We’ve just released the latest update to BlackBerry UEM 12.11. Among the many upgrades are Microsoft Azure Cloud, Microsoft Intune, BlackBerry Dynamics, and logging improvements. For more information about the release, refer to part 1 of the blog here.
Windows 10 Modern Management
- Support for Azure Active Directory Join: BlackBerry UEM now supports Azure Active Directory Join which allows a simplified MDM enrollment process for Windows 10 devices. Users can enroll their devices with UEM using their Azure Active Directory username and password.
- Windows Autopilot support: Azure Active Directory Join is also required to support Windows AutoPilot, which allows Windows 10 devices to be automatically activated with UEM during the Windows 10 out-of-box setup experience. Note: To enable automatic MDM enrollment with BlackBerry UEM during the Windows 10 out-of box setup, a UEM certificate must be installed on the device.
Microsoft Azure Cloud
Create an enterprise endpoint in Microsoft Azure Cloud: You can manage and deploy Intune-managed apps from the BlackBerry UEM management console when your environment is configured for Modern authentication.
Microsoft Intune app protection support enhancement: You can manage and deploy Intune managed apps from the BlackBerry UEM management console when your environment is configured for modern authentication.
Enroll Apple DEP devices using Apple Configurator: You can now use a static enrollment challenge to enroll multiple DEP devices using Apple Configurator.
Add public app source files as internal apps: You can now add BlackBerry Dynamics app source files from the public app stores as internal apps so that users can install the apps without connecting to the stores.
Link to specific apps: You can now send users a link or QR code that links directly to the app details page for specific BlackBerry Dynamics apps.
Enhancements for certificate enrollment using app-based PKI solutions: BlackBerry UEM has simplified certificate enrollment process for app-based PKI solutions such as Purebred. To use app-based certificates with BlackBerry Dynamics apps, the "Allow BlackBerry Dynamics apps to use certificate, SCEP profiles, and user credential profiles" check box no longer needs to be selected in the BlackBerry UEM Client.
Logging changes: The BlackBerry UEM administrator console includes the following changes for logging: You can now enable SQL logging, CAP payload logging, and HTTP payload logging. These options are available under Settings > Infrastructure > Logging.
- The Maximum device app audit log file size is now configured as a global setting instead of per instance. If you upgrade from a previous release, the maximum size is initially set to the minimum setting for any existing server instance.
- Component level logging is now supported for BlackBerry Proxy Service. You can enable logging for BlackBerry Proxy Service under Settings > Infrastructure > Logging, as well as the Server group and BlackBerry Connectivity Node default settings pages.
Trace logging option removed: The option to set logging level to Trace has been removed from Service logging override. You can set logging level to Info, Error, Warning, or Debug.
BlackBerry Proxy Service: Component level logging is now available for BlackBerry Proxy Service. You can enable logging for BlackBerry Proxy Service on the Server group and BlackBerry Connectivity Node default settings pages.
BlackBerry Connectivity app updates: The BlackBerry Connectivity app (version 18.104.22.1681) for Samsung KNOX Workspace and Android Enterprise devices does not include fixes or improvements, but the version number has been updated so that administrators can assign and update the app on devices. If enterprise connectivity is required, you are now required to use the BlackBerry UEM management console to add the BlackBerry Connectivity app as an internal app and assign it with a Required disposition to Samsung KNOX Workspace and Android Enterprise devices that don't have access to Google Play. For more information, visit support.blackberry.com/ community to read article 37299.
BlackBerry Web Services
Enabling access to the BlackBerry Web Services over the BlackBerry Infrastructure: If a web service client is outside of your organization’s firewall and it requires access to the BlackBerry Web Services APIs (REST or legacy SOAP), the client can connect to the APIs securely over the BlackBerry Infrastructure. For more information, see the Getting started page in the REST API reference and the “Access On-Premise UEM web service securely” example.
A UEM administrator must explicitly enable access to the BlackBerry Web Services APIs over the BlackBerry Infrastructure. An administrator can enable or disable this access in the management console in Settings > General settings > BlackBerry Web Services access.
Changes to the Planning and Installation and Upgrade content
Documentation changes: The Planning and Installation and Upgrade content have been reorganized for BlackBerry UEM version 12.11. The major changes are:
- A new “Preinstallation and preupgrade requirements” section in the Planning content consolidates information that was previously in several places in the Installation content. Most notably, the Preinstallation and preupgrade checklist has been removed from the Installation content and forms part of the new section.
- Information about ports has moved to the Planning content.
- Overview information about high availability has been consolidated into the Planning content. It was previously in the Installation content and the Configuration content.