legacy Android and Android for Work capable devices) can enjoy the benefits of adaptive management. Users can download the Workspace ONE app from the Google Play Store and start using the app in standalone Mobile Application Management (MAM) mode. They can progress to OS MAM when an application with a lock icon in the catalog is selected for installation. Once, the user enrolls the device into OS MAM, the lock icon goes away. The user can now install all the apps from the catalog. Users no longer have to install AirWatch agent on their Android devices to get their devices enrolled into OS MAM.
- Open Web app in VMware Browser
Now you can force the launch of certain Web apps through VMware Browser instead of through the system browser when the Web app is launched through the Workspace ONE app. You can control this setting on a per-app basis. VMware Browser is a secure browser which provides IT unparalleled control over browser cache, such as remote wiping the cache when the user leaves the company or a device goes out-of-compliance. Requires Workspace ONE app v2.2.
Authentication and Access
- Conditional access for Horizon and Citrix apps
Conditional access policies that were available for Web apps can now be applied to Horizon and Citrix apps. With this feature, you can take actions such as block, allow, or step-up authenticate users based on conditions such as the network, device type or AirWatch device enrollment and compliant status to access these applications.
- Conditional access for local users
Users created locally in VMware Identity Manager can now participate in conditional access policies. This allows you to take actions such as block, allow, or step-up authenticate local users based on conditions such as network, device type, AirWatch device enrollment and compliant status, or application being accessed.
- How-to guide for adding conditional access to your internal apps using OAuth2.0
Workspace ONE includes an OAuth 2.0 server that can be used to add authentication and conditional access to your internal enterprise mobile apps, such as adding mobile SSO or device compliance check at login time. Refer to these how-to guides and sample app to learn more.
- Self-service Active Directory change password
Workspace ONE users can change their Active Directory password anytime from their account settings page. Also, if the Active Directory password expired, the next time users log in to Workspace ONE, they are asked to change their password. This feature is an optional features and requires VMware Identity Manager 2.8 and VMware Identity Manager Connector 2016.11.1 or above to connect to Active Directory.
- Workspace ONE Getting Started wizard in AirWatch console
If you are an existing AirWatch customer, enabling the Workspace ONE app has become even simpler. Walkthrough the getting started wizard in the AirWatch admin console, and you are ready to log in to the Workspace ONE app with VMware Identity Manager configured behind the scenes.
- Local directories and users
Create and manage multiple local directories each with its own user schema. For example, you can create a directory for contractors and another one for partners. No need to manage users and groups in Active Directory or LDAP. Use VMware Identity Manager to manage the complete lifecycle (create, update, delete) for the user, including password management, and entitle local users to applications.
- User provisioning to Office 365 and Google Apps
Create, update, and deactivate user accounts in Office 365 and Google Apps when users are assigned or unassigned to these apps. When a user leaves the company, you no longer have to go into the Office 365 or Google Apps admin console to deactivate the user. It can be automated through Workspace ONE. Both local and Active Directory/LDAP users are supported.
- External approval support for Horizon & Citrix apps
Workspace ONE allows for self-service access request for Web applications through external workflow engines. Self-service access request is now available with Horizon and Citrix apps.
VMware Identity Manager November 2016 release will be available in the following languages:
- Simplified Chinese
- Portuguese (Brazil)
Compatibility, Installation, and Upgrade
Browser Compatibility for the VMware Identity Manager administration console
The following Web browsers can be used to view the administration console:
- Mozilla Firefox 40 or later for Windows and Mac systems
- Google Chrome 42.0 or later for Windows and Mac systems
- Internet Explorer 11 for Windows systems
- Safari 6.2.8 or later for Mac systems
VMware Product Interoperability Matrix provides details about the compatibility of current and previous versions of VMware products and components, such as VMware vCenter Server and Horizon 7.
Upgrading to VMware Identity Manager Connector
To upgrade to the latest connector , see Upgrading to VMware Identity Manager Connector. During the upgrade, all services are stopped, so plan the upgrade with the expected downtime in mind.
To access the VMware Identity Manager Cloud documentation, go to
the VMware Identity Manager Documentation Center.
- Reset View desktop option is not working
Users cannot reset their unresponsive View desktops from the Workspace ONE apps portal.
Workaround: User can reset the desktop directly from the Horizon Client desktop menu icon.
- An administrator cannot reset his own VMware Verify enrollment
Workaround: Log in as another administrator and reset the other administrator VMware Verify enrollment.
- When trying to create or edit a Network range the Cancel button does not cancel the changes
Workaround: Re-edit the network range text box to undo the changes you do not want.
- Citrix XenApp launch fails on Android with Chrome browser
XenApp fails to launch when using the Chrome browser on an Android device.
Workaround: Use Chrome 54.0 or later.
- Citrix XenApp launch fails on Firefox
The Citrix Receiver is not automatically activated.
After the user allows the Citrix Receiver plug-in to run, the launch will be successful.
- Citrix XenApp is not launched using Client Access URL host
The Client Access URL Host is used to launch Citrix resources only when NetScaler option is selected in Network Ranges. Otherwise, the server specified on the sync page is used.
- Horizon Air static desktop might fail from VMware Identity Manager when identity manager is setup for high availability.
Workaround: The admin must configure Horizon Air in all the connectors in their deployment. They can set the sync frequency in one of the connectors to be on a schedule. In the other connectors, the sync frequency should be set as Manual.