Omnissa Release Notes

Follow

66 release notes curated from 67 sources by the Releasebot Team. Last updated: Jul 11, 2026

Get this feed:
  • Jul 9, 2026
    • Date parsed from source:
      Jul 9, 2026
    • First seen by Releasebot:
      Jul 11, 2026
    Omnissa logo

    Omnissa

    Horizon Web Client 2503.2

    Omnissa releases Horizon Web Client 2503.2 with enhanced validation checks and workflow improvements for Lifecycle Management operations, improving reliability and user experience as part of the Horizon 8 2503.2 release.

    Horizon Web Client 2503.2 | 09 JUL 2025

    This page is revised periodically as needed with information about the Horizon Web Client 2503.2, which enables users to connect to and use remote desktops and published applications through a supported web browser. Check back regularly for additions and updates to these release notes.

    What’s New

    Horizon Web Client 2503.2 is released along with the Horizon 8 2503.2 release. This release includes enhanced validation checks and workflow improvements to Lifecycle Management (LCM) operations, improving reliability and user experience.

    The Horizon Web Client 2503.2 release does not contain any Hot Patches that were provided in versions before 2503.2.

    Before You Begin

    • For a list of the supported browsers, supported client operating systems, Web Client system requirements, and installation instructions, see the Horizon Web Client Guide.
    • Horizon Web Client 2503 supports Horizon Agent 2503.
    • Horizon Web Client is supported with the latest maintenance release of the following deployment types:
      • Horizon 8 version 2006 and later
      • Horizon Cloud Service - next-gen
      • Horizon Cloud in Microsoft Azure
    • With Horizon Web Client 2503 and Horizon 8 version 2503, if you connect to a server through a load balancer or a gateway, such as F5 or Unified Access Gateway, you must first configure a security setting in Horizon. For more information, see “Origin Checking” in the Horizon Security guide.

    Resolved Issues

    There are no major issue resolutions to report in this release.

    Known Issues

    The following sections describe known issues related to the operation and performance of Horizon Web Client.

    For known issues specific to the use of Horizon Web Client in a Horizon Cloud Service - next-gen environment, see the Horizon Cloud Service - next-gen Release Notes.

    Audio and Video

    • Lag in audio-video synchronization
      Horizon Web Client might experience a lag in audio-video synchronization. The lag might be due to network conditions, hardware performance, device type, or another cause.
      Workaround: None. This issue will be fixed in an upcoming release of Horizon Web Client.
    • Audio problems when switching media source in iOS Safari
      On iOS Safari, if you connect to a remote desktop and play audio or video on the remote desktop, and switch to playing audio or video with a native application without disconnecting from a Connection Server instance, and switch back to the remote desktop on Safari, audio no longer works.
      Workaround: Disconnect or log off from the Connection Server instance and connect to the remote desktop again.
    • Web Audio API support is required for optimal sound quality
      Sound playback quality is best on browsers that have Web Audio API support. Chrome, Safari, and Firefox 25 and later browsers have Web Audio API support. Browsers that do not have this support include Firefox 24 and earlier.
      Workaround: None
    • Audio processing becomes intermittent
      On Chrome, Safari, and Edge browsers, if audio is playing and you switch to another tab in the browser or minimize the browser, audio processing becomes intermittent. After you re-focus on the remote desktop tab, audio might be out of sync with video for a few seconds.
      Workaround: Refresh the page or pull the remote desktop’s tab out of the browser so that it has its own window.
    • Problems with repeat redirection in macOS Chrome
      Occasionally, Real-Time Audio-Video (RTAV) video redirection does not work when you use it for a second time with Chrome on a macOS system.
      Workaround: Refresh the browser.
    • Problems when exiting multiple-monitor mode
      The Web browser from which you start a desktop might stop responding if you repeat the following steps multiple times: enter multiple-monitor mode, open Real-Time Audio-Video (RTAV), move the camera window to the second display, exit multiple-monitor mode, or start another remote desktop from the sidebar.
      Workaround: None.
    • Problems when unplugging extended monitor
      The sidebar, and sometimes the remote desktop, disappears after you unplug the extended display monitor while using the multiple monitor feature with a Chrome Web browser.
      Workaround: Restart HTML Access, resize the application window, or re-plug the extended display monitor.
    • Warning message in Safari 12
      In Safari 12, the first time you open a remote desktop or published application, a warning message instructs you to enable audio. This warning message appears again after you log out from the server, close or refresh the browser, and open a remote desktop or published application.
      Workaround: None.
    • Teams Media Optimization becomes unavailable after a network interruption
      The Media Optimization for Microsoft Teams feature is unavailable after a network interruption occurs on the client session. For details, see the Omnissa Knowledge Base (KB).
      Workaround: None.

    Browsers

    • Empty sessions when using Chrome
      When using Chrome version 67 or later, you might receive an empty session after you start a remote desktop, enter multiple-monitor mode, move the mouse pointer to the second display monitor, and exit multiple-monitor mode.
      Workaround: Manually resize the Chrome window or refresh the page.
    • Problems with Linkclump Chrome extension and right-click behavior
      The Linkclump Chrome extension interferes with proper right-click behavior. If you right-click text in a remote desktop, the right-click might behave as a left-click-and-drag action.
      Workaround: Disable the extension, or go into the Chrome Linkclump Options page and enter the address of the Connection Server instance in the Blocklist section.
    • Problems when using Chrome browser
      When you use HTML Access in a Chrome browser, you might encounter the following problems:
      • Occasionally, when connecting to a remote desktop or published application after the session has timed out, a “Failed to connect the Connection Server” error message appears.
      • A session is not opened when you connect to a powered off desktop.
        Both problems have the same root cause, which is a third-party issue.
        Workaround: For the first problem, dismiss the error message and reconnect to the remote desktop or published application. For the second problem, reload the browser or reconnect to the remote desktop.

    Connectivity

    • Desktop sessions are disconnected in Firefox
      When using a Firefox browser, your Horizon Web Client remote desktop session is disconnected immediately after connecting.
      Workaround: Verify that your Firefox browser proxy settings are configured correctly.
    • Suspension of remote desktops does not work
      Do not configure remote desktops to be suspended after users disconnect. This setting does not work correctly with HTML Access.
      Workaround: None
    • Blast Secure Gateway causes failed connection to remote desktop or published application
      Connecting to a remote desktop or published application fails if Blast Secure Gateway (BSG) is enabled on both the Unified Access Gateway server and the Connection Server instance.
      Workaround: Disable BSG on the Connection Server instance.
    • Problems when Enable Blast is set to False in Unified Access Gateway
      In Unified Access Gateway, if you set the Enable Blast Horizon Edge setting to False, you cannot access remote desktops and published applications through Horizon Web Client. Generally, because Unified Access Gateway is deployed in a DMZ, the Enable Blast option is set to True and this issue does not occur.
      Workaround: In Unified Access Gateway, if you set Enable Blast to False and also use Horizon Web Client, set the proxyPattern option to "/|/portal(.*)".
    • Unified Access Gateway server session timeout is not recognized
      If you access a remote desktop or published application through HTML Access that is connected with a Unified Access Gateway server, the remote desktop or published application session is not disconnected after the Unified Access Gateway server session timeout is reached.
      Workaround: None.

    Security

    • Problems with RDS Per Device Client Access Licenses
      Do not use RDS Per Device Client Access Licenses (CALs) for Horizon Web Client. If you do, the licensing mechanism treats each browser as a device, and, if cookies are cleared, the browser uses another license.
      Workaround: Use RDS Per User CALs for HTML Access.
    • Unified Access Gateway server self-signed certificate does not work on Chromebook
      On a Chromebook, when connecting to a Unified Access Gateway server that uses a self-signed certificate, HTML Access reports the error ERR_CERT_INVALID.
      Workaround: Install a CA-signed certificate on the Unified Access Gateway server.
    • Self-signed certificates are not supported on iOS
      On iOS, if you attempt to connect to a remote desktop by using a self-signed certificate, Safari reports the error “Your desktop has been disconnected. Unable to reconnect to desktop.” This problem occurs because self-signed certificates are not supported on iOS.
      Workaround: An administrator must install a CA-signed certificate on the Connection Server, and you must trust the certificate on your iOS device. For information about installing certificates on Connection Server, see the Horizon 8 Administration guide. For information about trusting certificates on an iOS device, see the Horizon HTML Access Guide. If the Blast Secure Gateway is disabled on the Connection Server, an administrator must perform the following additional steps on the remote desktop to connect from iOS:
      1. Use mmc to import the CA-signed certificate into the Windows certificate store.
      2. Replace the sslHash key in HKEY_LOCAL_MACHINE\SOFTWARE\Omnissa\Horizon Blast\Config with the key from the thumbprint of the certificate issued to the Blast Agent Hostname or IP address.
      3. Restart the Blast Agent virtual machine.
    • Cached credentials fail to clear
      When the Clean up credential when tab closed for HTML Access global setting is enabled in Horizon, the cache is not cleared if a user closes a tab when the network connection is not available.
      Workaround: None.
    • Application fails to restart automatically after password change
      After an administrator sets the change password at next logon option for a user’s account, and the user’s idle session times out, the application that was active during the session timeout is not restarted automatically after the user reauthenticates and changes the password successfully.
      Workaround: Refresh the page and launch the application again from the sidebar.
    • Problems with intermediate CA-signed certificates in iOS
      Remote desktops and published applications cannot be started successfully from an iOS device if the iOS device uses an intermediate CA-signed certificate.
      Workaround: Install a root CA-signed certificate on the iOS device.
    • Problems with Unified Access Gateway self-signed certificate and Microsoft Edge
      If you use a self-signed certificate with Unified Access Gateway, you might not be able to access a remote desktop when you use a Microsoft Edge Web browser for the HTML Access session.
      Workaround: Use one of the following workarounds to resolve this issue.
      • Use a valid CA-signed certificate.
      • Do not use port 8443 for the Blast External URL property. Use port 443 instead.
    • Remote desktop connection fails with Microsoft Edge
      If you configured Unified Access Gateway with a root certificate that is signed by a Certificate Authority (CA), and the Blast External URL property value is set to blank or to port 8443, you might not be able to connect to a remote desktop if you are using a Microsoft Edge browser. After the error occurs, all new connected sessions are not visible.
      Workaround: Use one of the following workarounds to resolve the issue.
      • Set the Blast External URL property to port 443.
      • Close the Microsoft Edge browser, restart the HTML Access, and connect to the remote desktop.

    Miscellaneous

    • ARM CPUs are not supported
      HTML Access is not supported on client systems running on ARM-based CPUs, such as:
      • Mac system with M1 or M2 chips
      • Windows system with ARM-based CPU
        An incompatibility warning appears if you attempt to use HTML Access from such a client system. Bypassing this warning is not recommended.
        Workaround: Install and use a native client instead. URI launch from native clients is supported on systems with ARM-based CPUs.
    • Japanese keyboard mapping is incorrect
      When you connect to a Linux desktop with the Japanese keyboard, the keyboard mapping might be incorrect. For example, the key positions | and _ will be incorrect.
      Workaround: Keep the client input language as Japanese and switch the desktop input language to English for the two key positions | and _ only. Keep the desktop input language as Japanese and switch the client input language to English for all other key positions.
    • Keyboard input does not work in Linux desktop sessions
      When connecting to a Linux desktop, some keyboard input does not work. For example:
      • The * key on the numeric keypad is displayed as 8.
      • English keyboard: the + key on the numeric keypad is displayed as =.
      • Non-English IME on both client and desktop: some non-English keys are not displayed correctly.
        Workaround: For issues 1 and 2, use the typewriter keys * and + in the main keyboard area instead of the numeric keypad. For issue 3, set English IME in HTML Access and non-English IME on the remote desktop.
    • Autofit of published applications does not work
      Intermittently, autofit of a published application does not work. This problem can happen if you start a published application and activate full-screen mode for the browser, start a published application from the sidebar and activate full-screen mode, or start a published application and enlarge the size of the browser window.
      Workaround: Activate full-screen mode or resize the browser window before starting a published application.
    • Locked desktop session still allows file upload
      Users can still upload files when the remote desktop is locked.
      Workaround: None.
    • Problems with clipboard format restrictions
      When an administrator enables a clipboard format restriction, the text in the Copy & Paste window does not describe the format limitation. For example, if an administrator enables the “Filter text out of the incoming clipboard data” clipboard policy setting, the Copy & Paste window does not notify the user that text cannot be transferred from the client to the remote desktop or application.
      Workaround: None.
    • Double mouse cursors in multiple-monitor mode
      In multiple-monitor mode, two mouse cursors appear when you click inside a remote desktop or published application session.
      Workaround: None.
    • Scroll bars are hidden when using Session Collaboration on macOS
      When you use a Web browser on a macOS 10.13 system in a Session Collaboration collaborative session, if Fit to Viewer is disabled and the collaborative session’s screen resolution is less than the primary session’s screen resolution, a scroll bar does not appear. This issue occurs because scroll bars are hidden by default in macOS 10.13 systems.
      Workaround: Modify the System Preferences to always display scroll bars.
      1. Choose Apple menu > System Preferences.
      2. Click General.
      3. In the Show scroll bars section, select Always.
    • Problems with H.254 decoding in Chrome
      When the Allow H.264 decoding option is enabled, a newly started published application fails to open and the remote session shows a black screen.
      Workaround: Resize the Chrome browser.
    • Problems when using software keyboard
      When you start HTML Access from a Chrome Web browser on an Android 8.1 device, or from a Safari Web browser on an iOS 11 device, the remote desktop window sometimes disappears while you are using the software keyboard in a remote session. This issue often occurs when you are rotating the device and then closing and reopening the software keyboard. After the error has occurred, all subsequent remote desktop sessions opened are not visible.
      Workaround: Reload the Web browser page.
    • Smart Policy changes fail to take effect upon reconnecting to session
      Smart Policy changes do not take effect immediately after reconnecting to a remote desktop. After you change the Smart Policy Clipboard and File Transfer from Allow all to Disable, the functions are deactivated, but the text for the Copy & Paste window shows the incorrect text. Also, if you are connected to a remote desktop from an HTML Access session when the Smart Policy Clipboard and File Transfer setting is changed and you disconnect, the changes do not take affect after you reconnect to the remote desktop.
      Workaround: Log off from the remote desktop and reconnect to the remote desktop, then disconnect from the remote desktop and reconnect to the remote desktop again.
    • Problems when switching between sessions with H.264 decoding
      When H.264 decoding is enabled, if you use the sidebar to switch between remote desktops, or between remote desktops and published applications, the remote sessions become unresponsive. The remote sessions are still connected, but mouse clicks and other actions do not work.
      Workaround: Close and reconnect to the remote desktop or published application sessions.

    Documentation

    Horizon HTML Access documentation is in the Omnissa Information Hub.

    Localized Content for Omnissa Docs

    For details on Omnissa’s localization strategy, see the article “Announcing Omnissa Localization Support”.

    Support Contact Information

    To receive support and to learn more about support policies, see Omnissa Customer Connect.

    For information on filing a support request in Customer Connect and through the Cloud Services Portal, see the Omnissa knowledge base article at https://kb.omnissa.com/s/article/2006985.

    Original source
  • Jul 9, 2026
    • Date parsed from source:
      Jul 9, 2026
    • First seen by Releasebot:
      Jul 11, 2026
    Omnissa logo

    Omnissa

    Omnissa Horizon 8 2503.2

    Omnissa releases Horizon 8 2503.2 ESB with stronger Lifecycle Management validation and workflow improvements, a full transition to Omnissa licensing, removal of the VMware license modules and subscription grace period, plus updated Helpdesk entitlement and Imprivata compatibility.

    Upgrading Changes

    For upgrades to Horizon 8 2503.2, review these important considerations:

    • If you are running 2312.2 or a later version of 2312.x, please do not upgrade to 2503. Your upgrade path will be the follow-on maintenance version of 2503, i.e. 2503.2.
    • Beginning with the Horizon 8 2412 release, there is a new licensing module for term and perpetual licenses. Review the License Activation section in these release notes for details.
    • It is very important for you to thoroughly review KB 6000681 before starting your Connection Server upgrade. To ensure compatibility with existing system components, third-party integrations, and automated workflows, follow the recommendations outlined in that KB 6000681, and in Upgrading to Omnissa Horizon 8 2412 and Later.
    • Omnissa recommends that you validate the upgrade in a UAT environment before deploying it to your production environment.

    Important Notes

    • Horizon 8 2503.2 is not supported with vSphere 6.5 or vSphere 6.7, which are both past the end of General Support. Horizon 8 2503.2 Instant Clones are incompatible with vSphere 6.5 and vSphere 6.7 so you must upgrade to vSphere 7.0 or later before upgrading to Horizon 8 2503.2 if you are using Instant Clones.
    • Microsoft security update (KB 5014754) will impact customers using certificate-based authentication to Horizon 8, such as smartcard authentication. Horizon 8 True SSO is not impacted by this security update. If you have applied this update to your Windows Domain Controllers but have not mapped certificates to one of the strong mapping types described in the Microsoft KB, then users will be denied authentication after Full Enforcement mode is activated by Microsoft in a future Windows Update. See the above KB for further details, including the expected Full Enforcement mode date. To address this issue, Horizon 8 2309 introduced the ability for administrators to configure strong certificate mappings from the Horizon console. If you are using certificate-based authentication, upgrade to Horizon 8 2309 or later in order to configure certificate mappings. See KB 91595 for details.
    • Horizon Agent no longer supports Windows Server 2012 R2 within a guest OS whether it be for new or existing deployments. Also starting with Horizon 8 2312, the use of Windows Server 2012 R2 is no longer supported for Horizon Connection Server and Horizon Enrollment Server deployments. Please use Windows Server 2016 or later. See https://learn.microsoft.com/en-us/lifecycle/announcements/windows-server-2012-r2-end-of-support for details.
    • Microsoft released security updates KB5008383 and KB5020276. While Omnissa has determined that KB5008383 does not impact Horizon Full Clones and Instant Clones, KB 5020276 does if you have selected “Allow Reuse of Existing Computer Accounts”. See KB 92214 for details.

    What’s New

    Horizon 8 version 2503.2 is an Extended Service Branch (ESB). This release includes enhanced validation checks and workflow improvements to Lifecycle Management (LCM) operations, improving reliability and user experience.

    License Activation

    • To comply with the Broadcom divestiture agreement, all VMware (Broadcom) license modules will be removed from the Horizon Connection Server in this release. The system will fully transition to Omnissa License Module support, simplifying licensing and ensuring compliance. Updates will span LDAP, server code, license files, and the cart module.
    • The 15-day grace period for subscription licenses has been removed. If you activate a subscription license in Horizon 8 without Horizon Edge, you must reactivate it every 90 days to maintain full functionality. However, licenses will be automatically activated if you are using Horizon Edge.
    • The Licensing and Usage screen in Horizon Console includes a field for the Subscription End Date. When data becomes available from the Horizon Control Plane, this field will display the end date of the subscription license. Otherwise, this field will display “N/A”.

    Horizon Connection Server

    • We’ve updated the feature comparison sheet to reflect an expansion of the Helpdesk feature entitlement. It is now included in the following SKUs: Horizon for Linux, Horizon Standard, Horizon Advanced, Horizon Apps Standard, and Horizon Apps Enterprise. Previously, this feature was limited to Horizon Enterprise and Horizon Apps Enterprise SKUs. You can view the updated comparison sheet here: Horizon Subscription Term Editions. Based on this update, we have made the necessary changes to enable the Helpdesk feature for all term licenses associated with the above-mentioned SKUs starting from the 2506 and 2503.1 ESB releases. For version 2503 and earlier, the Helpdesk feature remains available only for Horizon Enterprise and Horizon Apps Advanced term licenses, and not for other SKUs.
    • Horizon 8 2503.2 is supported with Imprivata Enterprise Access Management 25.2. This release resolves an issue with Imprivata compatibility.

    Horizon 8 API

    For the latest set of Horizon 8 APIs, see Omnissa Developer Portal and navigate to the current release in the drop down. Click on the Documentation tab for more details and examples on how to use the API.

    Horizon Edge and Horizon Cloud Connector

    Applicable to customers with Horizon Universal Subscription, Horizon Enterprise Plus Subscription, Horizon Standard Plus Subscription, Horizon Apps Universal Subscription, or Horizon Apps Standard Subscription.

    The Horizon Edge is a required component for connecting Horizon 8 to Horizon Control Plane next-gen for subscription licensing enablement and additional control plane SaaS services.

    The Horizon Cloud Connector virtual appliance is a required component for connecting Horizon 8 to the first-gen Horizon Control Plane for subscription licensing enablement and additional control plane services.

    Horizon 8 Deployed on Public Cloud SDDCs

    For a list of Horizon 8 features supported on Azure Omnissa Solution (AVS), see KB 80850.

    For a list of Horizon 8 features supported on VMware Cloud on AWS, see KB 58539.

    For a list of Horizon 8 features supported on Google Cloud VMware Engine (GCVE), see KB 81922.

    For a list of Horizon 8 features supported on Oracle Cloud Omnissa Solution, see KB 88202.

    For a list of Horizon 8 features supported on Alibaba Cloud Omnissa Service (ACVS), see KB 92140.

    Before You Begin

    • You cannot mix IPv4 and IPv6 pods in a single CPA federation. They have to all be IPv4 or IPv6.
    • Microsoft Internet Explorer is no longer supported for Omnissa Horizon Console from Horizon 2111 onward. As Horizon Console is migrating to clarity widgets which do not support Internet Explorer, we have removed Internet Explorer from the list of supported browsers for Horizon Console.
    • The Horizon Virtualization Pack for Skype for Business is no longer supported in this release. When using this release of Horizon Client with Horizon Agent 2212 or earlier, the Virtualization Pack for Skype for Business will continue to run in fallback mode.
    • Important note about installing VMware Tools: If you plan to install a version of VMware Tools downloaded from the product downloads page, rather than the default version provided with vSphere, make sure that the VMware Tools version is supported. To determine which VMware Tools versions are supported, go to the Omnissa Product Interoperability Matrix. (Supported versions: 11.1.0, 11.0.6, 10.3.22, 10.3.21). There are also performance issues with the 11.x versions of VMware Tools. For more information, see KB 78434.
    • Downgrading Connection Server instances is not supported. To revert to a previous version after an upgrade, restore from backup. For more information, see Create a Replicated Group After Reverting Connection Server to a Snapshot.
    • It is possible that the ordering of cipher suites can be enforced by Connection Server. For more information, see Horizon Security.
    • Connection Server must be able to communicate on port 32111 with other Connection Servers in the same pod. If this traffic is blocked during installation or upgrade, installation will not succeed.
    • TLS handshakes on port 443 must complete within 10 seconds, or within 100 seconds if smart card authentication is enabled. In previous releases of Horizon, TLS handshakes on port 443 were allowed 100 seconds to complete in all situations. You can adjust the time for TLS handshakes on port 443 by setting the configuration property handshakeLifetime. Optionally, the client that is responsible for an over-running TLS handshake can be automatically added to a blacklist. New connections from blacklisted clients are delayed for a configurable period before being processed so that connections from other clients take priority. You can enable this feature by setting the configuration property secureHandshakeDelay. For more information about setting configuration properties, see Horizon Security.
    • When you deploy an instant clone as a RDS host, do not reboot the RDS host directly from within the Windows Server OS. Instead, refresh the instant clone VM using the push image workflow.
    • In Horizon 8, internal validation checks determine if the instant clone and internal template have valid IP addresses and a network connection. If a virtual machine has a NIC that cannot be assigned an IP address during provisioning, instant-clone provisioning fails.
    • The forwarding rules for HTTP requests received by Connection Server instances have changed at this release. If you have defined custom frontMapping entries in locked.properties, you should remove them before upgrading. If you wish to disallow administrator connections to certain Connection Server instances, then instead of defining custom frontMapping entries, add this entry to locked.properties:
    frontServiceWhitelist = tunnel|ajp:broker|ajp:portal|ajp:misc|moved:*|file:docroot
    
    • In Horizon 8, the HorizonDbChk tool will not have access to vCenter credentials and will prompt for this information when needed.
    • Microsoft Windows Server requires a dynamic range of ports to be open between all Connection Servers in the Horizon 8 environment. These ports are required by Microsoft Windows for the normal operation of Remote Procedure Call (RPC) and Active Directory replication. For more information about the dynamic range of ports, see the Microsoft Windows Server documentation.
    • Screen DMA is disabled by default in virtual machines that are created in vSphere 6.0 and later. Horizon 8 requires screen DMA to be enabled. If screen DMA is disabled, users see a black screen when they connect to the remote desktop. When Horizon 8 provisions a desktop pool, it automatically enables screen DMA for all vCenter Server-managed virtual machines in the pool. However, if Horizon Agent is installed in a virtual machine in unmanaged mode (VDM_VC_MANAGED_AGENT=0), screen DMA is not enabled. For information about manually enabling screen DMA, see KB 2144475.
    • To use View Storage Accelerator in a vSphere environment, a desktop virtual machine must be 512GB or smaller. View Storage Accelerator is disabled on virtual machines that are larger than 512GB. Virtual machine size is defined by the total VMDK capacity. For example, one VMDK file might be 512GB or a set of VMDK files might total 512GB. This requirement also applies to virtual machines that were created in an earlier vSphere release and upgraded to vSphere 5.5.
    • The Global Policy, Multimedia redirection (MMR), defaults to Deny. To use MMR, you must open Horizon Console, edit Global Policies, and explicitly set this value to Allow. To control access to MMR, you can enable or disable the Multimedia redirection (MMR) policy globally or for an individual pool or user. Multimedia Redirection (MMR) data is sent across the network without application-based encryption and might contain sensitive data, depending on the content being redirected. To ensure that this data cannot be monitored on the network, use MMR only on a secure network.
    • The USB Redirection setup option in the Horizon Agent installer is deselected by default. You must select this option to install the USB redirection feature. For guidance on using USB redirection securely, see Deploying USB Devices in a Secure Horizon Environment.
    • For information on security considerations and disallowing inter-virtual machine transparent page sharing, see KB 2080735.
    • If a PCoIP Secure Gateway (PSG) has been deployed for PCoIP connections, zero client firmware must be version 4.0 or later.
    • RC4, SSLv3, TLSv1.0 and TLSv1.1 are disabled by default in Horizon 8 components, in accordance with RFC 7465, “Prohibiting RC4 Cipher Suites,” RFC 7568, “Deprecating Secure Sockets Layer Version 3.0,” PCI-DSS 3.1, “Payment Card Industry (PCI) Data Security Standard”, and SP800-52r1, “Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations.” If you need to re-enable RC4, SSLv3, TLSv1.0 or TLSv1.1 on a Connection Server or Horizon Agent machine, see Older Protocols and Ciphers Deactivated in Horizon.
    • Horizon 8 uses version m86 of Microsoft WebRTC source code.
    • For best practices on using Carbon Black with Horizon 8, see KB 95512.
    • Horizon 8 supports vSAN 8 Express Storage Architecture (ESA) for both full and instant clones. For more information on vSAN 8 ESA, see https://techzone.omnissa.com.
    • Horizon 8 supports a maximum of 500 virtual machines per ESXi host when using vSAN 8 ESA datastore. The achievable maximum depends on the workload and specifics of the hardware. For information on all Horizon configuration maximums, see VMware Configuration Maximums.
    • Cross-origin resource sharing is enabled by default. If you experience connection issues from Horizon Web Client, you might need to add the connection URL to the known origins list. For more information, see KB 85801.

    Upgrade

    Check the Omnissa Product Interoperability Matrix before upgrading your Horizon deployment. Note the following guidance:

    • You can only upgrade to a version with a release date later than your current deployment.
    • When upgrading from a non-ESB version to an ESB version, the target ESB version must be later than your current non-ESB release. For example, you cannot upgrade from Horizon 8 2203 (non-ESB) to Horizon 8 2111.1 (ESB) even though 2111.1 was released after 2203 (or you will lose features). You can only upgrade to Horizon 8 2212 or later versions.
    • Important: Please allow for extra time and preparation when you upgrade from a VMware-branded Horizon version to an Omnissa-branded Horizon version. For more details, see KB 6000681 and Upgrading to Omnissa Horizon 8 2412 and Later.

    Compatibility Notes

    The table below contains specific compatibility information as well as links to information located elsewhere.

    Resolved Issues

    There are no major bug fixes in this release to report.

    Known Issues

    The numbers included before the known issues refer to the issues logged in the Omnissa internal issue tracking system.

    Before upgrading to this release, please review the information in KB 6000681 and Upgrading to Omnissa Horizon 8 2412 and Later.

    [The release notes continue with detailed known issues, workarounds, and additional technical information for various components such as Horizon Connection Server, Horizon Cloud Connector, Horizon Recording, Horizon Agent for Linux, Horizon Agent for Windows, Horizon Client, Windows OS Optimization Tool, APIs, On-Premises Environments, Use of Open Source, Documentation, Localized Content for Omnissa Docs, and Support Contact Information.]

    Original source
  • All of your release notes in one feed

    Join Releasebot and get updates from Omnissa and hundreds of other software products.

    Create account
  • Jun 30, 2026
    • Date parsed from source:
      Jun 30, 2026
    • First seen by Releasebot:
      Jul 1, 2026
    Omnissa logo

    Omnissa

    Horizon DaaS 9.2.x Release Notes

    Omnissa releases Horizon DaaS 9.2.6 with bug fixes, stronger security, improved tenant management, corrected Activity Log CSV exports, better pool expansion handling, and support updates for Windows Server 2025 tenant binding.

    Horizon DaaS 9.2.x | 30 JUN 2026

    Links to Other Resources

    Product Documentation - All product documentation for Horizon DaaS is located in the Omnissa Information Hub.

    Compatibility Information - For the most recent information about compatibility between this product and other Omnissa products, see the Omnissa Product Interoperability Matrix.

    Horizon DaaS 9.2.6 - Released June 2026

    What’s New

    This release includes bug fixes.

    Resolved Issues for Horizon DaaS 9.2.6

    • Fixed pool expansion behavior so resize requests are processed correctly when Delete_quota is set to -1 or any value greater than 0.
    • Resolved an issue with tenant management in the Service Provider portal. Administrators can now disable, remove, and manage tenants as expected.
    • Corrected the Activity Log CSV formatting so that exported files maintain the expected column structure.
    • Made security enhancements to harden the management appliances and Horizon DaaS platform services.
    • Support updates for Windows Server 2025 tenant binding are now included.

    Horizon DaaS 9.2.5 - Released October 2025

    What’s New

    This release includes the following new features.

    • Now, Omnissa HDaaS VCPP Partners can migrate their tenant’s existing dedicated full clone VMs to Horizon on vSphere edge deployed for that tenant using their HVM Interface. For details, see Migrate Desktops to Horizon Cloud.

    Resolved Issues for Horizon DaaS 9.2.5

    There are no major issues to report in this release.

    Horizon DaaS 9.2.4 - Released March 2025

    Horizon DaaS 9.2.4 is now available on Omnissa Customer Connect for download and manual install.

    IMPORTANT: New Horizon Version Manager and Horizon Air Link Appliance 9.2.4 build

    Because an issue was identified in the build previously released on March 7, the build is replaced in Omnissa Customer Connect. The issue caused the Horizon Version Manager and Horizon Air Link Appliance OVA installation to fail. The replacement build corrects this issue.

    If you downloaded the earlier OVAs, please replace it with these updated versions to ensure a successful installation:

    • Horizon-Version-Manager-22.1.0.0-15020209714_OVF10.ova
    • horizon-air-link-vcpp-22.1.0.0-15331967732_OVF10.ova

    What’s New

    This release includes the following new features.

    • Agent Upgrade Support to Horizon Agents Installer 24.4.0
      Horizon DaaS platform now supports Horizon Agents Installer(HAI) 24.4.0.
      Auto-upgrade to HAI 24.4.0 is only supported from HAI version 23.3.0 or later.
      Customers on earlier versions must first upgrade to HAI 23.4.2 or later before using the auto-upgrade workflow.
      Direct upgrade using the offline bundle is fully supported on VMs with any agent version.
    • Horizon DaaS now supports 256 MB of video memory and an unlimited number of video devices. The default settings will remain 128 MB of video memory and 4 devices.
    • The Horizon DaaS Tenant can be configured as a web application on WS1 Access. Users can log in to Workspace ONE Access and then use the tenant registered as an app to launch the Tenant Admin portal. Note that you will need to provide credentials twice: first during login to the WS1 Access portal and again while logging in to the Tenant as Admin.

    To configure the Tenant Admin portal as a web app on WS1 Access:

    1. Launch the Workspace One Access Admin Console.
    2. Select domain as System domain and provide the credentials.
    3. Select Resource and then Web Apps.
    4. To configure a Horizon DaaS tenant for the first time, select New.
    5. Provide Name and other details and then click on Next. The Authentication Type will come up as SAML 2.0. (Note: Do not change it.)
    6. Under Configuration, select Manual.
    7. Provide the tenant’s FQDN for the parameters: Single Sign-On URL, Recipient URL and Application ID. The remaining parameters can be left with the default values.
    8. Leave Advanced Properties with default values. Click Next.
    9. Leave Access Policies with default values. Click Next.
    10. Click Save & Assign.
    11. Assign the Users and Groups to a Web application.
    12. On the Summary page, review the details again and then click on Save.
    13. Once verified, re-login to the Workspace One console using active directory credentials to see the web app.

    Clicking on the newly configured WebApp icon will redirect you to the Tenant Admin Console. Enter the credentials again to access the Admin Console.

    Resolved Issues for Horizon DaaS 9.2.4

    • Pool expansion issue when TA-DM is on a version lesser than 9.2.3 and SP-RM is on version 9.2.3 or later.
    • Activity logs are not shown properly other than English after applying 9.2.3

    Horizon DaaS 9.2.3 - Released September 2024

    Horizon DaaS 9.2.3 is now available on Omnissa Customer Connect for download and manual install.

    This release includes the following new features.

    • Security enhancements were made to harden the management appliances and Horizon DaaS platform services.
    • Support for Windows 11 and vTPM
      Windows 11-based Assignments with vTPM are now supported with Full Clone and Instant Clone Assignments, broadening vTPM support with the 9.2.2 release.
    • Dynamic NVidia vGPU card and profile support
      To be able to support an ever-increasing selection of NVidia Grid cards, this release supports importing infrastructure with previously unsupported NVidia hardware, and automatically detecting the vGPU profiles available on that vCenter cluster. This functionality was introduced with the 9.2.2 release, and has now been enhanced to support automatic detection when refreshing a vSphere cluster which has already been imported into Service Center. As before, all hosts on the new capacity need to have the same hardware and drivers loaded for this to be supported. Post detection, the CSP administrator can assign the available vGPU profiles to tenants using that hardware. Please refer to the documentation for the updated new workflows.
    • vGPU frame buffer quota management
      Historically, when partitioning a vCenter cluster across multiple tenants, the quota made available to the tenant was limited to vCPU and vRAM only. With this release, the possibility to partition vGPU frame buffer has been added. This function effectively limits the tenant to consume all vGPU capacity available on a cluster.
    • Tenant Desktop Manager (DM) to support vGPU and non-vGPU desktops
      The assignment creation workflow for the tenant admin now allows for the selection of the ‘none’ vGPU profile, also when the desktop capacity collection assigned to the applicable tenant Desktop Manager (DM) has vGPU enabled. This allows better consumption of assigned infrastructure if the assigned vGPU frame buffer quota has been exhausted, and simplifies the architecture for smaller tenants wanting to run desktops with and without vGPU by not needing two separate DMs.

    Horizon DaaS 9.2.2 - Released December 2023

    Horizon DaaS 9.2.2 is now available on Omnissa Customer Connect for download and manual install.

    This release includes the following new features.

    • Security enhancements to harden the management appliances and Horizon DaaS platform services.
    • Support for Multifactor Authentication (MFA/2FA) through the tenant Unified Access Gateway (UAG)
      With this release, the tenant administrator can set and update MFA settings using the UAG that was installed by the CSP delivering the service. The updated workflow allows pulling current MFA settings and updating them to the tenant requirements, including the latest options supported by RSA MFA. For these new workflows, tenant MFA policies have been added. Please see the documentation for these updates.
    • Dynamic Nvidia vGPU card and profile support
      To help support an increasing number of Nvidia grid cards, this release supports importing infrastructure with previously unsupported Nvidia grid cards, and automatically detects the vGPU profiles available on that vCenter cluster. All hosts on the new capacity need to have the same hardware and drivers loaded for this to be supported. Post detection, the CSP administrator can assign the available vGPU profiles to new tenants using that hardware. Please see the documentation for details.
    • Support for Windows 11 and vTPM
      Windows 11-based full-clone assignments with vTPM are now supported with dedicated full-clone assignments, when using vCenter/vSphere 8 as the hypervisor and enabling vTPM on the golden image used for the assignment. Updates to the documentation for instant-clone assignments with vTPM enabled will be posted in the short term.

    Horizon DaaS 9.2.1 - Released August 2023

    This release includes the following new features.

    • Security enhancements were made to harden the management appliances and Horizon DaaS platform services.
    • New version of the Horizon DaaS appliance template: With Horizon DaaS 9.2.0, the Service Provider, Resource Manager, and Tenant Appliances are upgraded to Ubuntu 22.04 LTS through the Blue/Green upgrade process. The 9.2.1 release adds updates to several core services to fully support the updated appliance OS.
    • Brownfield support for NSX-V to NSX: Horizon DaaS 9.2.0 includes a documented (guided) migration path for CSPs currently using NSX-V to manage their Horizon DaaS networks, to a more recent version of VMware NSX (previously NSX-T) for supporting their DaaS tenants. The 9.2.1 release adds updates to the documentation.
    • Support for NSX 4.1: Starting with Horizon DaaS 9.2.1, NSX 4.1 is supported.
    • Support for vSphere and vCenter 8.0 U1: With the EoS for vSphere/vCenter 6.7, the 9.2.1 roll-up release adds support for vSphere/vCenter 8.0 U1.
    • Add User Session insights for the Tenant Administrators: In 9.1.x, additional user information has been available through a (hidden) search function. In the 9.2.1 roll-up, this capability has been productized to a broader extent and is available to tenant administrators through the search and assignment workflows.
    • Tenant Administrator Activity Logging: A new reporting option has been made available to Tenant SuperAdmins that allows reporting on setting changes made through the Tenant Admin portal by administrators.
    • Service Center Administrator Activity Logging: A new reporting option has been made available to Service Provider SuperAdmins that allows reporting on changes made through the Service Center portal by any administrator.
    • Move 2FA Authentication from TA to UAG: With the 9.2.0 release, support for RSA two-factor authentication (2FA) has been moved to the Omnissa Unified Access Gateway [for Horizon/Workspace ONE] to allow broader support for the latest capabilities of RSA 2FA. With the 9.2.1 release, additional management options have been added to Horizon Version Manager to detect which 2FA authentication is in place. Also additional tenant policies have been added to Service Center to manage 2FA (for migration).
    • Support vGPU on IC Assignments: With the 9.2.1 roll-up, support for vGPU with Instant Clone assignments was added.
    • Support vGPU on Farms: With the 9.2.1 roll-up, support for vGPU with Farms (for Application and Session based assignments) was added.

    Software Versions Required for Upgrade

    Before upgrading to Horizon DaaS 9.2.0, confirm that the service provider and tenant appliances in your environment are running Horizon DaaS 9.0.0, 9.0.1, 9.0.2, 9.1.0, 9.1.1, 9.1.2, 9.1.3, or 9.1.4. These are the versions required for upgrade.

    Note Regarding Appliance Restore After Upgrade

    Restoring Horizon DaaS platform appliances to previous versions after upgrading to the 22.1.0/9.2.0 release is supported.
    To ensure that the platform setup can support anticipated/unexpected restores of any appliances of version 20.2.x/9.0.x or 21.1.x/9.1.x, before performing the Restore you must copy the entire directory from the 20.2.x/9.0.x or 21.1.x/9.1.x Horizon Air Link appliance to the new 22.1.0/9.2.0 Horizon Air Link appliance at the same path. This can be done at any point in time after installing the 22.1.0/9.2.0 Horizon Air Link appliance, including after upgrading the platform Management appliances (SPs and RMs).

    New Features

    This release includes the following new features.

    • Migrating Deployments to NSX-T Environment - If you currently use VMware NSX for vSphere (also known as NSX-V) to manage your Horizon DaaS networks, this release supports a migration path to VMware NSX (also known as NSX-T). For instructions on how to migrate your virtual networking infrastructure, see Horizon DaaS 9.2.x Migration to NSX-T.
    • New version of the Horizon DaaS appliance template - The Blue/Green upgrade to Horizon DaaS 9.2 includes a new appliance template, based on a more recent version of the underlying appliance OS. The newer version allows longer-term support for the core services used by the platform, and will be the basis for the product updates in the future.
    • New version of the Horizon Version Manager (HVM) appliance - The HVM appliance update offers additional options, specifically for error logging and rollback control. HVM administrators can now collect logs for the Horizon Air Link, resource manager, service provider, tenant, and desktop manager appliances in a single step.
    • Default domain option for user login - Tenant administrators can now can use the display.default.domain.at.top tenant policy to specify the default domain for client (user) login. This allows updated clients to display the default user domain as preselected at the top of the domain list.
    • Improved Active Directory (AD) support - New tenant policies have been added to this release, specifically designed to help CSP administrators in situations where tenant AD authentication causes issues with AD servers across slow links or complex AD sites.

    Best Practices

    Knowledge of the following facts is useful before using Horizon DaaS.

    • For Horizon DaaS releases using JDK 11.0.18 - The weaker Kerberos encryption types DES and RC4-HMAC (16 and 23) are unsupported.
    • Moving VMs in vCenter - Moving appliance VMs to other folders in vCenter is not recommended because there are checks performed during resync and upgrades that fail if the appliance VM is not in the folder in which it was created.
    • Changing Desktop VM configuration - Changing the configuration (network, datastore, cluster, ESX host) for VMs that are created by the Horizon DaaS platform (Appliance VMs, Desktop VMs, Farm VMs, Images, and others) is not recommended. The platform tracks the configuration upon creation and will not actively check with vCenter whether changes are made manually or through other means. If such a change is needed to be made, please contact Omnissa Customer Connect about the steps needed to made those changes apparent to the Horizon DaaS management layer.
    • Agent Update for Assignment with 1 VM - If you are performing Agent Update for an assignment with only 1 VM, you must set Available VMs to Users to 0.
    • Replacing Platform Files Before Upgrade - The platform files on the Customer Connect site are sometimes updated for bug fixes and improvements. When this happens, you should replace the files on HVM with the new ones so you can avoid known issues during upgrade.
      • Confirm that the files on HVM are the same as those on Customer Connect site by the comparing hash values on each file before upgrading Service Provider, Resource Manager, and Tenant.
      • If the hash values do not, match download the new files from the Customer Connect site and put them into HVM.
    • Deploying Horizon DaaS at Scale - The following are best practices for building and scaling a Horizon DaaS production deployment:
      • Each Tenant Resource Manager (RM) supports a maximum of 18 tenants (with 12 tenants as the recommended maximum).
      • Each Tenant RM manages a single vCenter Server instance.
        • The vCenter Server instance manages a maximum of 10,000 VMs, across multiple clusters.
      • When a tenant requires multiple Desktop Managers (the Tenant Appliance being also a Desktop Manager), each DM must be assigned to a separate vCenter cluster but can be assigned to the same vCenter. As such for large tenants with two DMs, they must be assigned to two separate vCenter clusters, but those can be managed by the same Tenant RM that is managing the vCenter Server instance for both clusters. Please do keep in mind the best practices for vCenter Server scalability (including recommendations when using Omnissa App Volumes for application lifecycle management).
      • Example: A Horizon DaaS production deployment with 60 tenants each needing only the Tenant Appliances, with a single capacity collection assigned to the Tenant, and each Tenant running fewer than 2,000 VMs.
      • For this environment the recommended setup would be:
        • Datacenter Service Provider appliances pair.
          • The Service Provider connects to a vCenter Server for the management appliances.
          • Although this vCenter is only for the platform management function, it doesn’t need to be dedicated to that task and can be used for other management functions.
          • The Service Provider does not connect directly to vCenter but uses the HAL appliance for the any operations towards vCenter.
        • Five Tenant RMs, each managing 12 tenants.
        • To support the tenant desktop workloads, five (5) vCenter Servers with clusters, and the number of clusters depending on whether dedicated or partitioned clusters are used.
          • Recommended maximum of 10,000 VMs per vCenter Server.
          • Each Tenant Appliance or Desktop Manager manages a maximum of 2,000 desktops or sessions.
          • For large tenants, it is recommended to dedicate the vCenter Server cluster.
        • 60 Tenant Appliance pairs (and most likely 60 Unified Access Gateway pairs as well).
        • If some of those tenants need another DM, then those DMs can be assigned to an existing Tenant RM, but not to the vCenter cluster that is assigned to the Tenant Appliance of the same tenant.
          • Keep in mind the recommended maximum of 12 tenants supported per Tenant RM.
    • Browser Experience - The Administration Console is compatible with recent versions of Google Chrome, Mozilla Firefox, Microsoft Internet Explorer, and Microsoft Edge. Even though you can try using Apple Safari, use of the Administration Console in Apple Safari is not supported in this release.
    • Creating a Template Desktop VM - When you are creating a template VM, after you have finished configuring it run the following command in Windows PowerShell: Get-AppxPackage|Remove-AppxPackage. This prevents a possible sysprep issue that leads to image publish failure.
    • Refreshing Desktop Capacity Information on Tenant Quotas Tab - When editing a tenant, if the Desktop Capacity information on the Quotas tab is not correct, then refresh the page to correct this. In particular, the In Use value for Std Capacity may sometimes display incorrectly and need to be refreshed.

    Supported GPU Cards

    This section of the release notes lists the GPU cards supported by Horizon DaaS. The list will be updated as new cards are verified.
    Note: If you want to use a card that is not currently listed, contact Omnissa Customer Connect.

    Known Limitations

    • Customer Appliance Configuration Changes Do Not Persist After Upgrade - After you upgrade your environment, custom configuration settings that you made (for example, modifying disk timeout) do not persist and need to be re-applied manually when the upgrade is complete.
    • User Activity License Report - Data Does Not Persist After Upgrade - After you upgrade your environment, data for User Activity License Reports (formerly known as Concurrent Users License Reports) run before the upgrade is no longer available. To avoid this issue, it is recommended that you save any data you want to keep before performing the upgrade.
    • Horizon Version Manager - Connection to vCenter Server Using FQDN - If your Active Directory and DNS Server are running on the same machine, you may find that Horizon Version Manager cannot reach the vCenter Server by its Fully Qualified Domain Name (FQDN) while still being able to connect using its IP address. The workaround for this is to add host entries to the /etc/hosts file for the FQDN. For example: vc1dc1.newdaas.local xx.xxx.xx.xx
    • After Failed Deployment - Manual Clean-Up Required - For security reasons, after a failed Horizon DaaS deployment you are required to perform a manual clean-up of the primary service provider appliance (SP1). During deployment, Horizon Air Link establishes temporary SSH trust between the installing node and SP1 by copying the node’s SSH public key to the SP authorized keys list. In a successful deployment these keys are removed automatically after the deployment is complete. But when there is an unexpected deployment failure, you need to remove these keys manually.
    • Migrating Between Clusters in Multi-DM Environment - In a multi-DM environment with two clusters assigned to different (but linked) vCenters, if you migrate a VM from one cluster to the other, the migrated VM is marked as deleted in the tenant FDB and is not available for use. The workaround for this is to wait for the system to perform a full inventory update. This can take up to 12 hours. [2187188]
    • Connecting to Administration Console Using Mozilla Firefox
      • Attempting to connect to the Administration Console via Mozilla Firefox can fail with a connection timeout due to a bug in Firefox. The workaround for this is to change the name of certificate file, which is located in the C:\Users\‹username›\AppData\Roaming\Mozilla\Firefox\Profiles\‹filename›.default directory and has a name similar to cert1.db, and then restart the browser.
      • Attempting to connect to the Administration Console via Mozilla Firefox fails when you are using a self-signed certificate (normally in a development environment). You can avoid this issue by using another browser.
    • DNS Server IP Edits for Domain Join Require Support Ticket - When editing an existing Active Directory Domain, you can no longer directly edit DNS Server IPs in the Administration Console. To change DNS Server IPs, contact Omnissa Customer Connect.
    • Default Limit of 2,000 Desktops Per Pod - There is now a default limit of 2,000 VMs per pod, both in desktop assignments and in farms. This includes VMs created in earlier versions of the product but does not include Utility or Imported desktops. When you are creating or editing an assignment or farm and the remaining capacity displayed appears to be too low, it may be because this limit has been reached. The default limit of 2,000 can be adjusted on request. For more information, contact Omnissa Customer Connect.
      Note to Service Providers: When registering or editing a tenant, you can change this setting by modifying the value in the new Max Desktop Count Per DM field on the General tab.
    • Agent Upgrade to HAI 18.4 Requires Use of BAT File - When you upgrade from an older agent build to the HAI 18.4 using the HAI user interface, the installer creates the HAI-upgrade.bat file and then interrupts the upgrade, prompting you to close the user interface and complete the upgrade using the BAT file.
      When the upgrade is complete, the VM will be rebooted automatically. You can prevent this reboot by doing either of the following:
      • Update the command-line options in the HAI user interface before the BAT file is generated, adding /norestart at the end of the command.
      • Manually update the generated HAI-upgrade.bat file, adding /norestart at the end of the command.
        Note: The VM must be rebooted sometime after the upgrade in order for the Agent to be usable.
    • Updating Images Using Console Access - Performing updates to images (such as updating agents) using console access without taking the image offline and then accessing it via the Helpdesk Console (beta feature) is not supported and can cause issues with the image and subsequent pools spun up using this image. Do not attempt to perform image updates this way. Always duplicate the image from the Admin Console and then update it using the HACA Console.
    • Copying and Pasting Between Client System and VM With HTML Access - Copying and pasting text between a client system and a VM is supported by default when the user is connected via the Horizon Client. When the user is connected via HTML Access, however, you must configure this feature before the customer can use it. For more information, see the Omnissa Horizon HTML Access documentation.
    • Users Still Able to Log into Dedicated Desktops After Being removed From User Group - If a user is in an Active Directory group that is assigned to a dedicated desktop assignment, once the user has logged into a particular desktop they will be able to continue logging into that same desktop until the user is unassigned from that desktop in the Administration Console, unless either the user is removed entirely from the Active Directory or the desktop is deleted.
    • Wait Time for Generating Admin Activity Report - When you initiate an export on the Admins tab of the Activity page (Monitor > Activity > Admins), there is an interval of time as the system generates the report, during which you are not able to perform other tasks in the Administration Console. Depending on the number of records, this interval can be several minutes long. For the maximum report size (50,000 records), the wait time is approximately 10 minutes.
    • Data Sorting in Exported User Activity Report - When you export data from the Users tab of the Activity page (Monitor > Activity > Users), the data in the generated .csv file is not sorted by date. There are two options for correcting this:
      • Open the .csv file in Excel and set the date format for the cells containing dates to mm/dd/yy hh:mm AM/PM (e.g. 3/14/12 1:30 PM).
      • Create a new blank Excel workbook and then use the data import wizard to import the .csv file.
    • Converting a Desktop to an Image - If you initiate converting a desktop to an image but cancel before the task finishes, a second attempt to convert the desktop to an image may fail. To avoid this issue, you should power off the desktop and power it on again before attempting to convert it to an image a second time.
    • Time Interval Before Changes to Settings Take Effect - When you change one of the following settings, it can take up to 5 minutes for the change to take effect.
      • General Settings page (Settings > General):
        • Session Timeout - Client Heartbeat Interval, Client Broker Session, Client Idle User
        • HTML Access - Cleanup credentials when tab is closed
        • Pool/Farm Options - Enable Client Retry
      • Identity Management page (Settings > Identity Management):
        • Select item and click Configure - Force Remote Users to Identity Manager
      • Service Provider Information - When you change one of the following tenant policies, it can take up to 5 minutes for the change to take effect.
        • desktop.connection.corrective.action.required
        • desktop.connection.retry.count
        • client.retry.enabled
        • element.session.logontiming.enabled
        • jms.agent.allow.mmr
        • jms.agent.allow.usb

    Resolved Issues

    The following issues have been resolved in Horizon DaaS 9.2.0.

    • User Assignment During VM Migration
      When migrating a VM with an assigned user, the user was erroneously assigned at the pool level. This issue has been resolved and no longer occurs.
    • Null Display in User Report for Active Sessions
      The User Report UI was displaying NULL[...] for active sessions. This issue has been resolved and no longer occurs.
    • Outdated DNS Entries in resolv.conf
      DNS server information updated through the UI was not reflected in the resolv.conf file, which continued to show old DNS entries. This issue has been resolved and no longer occurs.
    • Support for ‘/’ Character in Network Names
      The network name field did not accept the ‘/’ character. This issue has been resolved and no longer occurs.
    • Request Timeout for certssoutil Config Requests
      Introduced request timeout in certssoutil config requests for TrueSSO configuration. This issue has been resolved and no longer occurs.
    • Support for UAG 23.12 in apsetup Script
      The apsetup script needed updates to be compatible with UAG 23.12. This issue has been resolved and no longer occurs.
    • Nagios Reports Desktone_DatabaseStatus Error After Applying RollUp02
      After applying RollUp02, Nagios was reporting an error related to Desktone_DatabaseStatus. This issue has been resolved and no longer occurs.
    • Failure to Publish Image When VMware Tools Version on VM is Older Than ESXi Host Version
      Publishing an image fails if the VMware Tools version on the VM is older than the version included in the ESXi host. This issue has been resolved and no longer occurs.
    • Failure to convert Windows Server 2019 to image with HAI 22.2
      When attempting to convert a Windows Server 2019 machine to an image with Horizon Agent Installer (HAI) 22.2, this error message displayed: “Error Unable to send message=SEAL, all sender types have been exhausted.” This issue has been resolved and no longer occurs. [3095930]
    • Horizon DaaS console failed to display available vGPU profiles
      In the Service Center console, on the Quotas tab, the “Available vGPU Profiles” list was empty. This issue has been resolved and the console now displays the available vGPU profiles. [3085570]
    • Unavailability of tenant administration functions due to Internal Error
      Administrators could not perform tasks in the tenant console and encountered the error message: “Internal Error. Unexpected internal error occurred and system was unable to complete your request. Please try again later.” This issue has been resolved and no longer occurs. [3079599]
    • Traditional clones booted to OOBE or entered a boot loop
      The virtual machines in a traditional cloned pool booted to Out Of Box Experience (OOBE) mode or got stuck in a boot loop. This issue has been resolved and no longer occurs. [3043629]
    • App Volumes 4.x not supported with Horizon DaaS
      In earlier releases, Horizon DaaS did not work properly with version 4.x of App Volumes. This issue has been resolved, and Horizon DaaS now supports App Volumes 4.x. [3064658]
    • New Spring API enables pool partitioning
      This release implements a new Spring API that makes it possible to create pool partitions. [3018499]
    • Memory usage values did not match between Service Center and vCenter Server
      There was a discrepancy between the memory usage values displayed in the Service Center portal and vCenter Server when virtual machines had multiple network interfaces. This issue has been resolved and no longer occurs. [3033772]
    • Traditional cloned desktops did not clone properly
      There was a problem with traditional cloned desktops where the desktops powered on with NICs in disconnected state. This issue has been resolved and no longer occurs. [2938977]
    • Environment unavailability due to /var partition reaching 100%
      The tenant environment became unavailable when the /var partition reached 100% on tenant appliances. This issue has been resolved and no longer occurs. [2815895]
    • Updated Spring framework
      The Spring framework has been upgraded to version 5.3.19. [2803741]
    • GIGC on all appliances
      The existing CMS GC has been replaced with G1GC on all appliances. [2803738]

    Known Issues

    • Deployment of instant clone and Resync fails with SERVER_FAULT_FATAL - Runtime error
      After upgrading vCenter Server to version 6.7 or 7.0, instant clone deployment fails with the following error in the Activity log of the Administration Console: “SERVER_FAULT_FATAL - Runtime error: No full links for internal VMs found. See Omnissa KB 89679.
    • TrueSSO configuration fails.
      After you pair a tenant with the TrueSSO Enrollment Server, the TrueSSO configuration fails. This issue arises from the updated OpenSSL libraries included with this release. There are plans to fix this issue in an upcoming release.
      Workaround: None
    • Two-factor authentication with RSA fails after tenant upgrade to 9.2.0.
      If an existing tenant appliance uses RSA SecurID for two-factor authentication and then gets upgraded to Horizon DaaS 9.2.0, the connection to the RSA Authentication Manager fails. There are plans to fix this issue in an upcoming release.
      Workaround: Move the two-factor authentication from the tenant appliance to the Unified Access Gateway instance that manages network traffic in front of the tenant.
    • Horizon Air Link logs must be downloaded separately.
      Horizon Version Manager provides options for collecting multiple appliance logs. However, the logs for the Horizon Air Link (HAL) appliance cannot be collected together with other appliance logs.
      Workaround: Collect the HAL appliance logs separately. On the Projects > Horizon-DaaS-Ops > Download-Logs page, specify the following settings only. Leave all other settings blank.
      • Enter the service provider information for Primary-SP-IP and SP-Appliance-Password.
      • Select the HAL check box.
      • Enter the Hal-Password.
    Original source
  • Jun 21, 2026
    • Date parsed from source:
      Jun 21, 2026
    • First seen by Releasebot:
      Jun 23, 2026
    Omnissa logo

    Omnissa

    Workspace ONE ITSM Connector - 9.0.0

    Omnissa releases Workspace ONE ITSM Connector for ServiceNow updates with organization group-based access controls, mobile DEX telemetry in tickets, device search by friendly name, configurable UEM, Experience, and Horizon tabs, and up to 90 days of DEX history, plus ServiceNow Australia certification and fixes.

    Workspace ONE ITSM Connector for ServiceNow Release Notes detail the new features and enhancements in each release. This page contains a summary of the new capabilities, issues that have been resolved, and known issues that have been reported in each version over the last 12 months.

    Urgent Notification regarding legacy Domain End of Service

    As part of the migration from legacy VMware owned domains to Omnissa owned domains, customers’ network and security teams must make firewall changes to allow access to the new Omnissa owned domains by June 15th, 2025, to prepare and not block the new Omnissa domain network requests in upcoming product and service updates. This also impacts any API driven tasks or automation tasks created. Please see KB6000840 for more information.

    New Features

    Organization Group-Based Access Controls

    ServiceNow administrators can now configure access controls based on Organization Groups (OGs) to restrict device remediation to specific groups of devices.

    This enhancement provides more granular control over the following:

    • The actions that are permitted
    • The service desk user groups that are authorized to perform those actions
    • The Organization Groups, and their associated devices, on which actions can be performed

    For more information, see Configure Organization Group-Based Access.

    Digital Employee Experience Data for Mobile Devices

    Service desk administrators can now view Digital Employee Experience (DEX) telemetry data for mobile devices directly within any ServiceNow ticket. This enables faster diagnosis and resolution of mobile device issues without leaving the ServiceNow interface.

    The following mobile DEX data is available within any ServiceNow ticket:

    • Network performance
    • Battery averages
    • Application crash events
    • User telemetry

    Device Search by Friendly Name

    Service desk administrators can now search for devices by using the device’s friendly name. This expands the available search options beyond serial number and username, so administrators can locate devices and initiate investigation or remediation more quickly.

    Configurable UEM, Experience, and Horizon Tabs

    ServiceNow administrators can now configure the visibility of the UEM, Experience, and Horizon tabs within any ServiceNow ticket. Each tab can be independently shown or hidden to align with your organization’s workflow requirements.

    Extended DEX Data History

    ServiceNow administrators can now configure the Experience data display period to show device events for up to 90 days. The previous limit of 24 hours has been extended, allowing service desk administrators to view and analyze a longer history of device events to diagnose recurring or intermittent issues.

    ServiceNow Australia Release Certification

    Workspace ONE ITSM Connector 9.0 has been tested and certified for the ServiceNow Australia release.

    Minimum Requirements

    The following are the Minimum Requirements for Workspace ONE ITSM Connector.

    • Workspace ONE UEM – 24.02 or later
    • Workspace ONE Assist - 24.03 or later
    • Horizon 2312 - 8.12 or Later
    • Performing Horizon actions requires a Horizon license and a Horizon 8 deployment
    • ServiceNow releases supported – Zurich, Yokohama, or Xanadu
    • Available on all device platforms supported by Workspace ONE UEM and Workspace ONE Assist
    • Performing Workspace ONE UEM device actions requires a UEM license and UEM enrollment of the device
    • Starting a Workspace ONE Assist session on the device requires an Assist license and registration to the Assist server

    Resolved Issues

    • DEXSD-1189 - Resolved performance issues that affected Workspace ONE Assist sessions. Audit and logging improvements have been made for app and profile removal actions. Serial numbers and work notes are now recorded correctly when apps or profiles are removed, providing a complete audit trail for service desk operations.

    Known Issues

    • We are always working to improve the Workspace ONE ITSM Connector for ServiceNow with every release. There are no known issues to report.
    Original source
  • Jun 18, 2026
    • Date parsed from source:
      Jun 18, 2026
    • First seen by Releasebot:
      Jun 19, 2026
    Omnissa logo

    Omnissa

    Workspace ONE Content 26.05 - June 2026

    Omnissa Workspace ONE Content adds support for displaying For You sections as configured in the Workspace ONE UEM Console, with a resolved file delete issue and no notable known issues.

    Urgent Notification regarding legacy Domain End of Service

    As part of the migration from legacy VMware owned domains to Omnissa owned domains, customers’ network and security teams must make firewall changes to allow access to the new Omnissa owned domains by June 15th, 2025, to prepare and not block the new Omnissa domain network requests in upcoming product and service updates. This also impacts any API driven tasks or automation tasks created. Please see KB6000840 for more information.

    Omnissa Workspace ONE Content Release Notes detail the new features and enhancements in each release. This page contains a summary of the new capabilities, issues that have been resolved, and known issues that have been reported in each version.

    Workspace ONE Content 26.05 - June 2026

    New Features

    • Support to display sections in For You tab as configured in the Workspace ONE UEM Console. See Configure Workspace ONE Content.

    Minimum Requirements

    • iOS 16+
    • iPadOS 16+
    • Workspace ONE UEM Console 2410+ For more information, see WS1 UEM Console Release and End of General Support Matrix (2960922).

    Resolved Issues

    Note

    The numbers included before the resolved issues are used for internal issue tracking.

    • ISCL-185050: WS1 Content delete option is grayed out for files

    Known Issues

    We haven’t identified any notable known issues in this release. If you’re facing any problems, feel free to reach out to our support team.

    Original source
  • Similar to Omnissa with recent updates:

  • Jun 14, 2026
    • Date parsed from source:
      Jun 14, 2026
    • First seen by Releasebot:
      Jun 16, 2026
    Omnissa logo

    Omnissa

    Omnissa App Volumes 2603.x

    Omnissa App Volumes adds application relationships, streamlined MSIX packaging, seamless in-session app updates, VMDK-to-VHD conversion, and default On Demand delivery. The 2603.1 maintenance release also fixes licensing, launch, capture, and install issues.

    Omnissa App Volumes 2603.1 | May 25 2026 | Build 4.21.1.140

    Omnissa App Volumes 2603 | April 14 2026 | Build 4.21.0.139

    Check for additions and updates to these release notes.

    Omnissa App Volumes is a real-time application delivery system that enterprises can use to dynamically deliver and manage applications.
    Omnissa App Volumes Release Notes lists New Features, Resolved Issues and Known Issues for this release.

    What’s New - 2603.1

    App Volumes 2603.1 is a maintenance release.

    What’s New - 2603

    • Application Relationships

    Introduces support for application dependency, conflict, and precedence, enabling controlled and predictable application delivery across environments.

    • Application Capture with Prerequisites

    Prerequisite packages can now be delivered to the capture machine, allowing the application to be packaged with required dependencies present and referenced later through application relationships.

    • VMDK-to-VHD Package Conversion

    Adds automated conversion from VMDK to VHD, enabling a consistent package format across physical, virtual, and cloud environments. VHD becomes the preferred format for modern deployments, offering greater portability and flexibility for hybrid use cases, while VMDK remains supported.

    This capability is available in prior releases; however, it is now significantly streamlined and enhanced to deliver a more efficient and enterprise-ready migration experience.

    • MSIX Packaging Workflow Simplified

    Introduces a streamlined command-line workflow for MSIX packaging, reducing manual steps and simplifying large-scale package creation. This improves consistency and lowers the operational effort required to adopt and manage MSIX-based applications.

    • Seamless In-Session App Updates

    Applications can now be updated without requiring user logoff or session restart. Previously limited and requiring additional configuration, this capability is now brought forward as a standard experience across both physical and virtual Windows environments.

    • On Demand Delivery Selected by Default

    New packages created in App Volumes Manager now default to On Demand delivery instead of Classic. This aligns system behavior with the recommended delivery model and helps drive consistent adoption without requiring manual configuration.

    Resolved Issues for App Volumes 2603.1

    The number included after each resolved issue is used by the internal issue tracking system.

    • [AVA-28046] App Volumes Direct installation fails when using the App Essentials license for install and the following error occurs:
      The License Key entered is invalid. Verify the format and ensure it matches the provided License Key. License Keys are 35 characters long and formatted as XXXXX-XXXXX-XXXXX-XXXXX-XXXXX-XXXXX.

    • [AVA-28036] Some issues occur when using App Volumes-packaged MSIX applications due to a race condition between App Volumes and an OS operation. The issues are as follows:

      • In a Horizon RDSH session, the MSIX applications might fail to launch with the following error:
        Windows cannot access the specified device, path, or file.
      • In a Dependency or Install Order Application Relationships scenario, if an MSIX application is the base or the first application, then as per the expected behavior, the MSIX application must virtualize first followed by the dependent or the second application respectively. Instead, the dependent or the second application might get virtualized even before the MSIX application. Neither relationship type is honored.

      Note:
      For Dependency, the expected behavior is when the base application fails to virtualize, then virtualization of the dependent application also fails.

    Resolved Issues for App Volumes 2603

    The number included after each resolved issue is used by the internal issue tracking system.

    • [AVM-46052] “A ConnectionTimeoutError: Could not obtain a connection from the pool within… all pooled connections were in use” might occur due to a database connection leak when a large number of ESXi hosts are used for direct mounting of App Volumes packages.
      Direct mounting occurs when a vCenter Server is configured as the machine manager with the Mount ESXi option enabled, or when an ESXi (Single Host) is configured as the machine manager. This issue is more likely when the number of ESXi hosts are high.

    • [AVM-45808] An end user cannot log into any virtual machine if their VHD Writable Volume stays attached after a virtual machine crashes.
      In VHD In-guest mode if a Writable Volume is attached and the VM crashes, the following might happen: If a Writable Volume is in use during the failure, the file share might not release the file handle from the crashed virtual machine. As a result, the user is prevented from using the Writable Volume on other virtual machines. If the Exception Resolution setting of the Writable Volume is configured as Block user login, the user cannot login into other virtual machines.
      When the Writable Volume is requested for a user and the unused file handle is released, the Writable Volume attachment is updated in App Volumes. The user can then use the Writable Volume in any virtual machine they log into. Administrators can configure the file share to modify the behavior of unused file handles.

    • [AVM-45692] The Browse button for selecting a custom location fails to work when installing App Volumes Manager in the custom location (other than the default location). As a result, App Volumes Manager cannot be installed in the custom location.

    • [AVM-45652] The launch of an on demand published application, which is delivered by App Volumes, fails in Horizon 2512 with the following error message "The application could not be launched, possibly because it is missing or misconfigured. Contact your administrator for more information". This issue is seen with App Volumes 2512 and earlier.

    • [AVM-45784] Application capture might fail because volumes do not mount on the capture VM when the VMDK Package Attachment Resiliency, an advanced setting, is enabled in App Volumes Manager.
      For more information about this setting, see the App Volumes Manager Configuration Settings page in the App Volumes Administration Guide at Omnissa Product Documentation.

    • [AVA-27583] Direct Mode installation cannot happen in non persistent machine error occurs when the App Volumes installer (msiexec) is run in an elevated command prompt, without using the /qn (silent install) parameter, with DIRECT=1 and NONPERSISTENT parameter is not used.
      If DIRECT=1 and NONPERSISTENT is not used (or NONPERSISTENT=0), then App Volumes agent is installed in the Standalone mode. For more information about the parameters, see the Install App Volumes Agent section in the App Volumes Install Guide at Omnissa Product Documentation.

    • [AVA-27418] The App Volumes agent incorrectly identified mapped network drives as local drives, causing unexpected folder-creation behavior.

    • [AVA-27442] In some environments like Hyper-V, application capture fails with the following error: "virtual disk delete failed: The process cannot access the file because it is being used by another process".

    Known Issues

    The number included after each known issue is used by the internal issue tracking system:

    • [AVM-47039] A failed SyncIntegrationsJob can block subsequent synchronization requests initiated from an App Volumes integration (in the App Volumes Admin UI, Infrastructure → Integrations), thus preventing new integration synchronization jobs from getting scheduled and running successfully.
      Workaround: In the App Volumes Manager admin UI, navigate to Activity → Pending Actions. Identify whether any SyncIntegrationsJob job is in the Failed state. Before proceeding with further validation, configuration, or testing activities, delete all failed jobs.

    • [AVM-36787] The following error is logged in App Volumes Manager when session hosts in a host pool are shut down: "Session: Request is missing session cookie." In the Azure Virtual Desktop environment, a session cookie is provided only when an end user logs into a computer. If a computer starts and shuts down without any end user logging in, then a session cookie is never set. This results in a 401 (unauthorized) error.
      This error does not affect the end user.

    • [AVA-28046] App Volumes Direct installation fails when using the App Essentials license for install and the following error occurs: "The License Key entered is invalid. Verify the format and ensure it matches the provided License Key. License Keys are 35 characters long and formatted as XXXXX-XXXXX-XXXXX-XXXXX-XXXXX-XXXXX."
      Important: There is no workaround. Upgrade to App Volumes 2603.1 and later.
      Resolved: This issue is now fixed in App Volumes 2603.1.

    • [AVA-28036] Some issues occur when using App Volumes-packaged MSIX applications due to a race condition between App Volumes and an OS operation. The issues are as follows:

      • In a Horizon RDSH session, the MSIX applications might fail to launch with the following error: Windows cannot access the specified device, path, or file.
        Workaround: Wait for a few seconds to allow the OS to complete its operation and launch the application again.
      • In a Dependency or Install Order Application Relationships scenario, if an MSIX application is the base or the first application, then as per the expected behavior, the MSIX application must virtualize first followed by the dependent or the second application respectively. Instead, the dependent or the second application might get virtualized even before the MSIX application. Neither relationship type is honored.
        Note: For Dependency, the expected behavior is when the base application fails to virtualize, then virtualization of the dependent application also fails.
        For more information about application relationship types, see Understand Types of App Volumes Application Relationships.
        Resolved: This issue is now fixed in App Volumes 2603.1.
    • [AVA-24547] .tmp files are seen in the install directory when an upgrade rolls back in a persistent machine with active entitlements.
      These files do not affect any App Volumes operations. By default, these files are automatically deleted after the machine restarts.
      Workaround: If they are not deleted due to any issue, then you can navigate to the install directory and manually delete the files.

    • [AVA-24493] If the CURRENT marker of the application is modified after the user launches the application in a session, RemoteApp launch silently fails in Azure Virtual Desktop.
      Workaround: To use the RemoteApp, the end user must log out of the Remote Desktop client app and log back in again.

    • [AVA-26351] An OS junction point from a native folder that belongs to a banned list to a non-virtualized folder (such as %APPDATA% in configurations that do no use UIA+Profile Writable Volume or a Profile-only Writable Volume) does not work properly. Files written to the junction source do not appear in the junction target.

    • [AVA-26353] In a multi-session environment, the error associated with the Microsoft Office application is also visible to users who are not assigned this application package. While the application does not behave as expected for the users assigned to this package, the error has no effect on users who are not assigned to the package.

    • [2791414] When a Writable Volume and FSLogix Office Container are deployed together in a VDI, the FSLogix Office Container VHD is not created on an SMB file share. This issue occurs only when the Cloud Cache feature is enabled.
      Workaround: Deactivate the Cloud Cache feature of FSLogix Office Container.

    • [2624048] Sometimes, the applications that are packaged using App Volumes versions older than 2.18.2 have many redundant firewall rules. These rules can impact the end-user login time on agent computers where the application package is deployed. This issue is fixed in App Volumes 2.18.2 and later.
      Workaround: If you are migrating an application package created in an App Volumes version earlier than 2.18.2 with such an issue, repackage the application after migrating to the target version.

    • [2845852] When a remote printer is defined on a UIA+Profile Writable Volume and the printer is attached to its print server through a USB interface, the printer definition on the Writable Volume might get deleted on the next non-persistent logon.
      Workaround:
      On the system volume, add the following two scripts to %SVAgent%\Config\Custom\uia_plus_profile :
      OnPreLoadApp.bat: sc config spooler start= disabled net stop spooler
      OnPostEnableApp.bat: sc config spooler start= auto net start spooler
      If you already have the same script names on the Writable Volume, add the spooler commands to the scripts.
      When a script is present on a Writable Volume and in the system volume at %SVAgent%\Config\Custom\uia_plus_profile, App Volumes agent runs the script present on the Writable Volume and ignores the script on the system volume. To ensure that the App Volumes agent runs both scripts, you can add the following to the script on the Writable Volume:
      if exist "%SVAgent%\Config\Custom\uia_plus_profile%nx0" ("%SVAgent%\Config\Custom\uia_plus_profile%nx0")

    • [2115593] A Writable Volume move or copy operation might fail when bulk operations are performed on many volumes.
      Workaround: Retry the move or copy operation.

    App Volumes Documentation

    • For information about how to install, deploy, and upgrade Omnissa App Volumes see Omnissa App Volumes Installation Guide.
    • For information about how to configure and use Omnissa App Volumes see Omnissa App Volumes Administration Guide.

    Omnissa App Volumes documentation is available at Omnissa Product Documentation.

    Internationalization

    App Volumes content is available only in English.

    Support Contact Information

    To receive support, access Customer Connect.
    To file a Support Request in Customer Connect and via Cloud Services Portal, see How to file a Support Request in Customer Connect and via Cloud Services Portal -6000005.

    Original source
  • Jun 9, 2026
    • Date parsed from source:
      Jun 9, 2026
    • First seen by Releasebot:
      Jun 11, 2026
    Omnissa logo

    Omnissa

    Omnissa dux 3.1.1 Release Notes

    Omnissa releases DUX 3.1.1 with APT repository support for Ubuntu and Debian, making installation and upgrades easier through standard commands. The release also notes Workspace ONE UEM Console 2410 or later as a minimum requirement and reports no major bug fixes or notable known issues.

    Omnissa dux 3.1.1 Release Notes lists New Features, Resolved Issues and Known Issues for this release.

    New Features

    • DUX is now available via APT repository

    DUX packages for Ubuntu/ Debian are now available through the Omnissa public APT repository at packages.omnissa.com. Once the repository is configured, administrators can install and upgrade DUX using standard APT commands.

    Navigate to the README file for more information.

    Minimum Requirements

    • Workspace ONE UEM Console 2410 or later

    Resolved Issues

    We are always working to improve dux with every release. There are no major bug fixes to report.

    Known Issues

    We have not identified any notable known issues in this release. If you are facing any problems, feel free to reach out to our support team.

    Supported Operating Systems

    • Linux: Centos Stream 9, AlmaLinux 9, and other RHEL-compatible distributions, Ubuntu/ Debian-based distributions
    • macOS 15+
    • Windows 10+

    Documentation

    Documentation for dux is located at Omnissa Product Documentation.

    Support Contact Information

    To receive support, either submit a ticket through the Customer Connect portal or call your local support line. See Omnissa Support Phone Numbers (6000004) and Omnissa Customer Connect FAQs.

    Original source
  • Jun 8, 2026
    • Date parsed from source:
      Jun 8, 2026
    • First seen by Releasebot:
      Jun 10, 2026
    Omnissa logo

    Omnissa

    Workspace ONE Assist 26.04 - June 2026 (SaaS Only)

    Omnissa releases Workspace ONE Assist updates with clearer admin identity in the Assist Agent, new Assist Experience Controller options for macOS and Android, grayscale mode for low-bandwidth sessions, and Linux screen sharing, plus multiple Android, macOS, and Windows fixes.

    Workspace ONE® Assist allows Workspace ONE® UEM administrators to remotely access and troubleshoot devices in real time while respecting end-user privacy.

    Workspace ONE Assist Release Notes describe the new features and enhancements in each release. This page contains a summary of the new capabilities, issues that have been resolved, and known issues that have been reported in each release over the last 18 months.

    New Features

    • Enhanced Assist Agent: Displaying Admin/Helpdesk info (All platforms)

    In this release, we are introducing an improvement to the Assist Agent that replaces the generic “Administrator” label with the actual name of the admin or helpdesk personnel assisting the user. If the name isn’t available, the email ID will be displayed. This ensures clearer, more personalized support interactions.

    • Introducing Assist Experience Controller – (macOS and Android) Full Control for Screen Share Sessions

    In this release, we are excited to introduce Assist Experience Controller, a feature for console users to optimize remote sessions in real time.

    • Speed, Balanced and Custom modes: Choose the mode that fits your session. Speed for performance, Balanced for default optimization, or Custom for full control.

    • Resolution Picker: (macOS Only) Adjust the remote device’s screen resolution to balance clarity and performance for the duration of the Assist session.

    • Image Scaling: Improve performance during low bandwidth connections by scaling images for a faster, more responsive remoting experience.

    • Introducing Grayscale Mode – Optimized Screen share sessions in Low Bandwidth use cases (macOS and Android)

    In this release, we are excited to introduce Grayscale Mode, giving console users more ways to optimize remote sessions when network conditions are limited. Easily switch between color and grayscale anytime during a session.

    • Screen Share Capabilities for Linux (Limited Availability)

    In this release, we are introducing screen sharing capabilities for Linux in the Assist Agent. Admins and helpdesk personnel can now view and control Linux devices in real time during an Assist session, enabling more effective troubleshooting and support.

    Resolved Issues

    • AET-23372: Android - Screen Capture issue on reboot during session.
    • AET-23153: Android - Multi-monitor issue in Zebra for Android 14.
    • AET-23049: Android - Proxy configuration for cellular network.
    • AET-22156: Android - Screen share issue in Spectralink (Android 10 OS).
    • AET-23045: Android - Device capture not loading until the session is reconnected or waiting for 10+ seconds.
    • AET-23005: macOS - Permissions reset with v25.11.
    • AET-24068: macOS - WS1 Remote Assist performance issues for macOS devices.
    • AET-22697: macOS - Image is scrambled on macOS with 25.11 when the session is started on Safari.
    • AET-22992: Windows - Resolution does not revert to the default value after ending the session.
    • AET-23393: Windows - Admin is unable to open the taskbar and hidden controls during the session.
    • AET-22985: Windows - Assist Configuration failures for certain InvariantCulture languages.

    Known Issues

    • AET - 24090: Windows - Ending the session after a resolution change, and device recovery does not restore the resolution to its original value.
    • AET - 23843: Windows - After resolution changes in a session, connecting or disconnecting a monitor setup results in a decoder error and a gray screen during capture.
    Original source
  • Jun 8, 2026
    • Date parsed from source:
      Jun 8, 2026
    • First seen by Releasebot:
      Jun 10, 2026
    Omnissa logo

    Omnissa

    Workspace ONE Assist 26.04 - June 2026

    Omnissa releases Workspace ONE Assist for Windows Desktop with clearer agent identity in remote support, plus fixes for session resolution, taskbar controls, and configuration issues, and notes on current known issues.

    Omnissa Workspace ONE® Assist allows Omnissa Workspace ONE® UEM administrators to remotely access and troubleshoot devices in real time while respecting end-user privacy.

    Workspace ONE Assist for Windows Desktop Release Notes describe the new features and enhancements in each release. This page contains a summary of the new capabilities, issues that have been resolved, and known issues that have been reported in each release over the last 18 months.

    Workspace ONE Assist 26.04 - June 2026

    New Features

    • Enhanced Assist Agent- Displaying Admin/Helpdesk info

    In this release, we are introducing an improvement to the Assist Agent that replaces the generic “Administrator” label with the actual name of the admin or helpdesk personnel assisting the user. If the name isn’t available, the email ID will be displayed. This ensures clearer, more personalized support interactions.

    Minimum Requirements

    Listed are the minimum requirements:

    • Workspace ONE Assist Console 26.04
    • Workspace ONE Intelligent Hub 24.10 or later
    • Workspace ONE UEM console 2410 or later
    • A Microsoft supported Semi-Annual Channel Windows 11 Version 24H2 and Windows 10 and 11 LTSC Versions 2019/2021/2024
    • Nvidia, AMD and Intel Graphic chipsets
    • 64-bit processors (x86/x64 instruction set)
    • Latest versions of Chrome, Edge, Firefox (Limited support), or Safari browsers

    Resolved Issues

    • AET-22992: Resolution does not revert to the default value after ending the session
    • AET-23393: Admin is unable to open the taskbar and hidden controls during the session
    • AET-22985: Assist Configuration failures for certain InvariantCulture languages

    Known Issues

    • AET-24090: Ending the session after a resolution change, and DR does not restore the resolution to its original value
    • AET-23843: After resolution changes in a session, connecting or disconnecting a monitor setup result in a decoder error and a gray screen during capture
    Original source
  • Jun 3, 2026
    • Date parsed from source:
      Jun 3, 2026
    • First seen by Releasebot:
      Jun 5, 2026
    Omnissa logo

    Omnissa

    Workspace ONE Launcher 26.05

    Omnissa releases Workspace ONE Launcher 26.05 with more admin control over settings and home screen options, optional logout on reboot, improved docking actions for inactivity enforcement, and fixes for organization group changes and Honeywell permissions.

    Workspace ONE Launcher Release Notes provides information on the new features and improvement in each release. This page includes summaries of the new features, resolved, and known issues reported in the latest version.

    Workspace ONE Launcher 26.05

    New Features

    • Granular Settings Control in Launcher: Admins can now choose which Launcher Settings items are shown to users. This allows admins to curate the settings list to match their workflow and limit exposure to only the options users need.
    • Optional Logout on Device Reboot: To improve device security, admins can now configure Launcher to automatically log out the active user when a device reboots instead of suspending the session. This helps shared devices return to a secure state after restart.
    • Hide the “For You” Page from Launcher: Admins can now hide the “For You” page entry point from Launcher. For organizations that do not use this experience, this provides more Home screen real estate and limits access to unused parts of the application.
    • Hide the “Log Off” Button in Launcher Settings: Admins can now hide the “Log Off” button from Launcher Settings. This is useful for organizations using third-party login and logout workflows, such as Imprivata MDA, where exposing a separate Launcher logout action could disrupt the intended workflow.
    • Docking Event Action Enhancement for Inactivity Enforcement: Launcher now includes an enhancement to docking event actions. Previously, admins could log out a user when a device was docked. With this update, admins can instead invoke the previously configured inactivity rules, helping secure the device while maintaining the user session.

    Minimum Requirements

    • Android 8.0 or later
    • Workspace ONE Intelligent Hub 20.09 for Android
    • For Toggling Wi-Fi minimum version is 22.08
    • For Launcher Wi-Fi screen is 22.09
    • Workspace ONE UEM Console 2410 or later

    Resolved Issues

    • ALAU-174689: Fixed an issue where Launcher did not honor the Change Organization Group command when the device was in a checked-in state.
    • ALAU-174536: Fixed an issue where auto-granted Honeywell permissions were not consistently honored inside Launcher.

    Known Issues

    There are no known issues to report with this release.

    Original source
  • Jun 2, 2026
    • Date parsed from source:
      Jun 2, 2026
    • First seen by Releasebot:
      Jun 3, 2026
    Omnissa logo

    Omnissa

    Workspace ONE Tunnel 26.03 - May 2026

    Omnissa releases Workspace ONE Tunnel for Windows with native ARM64 support, new default tunnel behavior, and new bypass rules for IPs, CIDRs, and FQDNs. The update also fixes DNS and DTR parsing issues and notes current platform requirements and known limitations.

    Omnissa Workspace ONE Tunnel for Windows Release Notes describe the new features and enhancements in each release. This page contains a summary of the new capabilities, issues that have been resolved, and known issues that have been reported in each release over the last 12 months.

    Workspace ONE Tunnel 26.03 - May 2026

    New Features

    ARM64 Support

    Introducing a native ARM64 build for Windows, enabling support for ARM‑based devices alongside x86‑64 systems.

    Updates to Default Behavior
    • The toggle Tunnel option is now enabled by default. Users have the option to Enable and Disable Tunnel on-demand. Use the ToggleTunnelFeature KVP to manage this setting.
    • ApplyDnsToTunnelInterfaceOnly is now set to True by default.
    Introducing New KVPS to always exclude specified IPs, CIDRs, and FQDNs from Tunnel management

    With TUN mode, Workspace ONE Tunnel routes traffic through the ws1tun virtual adapter. In environments where other XDR and SSE agents also intercept network traffic, administrators can now explicitly define IPs, CIDRs, and FQDNs that always bypass the Tunnel interface. This may be useful to bypass endpoints that are in use by other agents on the device and reduce risk of conflicts where multiple agents compete to inspect or route the same traffic.

    • KVP : BypassInterfaceRoutes
      • Specifies network routes that should always bypass the Tunnel interface.
      • Accepted Value: IP and CIDR - comma separated.
      • By default, the Tunnel Interface is set to 0.0.0.0.
    • KVP : BypassInterfaceFqdns
      • Specifies FQDNs that should always bypass the Tunnel interface.
        Note: This is independent of the ExcludeFQDN KVP.

    Minimum Requirements

    • Windows 10 or later
    • .NET Framework 4.8.1
    • Workspace ONE UEM Console 2410+
    • Omnissa Unified Access Gateway 2406+ | Workspace ONE Tunnel Container 24.12+

    Resolved Issues

    Note

    The numbers included before the resolved issues are used for internal issue tracking.

    • PPAT-20857: DTR parsing now gracefully skips unrecognized entries and continues processing remaining rules.
    • PPAT-21353: Tunnel client did not parse additional records included in SRV DNS responses.
    • PPAT-21434: DNS cache is not flushed on connection reset.

    Known Issues

    • Standalone enrollment mode does not support in-place upgrades from the previous version of Tunnel. Please unenroll and uninstall the previous client before re-enrolling with the new 25.08 or later client. Seamless in-place upgrade support is planned for a future release. Any unenrollment requires uninstalling the Tunnel client to restore network access.
    • App Integrity Checking is not supported in this version. Support is planned for a future release.
    Original source
  • Jun 1, 2026
    • Date parsed from source:
      Jun 1, 2026
    • First seen by Releasebot:
      Jun 3, 2026
    Omnissa logo

    Omnissa

    Zebra MX Service v6.7 for Android- June 2026

    Omnissa Zebra MX Service for Android release notes highlight a new June 2026 update with an updated Target SDK 37 and refreshed minimum requirements for supported Android, Stage Now, Workspace ONE Intelligent Hub, and Workspace ONE UEM Console versions.

    Zebra MX Service for Android Release Notes

    Zebra MX Service for Android Release Notes provide information on the new features and improvement in each release. This page includes a summary of the new features, resolved, and known issues reported in the latest version.

    Here are the release notes included in this document:

    • Zebra MX Service v6.7
    • Zebra MX Service v6.6
    • Zebra MX Service v6.5
    • Zebra MX Service v6.4
    • Zebra MX Service v6.3
    • Zebra MX Service v6.2
    • Zebra MX Service v6.1
    • Zebra MX Service v6.0

    Zebra MX Service v6.7 for Android- June 2026

    New Features

    • Updated Target SDK to 37

    Minimum Requirements

    • Zebra Android device running Android 8.0 or later
    • Stage Now enrollment requires Android 8.0 and MX 8.1 or later
    • Workspace ONE Intelligent Hub 24.05 for Android
    • Workspace ONE UEM Console 2410 or later

    Resolved Issues

    We are always working to improve the Zebra MX Service application. There are no major bug fixes reported with this version.

    Known Issues

    We are always working to improve the Zebra MX Service application. There are no known issues reported with this version.

    Original source
  • Jun 1, 2026
    • Date parsed from source:
      Jun 1, 2026
    • First seen by Releasebot:
      Jun 3, 2026
    Omnissa logo

    Omnissa

    Omnissa Access Connector 26.05

    Omnissa releases Access Connector 26.05 with stronger password change support, including alternatePrefix@alternateSuffix, improved connector resiliency with auto-restart on WebSocket failures, and security and software currency updates. It also expands compatibility with Windows Server 2025 and broader integration support.

    What’s New

    The 26.05 release includes several enhancements to improve compatibility, resiliency, security, and integration capabilities.

    • Enhanced password change support: The Allow Change Password feature, which enables users to change their Active Directory passwords from Workspace ONE Intelligent Hub, now supports the alternatePrefix@alternateSuffix format, enabling greater flexibility in identity configurations
    • Enhanced connector resiliency: Improved stability in scenarios involving WebSocket communication failures through an auto-restart mechanism, reducing manual intervention and improving reliability
    • Security and software currency updates

    Before You Begin

    Compatibility

    Omnissa Access Service

    Omnissa Access Connector 26.05 is compatible with:

    • Omnissa Access Cloud
    • Omnissa Access FedRAMP
    • Omnissa Access on-premises virtual appliance version 24.12.1.0 with the latest patch listed in Knowledge Base article 6001156. The minimum required patch is HW-261052-Appliance-24.12.1.0.zip.
    Windows Servers

    Omnissa Access Connector 26.05 can be installed on the following versions of Windows Server:

    • NEW - Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    Directory Servers

    Omnissa Access Connector 26.05 supports the following directory servers with the Directory Sync service:

    • Active Directory - Windows Server 2025, Windows Server 2022, Windows Server 2019, and Windows Server 2016, with a Domain functional level and Forest functional level of Windows 2008 and later.

    Omnissa Access supports a single Active Directory domain, multiple domains in a single AD forest, or multiple domains across multiple AD forests.

    • OpenLDAP - 2.5.14
    • Oracle LDAP - Directory Server Enterprise Edition 11g, Release 1 (11.1.1.7.0)
    • IBM Tivoli Directory Server 6.3.1
    Virtual Apps Compatibility

    Omnissa Access connector 26.05 supports Omnissa Horizon®, Omnissa Horizon® Cloud Service, Citrix, and Omnissa ThinApp integrations with the Virtual App service.

    This version of the connector is compatible with Horizon 8 version 22.12 and later.

    The following versions of Citrix are supported: Citrix Virtual Apps and Desktops 7 2203, Citrix Virtual Apps and Desktops 7 1912 LTSR, XenApp and XenDesktop 7.15 LTSR, and XenApp and XenDesktop 7.6 LTSR. The following versions of Citrix Gateway are supported: 12.1-62.27, 12.1-65.25, and 13.1-37.38. The connector supports the Citrix StoreFront API and does not support the Citrix Web Interface SDK.

    Compatibility Matrix

    For the latest compatibility information, see the Omnissa Product Interoperability Matrix.

    Installation

    Download Omnissa Access Connector from the Omnissa Access Connector Download page.

    For installation instructions, see Installing Omnissa Access Connector.

    Upgrade

    Upgrade to Omnissa Access connector 26.05 is supported from the following versions:

    • 24.12.1.0
    • 24.12.0.0

    Note: To upgrade from earlier versions, first upgrade to one of the versions listed above, then upgrade from that version to version 26.05.

    Guidelines for upgrade
    • You must generate a new es-config.json configuration file from the Omnissa Access console and use it for the upgrade and after, instead of using the existing file. This is a new requirement for this version of the connector. The es-config.json establishes the connection between the Omnissa Access service and the connector.
    • Make a note of any custom settings in your existing installation, such as proxy servers, syslog servers, and certificates. You will need to configure these settings and upload certificates again during or after upgrade. See Install the Omnissa Access Connector for the complete list of custom settings. Additionally, if you updated the Java memory for any of the services, make a note of the setting as you will need to configure it again after upgrade.

    For upgrade instructions, see Upgrading Omnissa Access Connector.

    Known Issues

    This release has the following known issues:

    Known Issue: For the Enable Change Password option that allows users to change their Active Directory passwords from Workspace ONE Intelligent Hub, the UPN format alternativePrefix@alternativeSuffix is supported only for password change after login. It is not supported for password reset.

    Users will be able to change their password after they log in to Intelligent Hub but they will not be able to reset their password from the login page.

    Documentation

    • Omnissa Access Connector
    • Omnissa Access

    Localized Content

    See KB article 6000664: Announcing Omnissa Localization Support for information about localized content.

    Support Contact Information

    Contact Support at Omnissa Customer Connect when you need help with your Omnissa Access environment. See How to file a Support Request in Customer Connect and via Cloud Services Portal.

    Original source
  • May 31, 2026
    • Date parsed from source:
      May 31, 2026
    • First seen by Releasebot:
      Jun 1, 2026
    Omnissa logo

    Omnissa

    Workspace ONE PIV-D Manager 25.11.2 - May 2026

    Omnissa releases Workspace ONE PIV-D Manager 25.11.2 with bug fixes and stability improvements, alongside updated minimum requirements for iOS and iPadOS 16 or later and Workspace ONE UEM Console 2410 or later.

    Workspace ONE UEM PIV-D Manager for iOS Release Notes describes the new features and enhancements in each release. This page contains a summary of the new capabilities, issues that have been resolved, and known issues that have been reported in each release over the last 12 months.

    Workspace ONE PIV-D Manager 25.11.2 - May 2026

    • New Features
    • Minimum Requirements
    • Resolved Issues
    • Known Issues

    New Features

    • Bug fixes and implemented stability improvements.

    Minimum Requirements

    • The following are the Minimum Requirements for Workspace ONE PIV-D Manager 25.11.2
      • iOS 16 or later
      • iPadOS 16 or later
      • Workspace ONE UEM Console 2410 or later
      • Workspace ONE UEM Console 2410 or later for standalone enrollment

    Resolved Issues

    • We are always working to improve PIV-D Manager with every release. There are no known issues to report.

    Known Issues

    • We haven’t identified any notable known issues in this release. If you’re facing any problems, feel free to reach out to our support team.
    Original source
  • May 27, 2026
    • Date parsed from source:
      May 27, 2026
    • First seen by Releasebot:
      May 29, 2026
    Omnissa logo

    Omnissa

    Omnissa Identity Service | MAY 2026

    Omnissa Identity Service adds Google Workspace integration for automated user provisioning and SSO, expands SCIM 2.0 migration options across cloud identity providers, and improves identity management with common identifier selection, user notification settings, and broader workspace support.

    Omnissa Identity Service | MAY 2026

    Check for additions and updates to these release notes.

    Urgent Notification regarding legacy Domain End of Service

    As part of the migration from legacy VMware owned domains to Omnissa owned domains, customers’ network and security teams must make firewall changes to allow access to the new Omnissa owned domains by June 15th, 2025, to prepare and not block the new Omnissa domain network requests in upcoming product and service updates. This also impacts any API driven tasks or automation tasks created. Please see KB6000840 for more information.

    What’s New in May 2026

    Omnissa and Google Workspace Integration for New Environments

    You can now connect Omnissa Identity Service directly to Google Workspace to automate user lifecycles and enable seamless federated authentication.

    What’s Supported

    • Automated Provisioning (SCIM): Real-time, one-way sync from Google to Omnissa Identity Service. This automatically creates, updates, deletes, activates, and deactivates users to eliminate manual overhead and secure your perimeter.
    • Single Sign-On (SAML): Users log into Omnissa services instantly using their existing Google Workspace credentials.

    Current Limitations

    • No Groups: Google Workspace does not support SCIM group provisioning, so sync is limited to individual users.
    • Protocols: Built strictly on SAML. OpenID Connect (OIDC) and Workspace ONE UEM Password Grant flows are not supported.
    • Migration to Google Workspace from your current Workspace ONE UEM and Omnissa Access integrations is not yet supported.

    Setup Guides

    • Omnissa: Integrating Omnissa Identity Service with Google Workspace
    • Google: Google Workspace Help Center App Integration Guide

    What’s New in March 2026

    Migration to SCIM 2.0 for Workspace ONE UEM customers with Omnissa Access configured (Limited Availability)

    Omnissa Identity Service now supports directory migration from on-premises Active Directory to cloud Identity Providers supporting SCIM 2.0 for existing customers with Workspace ONE UEM and Omnissa Access configured.

    This feature allows organizations to centralize identity management, eliminate on-premises dependencies, and streamline user provisioning and authentication.

    This feature has been added to the Limited Availability program. Use the Omnissa Beta Program to check requirements and apply.

    Key Benefits for Workspace ONE UEM and Omnissa Access Customers

    • Cloud-Native Provisioning: Provision users and groups from your cloud IDP to Workspace ONE UEM using SCIM 2.0, replacing legacy Active Directory sync.
    • No On-Premises Components: Eliminate the need for AirWatch Cloud Connector and Omnissa Access Connector for authentication and user sync.
    • Centralized Management: Manage users and groups from Omnissa Connect, a unified web-based portal for all Omnissa services.
    • Federated Authentication: Enable seamless SSO into Omnissa services using your cloud IDP as the identity provider.

    Migration Process

    The migration process is guided by a wizard in Omnissa Connect and includes:

    • Completing prerequisites (such as IDP setup and attribute mapping)
    • Integrating your cloud IDP with Omnissa Identity Service
    • Comparing directory data between Workspace ONE UEM, Omnissa Access, and Omnissa Identity Service
    • Executing the migration in stages (authentication switch, provisioning cutover)

    Minimum downtime is expected during the migration.

    Unsupported Features and Limitations

    Before migrating, review the following limitations:

    • No Rollback: Once provisioning is migrated to Omnissa Identity Service, rollback to Active Directory is not possible.
    • Immutable externalId: For Microsoft Entra ID, the externalId in Entra ID must match the original Active Directory value.
    • Feature Gaps- Workspace ONE UEM: Some Workspace ONE UEM features are not supported post-migration. See the Unsupported Features list for details.
    • Feature Gaps - Omnissa Access: Features that are not supported post-migration include the following.
      • Local users and administrators
      • Dynamic groups
      • Directory administrators (administrators are provisioned from Omnissa Connect)
      • Password (cloud deployment) and Password (Local Directory) authentication methods
      • People Search

    See the Unsupported Features list for more information.

    • Sync via Airwatch Provisioning Adapter from Omnissa Access to Workspace ONE UEM is not supported.

    Learn More

    For detailed setup instructions, prerequisites, and best practices, see the documentation:

    • Migrating Directories to Omnissa Identity Service (Limited Availability)
    • Workspace ONE UEM: Omnissa Identity Service with Directory Services

    What’s New in January 2026

    Okta and generic SCIM Identity Provider migration to Omnissa Identity Service (Limited Availability)

    Omnissa Identity Service (OIS) now extends Workspace ONE UEM directory migration support beyond Microsoft Entra ID to include Okta and generic SCIM 2.0–compliant identity providers, enabling Workspace ONE UEM customers to modernize identity architectures using their existing cloud IDPs. This enhancement allows organizations to migrate away from on-premises Active Directory while preserving their preferred identity provider for user lifecycle management and authentication.

    This feature is in Limited Availability. Use the Omnissa Beta Program to review requirements and apply for access.

    Key Benefits for Workspace ONE UEM Customers

    • Cloud-Native Provisioning: Provision users and groups from Okta or a generic SCIM IDP into Workspace ONE UEM using SCIM 2.0, replacing legacy Active Directory–based synchronization.
    • No On-Premises Components: Eliminate the need for AirWatch Cloud Connector and other on-premises directory infrastructure.
    • Centralized Identity Management: Manage users, groups, and directory integrations from Omnissa Connect, a unified web-based portal for all Omnissa services.
    • Federated Authentication: Enable seamless single sign-on (SSO) into Omnissa services using Okta or a supported SCIM-based identity provider as the authentication source.

    Migration Process

    The migration experience is guided by a wizard in Omnissa Connect and follows a consistent framework across supported identity providers. The staged approach is designed to minimize disruption, with minimal expected downtime during the migration window.

    Note: By default, an email notification is sent to users when they are provisioned into Workspace ONE UEM through Omnissa Identity Service. You can customize or disable this notification. For details, see Workspace ONE UEM Directory Services Configuration for information.

    Unsupported Features and Limitations

    Before migrating, review the following limitations:

    • Omnissa Access Integration: If any directories or identity providers are configured in Omnissa Access, migration is not supported. Migration scenarios involving Workspace ONE UEM plus Access will be supported in a future release.
    • No Rollback: Once provisioning is migrated to Omnissa Identity Service, rollback to the previous directory (Active Directory or legacy sync) is not supported.
    • Immutable External Identifier: The SCIM externalId provided by Okta or the generic IDP must remain immutable and must match the existing directory identifier in Workspace ONE UEM.
    • Feature Gaps: Some Workspace ONE UEM directory-dependent features are not supported post-migration. Review the Unsupported Features list before proceeding.

    Learn More

    For detailed setup instructions, prerequisites, and best practices, see the following documentation:

    • Migrating Directories to Omnissa Identity Service (Limited Availability)
    • Integrating Omnissa Identity Service with Okta
    • Integrate Omnissa Identity Service with a Generic Identity Provider
    • Workspace ONE UEM: Omnissa Identity Service with Directory Services

    Ability to select common identifier during migration to Omnissa Identity Service

    Omnissa Identity Service now supports using an attribute other than distinguishedName as the unique, common identifier to match existing Workspace ONE UEM users and groups with those synced from your cloud identity provider. You can select the common identifier during Step 1: Complete Directory Prerequisites of the migration process. This feature is available for all supported cloud identity providers.

    What’s New in December 2025

    Support for Workspace ONE UEM Basic users in new environments

    Omnissa Identity Service now supports Workspace ONE UEM Basic user accounts in Identity Service-integrated Workspace ONE UEM environments, extending the support to new organizations. Previously, Workspace ONE UEM Basic user accounts were supported only in migration environments.

    To use this feature, enable the Basic user authentication for UEM option in Step 4: Select Authentication Protocol of the Omnissa Identity Service integration wizard. When this option is selected, federated users are authenticated by the third-party identity provider, while Basic users are authenticated by Workspace ONE UEM Basic user authentication.

    For more information, see Configuring Authentication for Workspace ONE UEM Basic Users.

    Extension of Platform SSO support in Workspace ONE environments with user sync through Identity Service (SCIM 2.0)

    We are now extending support for Workspace ONE UEM to configure Platform SSO using Omnissa Access as an IdP for environments that sync users and groups via SCIM 2.0 with Identity Service.

    Administrators use Workspace ONE UEM to configure and manage Platform SSO, deploying the necessary profiles and settings to Macs. Platform SSO extends single sign-on directly to the macOS login, meaning the user’s IdP password becomes synchronized with their Mac password. It can facilitate the creation of local macOS user accounts directly from the IdP and can also synchronize IdP password policies and enforce them on the local password.

    Note: Omnissa Identity Service must be integrated with a third-party identity provider that supports the OpenID Connect (OIDC) protocol.

    See Configuring Apple macOS Platform Single Sign-On with Omnissa Access for more information.

    Support for Horizon 8 SSO to Azure VMs joined to Entra ID

    Horizon 8 has added support for Single Sign-On to Entra ID-joined desktops and applications when the Windows client is launched using Omnissa Identity Service and Workspace ONE Access. Users are synced from Entra ID and authenticate through Omnissa Access. They can launch their Horizon desktops and applications without needing to re-enter Entra ID credentials inside the desktop. This streamlines access for environments built on Entra ID and gives on-prem organizations a smoother path when delivering Azure-based Horizon resources. See SSO to Microsoft Entra ID joined desktops and applications through Workspace ONE Access in the Desktops and Applications in Omnissa Horizon 8 documentation.

    What’s new in November 2025

    URL Migration Dashboard

    As part of the migration from legacy domains to Omnissa domains, URLs are being updated in Omnissa Access and Omnissa Identity Service for customers in selected cloud regions. These changes require you to update your integrations with Identity Providers. A Migration dashboard is available in the Identity Service admin console for impacted regions to guide you through the migration process.

    See KB article 6001062 for detailed information about the migration process and timeline.

    Action Required:

    1. Review KB article 6001062.
    2. In the Identity Service console, select Migration Support to access the Migration dashboard.
    3. Follow the instructions in the dashboard to complete the migration. See the KB article for additional information.

    IMPORTANT: We strongly encourage you to start migration as soon as possible. See KB article 6001062 for the cutover timeline.

    What’s New in September 2025

    Omnissa Identity Service opens in new tab

    You can now launch Omnissa Identity Service directly from the Omnissa Connect menu in a separate tab to manage end-user directory configurations and view details. In Omnissa Connect, select Identity Management > End User Management, then click Launch End User Management.

    Horizon 8 App Support

    Omnissa Identity Service now supports Omnissa Access integration with Horizon 8, enabling users to access virtual desktops and published applications:

    • Natively with Horizon Client
    • Through Workspace ONE Intelligent Hub

    This integration is only supported with Horizon 8 pods that have True SSO enabled.

    Additional attributes are required for the Omnissa Access integration with Horizon 8. For more information, see:

    • User Attribute Mapping for Omnissa Identity Service
    • Set up Your Omnissa Access Environment for Horizon Integration - Omnissa Access tenants that have Omnissa Identity Service enabled

    Note: If Okta is configured as the third-party identity provider in Omnissa Identity Service, Omnissa Access integration with Horizon 8 is not supported.

    What’s New in July 2025

    Active Directory Migration to Microsoft Entra ID (Limited Availability)

    Omnissa Identity Service (OIS) now supports directory migration from on-premises Active Directory to Microsoft Entra ID, enabling a modern, cloud-first identity architecture for Workspace ONE UEM customers. This feature allows organizations to centralize identity management, eliminate on-premises dependencies, and streamline user provisioning and authentication.

    This feature is in Limited Availability. Use the Omnissa Beta Program to check requirements and apply.

    Key Benefits for Workspace ONE UEM Customers

    • Cloud-Native Provisioning: Provision users and groups from Microsoft Entra ID to Workspace ONE UEM using SCIM 2.0, replacing legacy Active Directory sync.
    • No On-Premises Components: Eliminate the need for AirWatch Cloud Connector.
    • Centralized Management: Manage users and groups from Omnissa Connect, a unified web-based portal for all Omnissa services.
    • Federated Authentication: Enable seamless SSO into Omnissa services using Microsoft Entra ID as the identity provider.

    Migration Process

    The migration process is guided by a wizard in Omnissa Connect and includes:

    • Completing prerequisites (such as Entra ID setup and attribute mapping)
    • Integrating Microsoft Entra ID with Omnissa Identity Service
    • Comparing directory data between Workspace ONE UEM and Omnissa Identity Service
    • Executing the migration in stages (authentication switch, provisioning cutover)

    Minimum downtime is expected during the migration.

    Note: By default, an email notification is sent to users when they are provisioned to Workspace ONE UEM through Omnissa Identity Service. You can customize the email or turn off the notification. See Workspace ONE UEM Directory Services Configuration for information.

    Unsupported Features and Limitations

    Before migrating, review the following limitations:

    • Omnissa Access Integration: If any directories or identity providers are configured in Omnissa Access, migration is not supported. Workspace ONE UEM plus Access migration will be supported in a subsequent release.
    • No Rollback: Once provisioning is migrated to Omnissa Identity Service, rollback to Active Directory is not possible.
    • Immutable externalId: The externalId in Entra ID must match the original Active Directory value.
    • Feature Gaps: Some Workspace ONE UEM features are not supported post-migration. See the Unsupported Features list for details.

    Learn More

    For detailed setup instructions, prerequisites, and best practices, see the documentation:

    • Migrating Directories to Omnissa Identity Service (Limited Availability)
    • Workspace ONE UEM: Omnissa Identity Service with Directory Services

    User Notification Settings for Users Provisioned to Workspace ONE UEM

    You can now configure whether end users receive an email notification when their accounts are provisioned in Workspace ONE UEM through Omnissa Identity Service. By default, a user activation email is sent upon provisioning. You can customize the email or turn off the notification. See Workspace ONE UEM Directory Services Configuration for information.

    What’s New in January 2025

    • Integration with Horizon Cloud Service Next-Gen
    • Move to Omnissa Connect

    Integration with Horizon Cloud Service Next-Gen

    Horizon Cloud can now leverage Omnissa Identity Service to integrate with Microsoft Entra ID to sync users and groups and configure federation for end users. Omnissa Identity Service is available as another identity provider option in Horizon Cloud Service next-gen, in addition to the existing identity provider options. The service is available for tenants with no previous Identity Management configuration in the Horizon Cloud Control Plane next-gen.

    In the Omnissa Connect console, select End User Management, configure the integration with Entra ID, select Horizon, and add the necessary information to your Horizon Cloud Control Plane next-gen to complete the integration.

    The following configuration is supported:

    • Microsoft Entra ID as the third-party identity provider integrated with Omnissa Identity Service
      Okta and generic SCIM 2.0 identity providers are not currently supported.
    • OpenID Connect as the authentication protocol
    • Enabling Intelligent Hub
      However, the Enforce Intelligent Hub setting, which forces users to access their apps through Intelligent Hub, is not currently supported.

    For more information, see:

    • Configuring User Provisioning and Identity Federation with Omnissa Identity Service
    • Using Horizon Control Plane next-gen - Horizon Cloud Service and Cloud-Connected Horizon 8

    Move to Omnissa Connect

    Omnissa Identity Service is now part of Omnissa Connect, a new web-based service that provides a centralized access point for all Omnissa services and solutions. In the Omnissa Connect console, select End User Management in the left pane to access and configure Omnissa Identity Service.

    Your existing Omnissa Identity Service configuration has not changed with the move from Workspace ONE Cloud Admin Hub, the Workspace ONE Cloud console, to Omnissa Connect.

    For more information, see:

    • Omnissa Connect: Designed to simplify your digital workspace
    • Omnissa Connect documentation
    • Omnissa Identity Service documentation

    What’s New in December 2024

    • New provisioning app for Okta integration
    • New Status tab for provisioning errors

    New provisioning app for Okta integration

    We are excited to announce the availability of a new provisioning app, the Omnissa Identity Service app, in the Okta Integration Networks App catalog! The app makes it easier for you to set up user provisioning from Okta to Omnissa by including preconfigured settings.

    To get started with your provisioning app, search for “Omnissa Identity Service” in the Okta App catalog, then select the app.

    Read more about how to integrate Omnissa Identity Service with Okta in the Identity Service documentation.

    New Status tab for provisioning errors

    You can now use a new Status tab to monitor real-time provisioning errors. The tab displays information about the provisioning status from Omnissa Identity Service to the services that you selected to use with it (Workspace ONE UEM or Access), as well as error details for user, group, and membership objects.

    We have also added an error banner on the Identity Service summary page that displays the total error count across downstream services.

    For example:

    What’s New in September 2024

    Password Grant Flows

    When an Omnissa Workspace ONE® UEM tenant is integrated with Omnissa Identity Service, end users are redirected to your Identity Provider (IdP) for SAML authentication when enrolling or checking out devices. A SAML-redirection is not possible on the device or client in some authentication flows. The Password Grant Flow feature, when enabled, allows SCIM-provisioned users to authenticate against your IdP when SAML-redirection is not available. Additionally, it enables certain basic user authentication flows. See Support for Certain Workspace ONE UEM Username and Password-based Flows for details of these flows. Also see Configure Workspace ONE UEM Settings for Omnissa Identity Service for information on how to configure the new Password Grant setting.

    What’s New in April 2024

    SAML Authentication Context for Generic Identity Provider Integrations

    If you integrate a generic SAML 2.0 identity provider with Omnissa Identity Service and select SAML as the authentication protocol, you can now choose between the following authentication context types: unspecified, PasswordProtectedTransport, or a custom value.

    The authentication context indicates how a user is authenticated at an identity provider. The identity provider includes the authentication context in an assertion at the request of a service provider or based on the configuration at the identity provider.

    Note: You can change the authentication context for existing configurations.

    What’s New in February 2024

    Ability to deactivate Omnissa Identity Service from the console

    We’ve now made it possible for you to deactivate Omnissa Identity Service from the Workspace ONE Cloud console. After deactivating Omnissa Identity Service, you can set up directory provisioning and federated authentication from Workspace ONE UEM and Omnissa Access directly. You might need to deactivate Omnissa Identity Service in the following scenarios:

    • Your use cases are not supported by Omnissa Identity Service.
    • You want to sync users and groups directly from Active Directory.
    • You want to configure directory services and identity federation in Workspace ONE UEM or Omnissa Access, instead of the Workspace ONE Cloud service.

    Here’s how you do it: Deactivating Omnissa Identity Service

    What’s New in December 2023

    • Omnissa Identity Service public APIs
    • Token expiry notification for administrators

    Omnissa Identity Service public APIs

    We are happy to announce the release of Omnissa Identity Service public APIs, bringing the power of automation to your Workspace ONE Cloud integration with cloud identity providers that use the SCIM 2.0 protocol.

    The following use cases are available for the API integration:

    • Configure a provisioned directory of users and groups using the System for Cross-domain Identity Management (SCIM 2.0) protocol.
    • Manage identity provider configuration for federated authentication into Omnissa products and services.
    • Leverage centralized user management and authentication for Omnissa Access and Workspace ONE UEM.

    You can create an OAuth 2.0 client in the Workspace ONE console to get API access to get started.

    To learn more about the new APIs, see Omnissa Identity Service APIs.

    Note: The Omnissa Identity Service APIs are available to new Omnissa Access or Workspace ONE UEM customers, and to existing customers that have already onboarded Omnissa Identity Service.

    Token expiry notification for administrators

    We now send notifications to administrators when the secret token used for directory synchronization is about to expire or has expired. Notifications are sent to the administrator by email and also appear as a banner in the Workspace ONE Cloud console.

    Administrators can opt out from receiving email notifications.

    What’s New in October 2023

    New Flow for Okta Integration with Workspace ONE Cloud

    We are excited to announce that a new Okta flow is now available in the Workspace ONE Cloud console to support integration with Okta! This flow makes it easier for you to provision users and groups from Okta to Workspace ONE Cloud and authenticate users using Okta. Prior to this release, Okta was tested and documented for the generic SCIM 2.0 Identity Provider flow.

    Get familiar with the new flow by reading Integrating Omnissa Identity Service with Okta in the Omnissa Identity Service documentation.

    Note: The Okta integration is available for new customers or customers that have already onboarded to Omnissa Identity Service.

    What’s New in June 2023

    Audit events for provisioning to downstream products and services

    Omnissa Identity Service introduces audit events to track successes and failures in pushing data from Workspace ONE Cloud to downstream products and services such as Workspace ONE UEM and Omnissa Access. Admins can use the audited information to identify, track, and debug provisioning-based issues. Audit events support filtering based on the object name, object type, downstream service, and errors. A detailed view of audit events provides error states.

    See Viewing Audit Events for Omnissa Identity Service for more information.

    What’s New in April 2023

    New provisioning app for Microsoft Entra ID integration

    We are excited to announce the availability of a new provisioning app in the Microsoft Entra App Gallery! The app makes it easier for you to set up user provisioning from Microsoft Entra ID to Omnissa Identity Service by including preconfigured settings.

    Read more about how to integrate Omnissa Identity Service with Microsoft Entra ID in the documentation.

    Introducing Omnissa Identity Service - January 2023

    We’re introducing a new service that makes user provisioning and identity federation easier for new customers of Omnissa Access and Workspace ONE UEM! You can now leverage Omnissa Identity Service to configure a provisioned directory of users and groups based on SCIM 2.0 in the Workspace ONE Cloud console. Omnissa Identity Service will then automatically provision the users and groups, as well as authentication settings, to your Workspace ONE UEM and Omnissa Access admin consoles.

    While integrating with your third-party identity provider, you confirm the user attributes to synchronize into Omnissa Identity Service.

    Take a look at some of the use cases:

    • Create and configure a provisioned directory of users and groups using the System for Cross-domain Identity Management (SCIM) 2.0 protocol.
    • Manage identity provider configuration for federated authentication into Omnissa products and services.
    • Leverage centralized user management and authentication across Omnissa products and services.

    Currently, Omnissa Identity Service supports Workspace ONE UEM and Omnissa Access for centralized user management and authentication from the Workspace ONE Cloud console for newly-created environments.

    Supported identity providers and directory sources:

    • Microsoft Entra ID, a cloud-based identity service in Microsoft Azure
    • Generic SCIM 2.0 identity source (tested for Okta)

    Important:

    • Omnissa Identity Service is only available for new Workspace ONE Cloud environments.
    • Omnissa Identity Service is not available for Managed Services Provider customers at this time.

    To get started with Omnissa Identity Service, log into your organization’s Workspace ONE Cloud Admin Hub, the Workspace ONE Cloud console, and select Accounts > End User Management.

    Click Get Started and use the wizard to set up the integration with your identity provider.

    Known Issues

    • Unsupported features

    When Omnissa Identity Service is enabled, some features are not supported in Omnissa Access, Workspace ONE UEM, Omnissa Workspace ONE® Hub Services, and Omnissa Workspace ONE® Intelligent Hub and portal. See Configuring User Provisioning and Identity Federation with Omnissa Identity Service for more information.

    • After you select a service such as Omnissa Access or Workspace ONE UEM to use with Omnissa Identity Service and save your selection, you cannot deselect it.

    Solution: Contact Support to reset the selection.

    • Deleting a user in Microsoft Entra ID does not delete the user from Omnissa Identity Service

    When you delete a user in Microsoft Entra ID, the account is suspended for a specific period of time before being deleted. The user is deactivated in Omnissa Identity Service, too, for that period of time. In Microsoft Entra ID, the username of the deleted user is also modified, and the changes are reflected in Omnissa Identity Service. See How Microsoft Entra ID Users are Deleted for more information.

    • Deleting user and group attribute values in Microsoft Entra ID does not delete the values in Omnissa Identity Service

    In Microsoft Entra ID, when you delete a user or group attribute value that was already synced to Omnissa Identity Service, the value is not deleted in Omnissa Identity Service and downstream services. Microsoft Entra ID does not propagate null values.

    Solution: Instead of clearing the value completely, enter a space character.

    • Okta integration requires two apps

    When you integrate Omnissa Identity Service with Okta, you must create separate apps in the Okta Admin console for user provisioning and identity provider configuration. You cannot use the same app for provisioning and authentication.

    • Login_hint feature does not work

    When you integrate a third-party identity provider with Omnissa Identity Service using the OpenID Connect protocol, the login_hint feature does not work. If the relying party sends a login_hint, Omnissa Identity Service does not pass it to the identity provider.

    • Deleting an attribute mapping in Microsoft Entra ID or Okta does not remove the attribute from users in Omnissa Identity Service

    When you delete an attribute mapping from the provisioning app in Microsoft Entra ID or Okta, the changes are not propagated to Omnissa Identity Service. The attribute is not deleted for users in Omnissa Identity Service and downstream services.

    Documentation

    See Configuring User Provisioning and Identity Federation with Omnissa Identity Service in the Omnissa Identity Service documentation site.

    Internationalization

    Omnissa Identity Service is available in the following languages:
    Czech, French, Polish, Simplified Chinese (China), Danish, Italian, Portugese, Chinese (Taiwan), German, Japanese, Russian, English, Korean, Swedish, Spanish, Dutch, Turkish

    To view the documentation in your preferred language, select the language icon at the top-right of the page.

    Localized Content for Omnissa Docs

    See KB article 6000664: Announcing Omnissa Localization Support for information about localized content.

    Support Contact Information

    Contact Support at Omnissa Customer Connect when you need help with your Omnissa Identity Service environment. See How to file a Support Request in Customer Connect and via Cloud Services Portal.

    Original source
Releasebot

Curated by the Releasebot team

Releasebot is an aggregator of official release notes from hundreds of software vendors and thousands of sources.

Our editorial process involves the manual review and audit of release notes procured with the help of automated systems.