What's new in BlackBerry UEM
BlackBerry UEM
What's new in UEM version 12.20 and UEM Cloud
UEM
version 12.20 and UEM Cloud
Feature | Cloud release date and on-prem version | Description |
---|---|---|
Compliance events view | June 2024 12.20 | This release introduces a new compliance events view in the management console that allows you to monitor and track the compliance events that UEM detects across iOS , Android , macOS , and Windows devices, including compliance events for CylancePROTECT Mobile features.For more information, see Monitor compliance events. |
CylancePROTECT Mobile enhancements | June 2024 12.20 |
|
New IT policy rules to manage iOS software updates | June 2024 12.20 | The "Automatically update device OS (supervised only)" IT policy rule has been added to the “Software updates” group on the iOS tab to provide new options to manage iOS software updates on devices. When you enable this rule, you can enable or disable the following sub-rules (enabled by default):
You can set the Update schedule to Immediate or you can specify the update schedule. The "Automatically update device OS (supervised only)" rule and sub-rules are supported for iOS devices with the MDM controls activation type.For more information, see the Policy reference spreadsheet. |
Schedule OS updates on supervised iOS devices | June 2024 12.20 | You can now schedule the date and time of OS updates for one or more supervised iOS devices.For more information, see Update the OS on supervised iOS devices. |
Include devices in a device group based on pending OS updates | June 2024 12.20 | When you add or make changes to a device group, you can specify the new device query option “Pending OS update age (days)” to include devices in the device group based on whether pending OS updates have not been installed within a specified number of days. For more information, see Parameters for device groups. |
Changes to IT policy rules for Android password complexity | June 2024 12.20 |
When users upgrade the UEM Client to version 12.44.0.157981 or later, if the device and work passwords do not meet the requirements set by an administrator in the IT policy, users will be prompted to set the device and work passwords according to the IT policy rules.For more information, see the Policy reference spreadsheet. |
Changes to compliance profiles | June 2024 12.20 |
For more information, see Create a compliance profile. |
New option when activating devices with Entra ID conditional access | June 2024 12.20 | The BlackBerry
Dynamics profile includes a new option that allows you to delay conditional access enrollment for a user until the Microsoft Authenticator app is installed on the user’s device.For more information, see Configuring BlackBerry UEM as an Intune compliance partner in Entra and BlackBerry Dynamics profile settings. |
Prevent screenshots in BlackBerry
Dynamics apps for iOS | June 2024 12.20 | If you want to prevent users from taking screenshots in BlackBerry
Dynamics apps on iOS devices, you can enable the new "Do not allow screenshots on iOS devices" option in the BlackBerry
Dynamics profile that is assigned to users.If a device user tries to take a screenshot in a BlackBerry
Dynamics app after this option is enabled, a blank image with the following message is saved instead: "Your organization prevents screenshots being taken within this app."This option is supported for BlackBerry
Dynamics apps that use BlackBerry Dynamics SDK 12.1 and later (apps released in June 2024 or later), and replaces the iOS screen capture detection rule in compliance profiles. BlackBerry recommends using the new profile setting and disabling the compliance rule. The compliance rule will be deprecated in a future UEM release.For more information, see BlackBerry Dynamics profile settings. |
Encrypt communication between UEM and Microsoft SQL
Server | 12.20 (on-prem only) | You can encrypt the connection and communication between UEM on-premises and Microsoft SQL
Server . By default, the connection is not encrypted.For more information, see Encrypt the connection between BlackBerry UEM and Microsoft SQL Server. |
Web proxy support for Android Enterprise devices that use BlackBerry Secure Connect Plus | June 2024 12.20 | Apps on Android Enterprise devices that use BlackBerry Secure Connect Plus can now use a web proxy server. You configure the web proxy using a proxy profile and select the proxy profile in the enterprise connectivity profile that you use to configure and enable BlackBerry Secure Connect Plus .For more information, see Android: Enterprise connectivity profile settings. |
Apple managed device attestation | June 2024 12.20 | You can now enable Apple managed device attestation to ensure that only authorized and uncompromised devices are being used in your organization. During attestation, the device's properties (for example, its serial number) or identifiers are verified to be legitimate and not spoofed. This feature requires unsupervised devices to be running iOS 16 or iPadOS 16.1 or later. For supervised devices, iOS 17 or iPadOS 17 or later is required. .
For more information, see Configure attestation for iOS devices. |
Updates to the Microsoft Intune app protection policy | June 2024 12.20 | The Microsoft Intune app protection policy has been updated in the management console to include some of the latest app policies.For more information, Create a Microsoft Intune app protection profile. |
Support for Samsung Knox 3.10 with Android Enterprise activation types | June 2024 12.20 | This release adds support for Android Enterprise activation types on Android 14 with Samsung Knox 3.10.For more information, see the UEM compatibility matrix. |
Changes to OS support | June 2024 12.20 | This release will no longer support the following device operating systems:
For more information, see the Mobile device OS compatibility matrix. |
Changes to supported activation types | June 2024 12.20 | The Work space only ( Samsung Knox ) activation type is no longer supported. |
Support for different home and lock screen wallpapers on supervised iOS devices | June 2024 12.20 | This release includes new options in the device profile to specify different wallpaper for the home and lock screens on supervised iOS devices. For more information, see Create a device profile. |
Show or hide the BlackBerry Dynamics Launcher in the UEM Client | June 2024 12.20 | In the BlackBerry
Dynamics profile, you now have the option to show or hide the BlackBerry Dynamics Launcher in the UEM Client :
For more information, see BlackBerry Dynamics profile settings. |
Add a customizable text banner to the management console | June 2024 12.20 | You can now add a customizable text banner that is displayed in the top-right header on every page in the management console. You can use this banner to display important information for all administrators that use the console (for example, you can display the information for the UEM tenant).For more information, see Add a text banner to the management console. |
View mobile OS vulnerabilities | June 2024 12.20 | The new device vulnerabilities screen in the management console allows you to view a list of Common Vulnerabilities and Exposures (CVE) for any mobile OS that is used in the UEM environment.For more information, see View mobile OS vulnerabilities. |
Changes to Kerberos Constrained Delegation (KCD) for BlackBerry
Dynamics apps | 12.20 (on-prem only) | If you configured KCD for BlackBerry
Dynamics apps, you must create and configure a krb5.conf file with specific minimum settings to continue supporting this feature in UEM 12.20 and later.If your organization uses a multi-realm Kerberos environment, additional steps are required to support KCD after you upgrade to UEM 12.20.For more information, see Prerequisites for configuring KCD for BlackBerry Dynamics apps. |
New IT policy rule to allow web distribution apps for iOS | June 2024 12.20 | The "Allow web distribution apps (supervised only)" IT policy rule allows you to specify whether users are allowed to install web distribution apps. The rule is enabled by default and applies to devices running iOS 17.5 and later only.For more information, see the Policy reference spreadsheet. |
Return to service option for the iOS Delete all device data command | June 2024 12.20 | When you send the "Delete all device data" command to devices with iOS 17 or later, you can select the “Enable Return to Service” option and select a Wi-Fi profile to assign to the devices to assist the user in setting up the device again after the data is deleted.For more information, see Send commands to users and devices. |
Feature enhancements for the BlackBerry UEM Client | June 2024 12.20 | See the UEM Client Release Notes to learn about the latest features:
|
Feature enhancements for the BlackBerry Web
Services | June 2024 12.20 | See the BlackBerry Web Services Release Notes to learn about the latest features. |
What's new in UEM version 12.19 and UEM Cloud
UEM
version 12.19 and UEM Cloud
Feature | Cloud release date and on-prem version | Description |
---|---|---|
Changes to iOS IT policy rules and compliance rules | April 2024 12.19 Quick Fix 3 | This release includes the following changes:
For more information, see the UEM 12.19 IT policy rules reference. |
New iOS IT policy rules | January 2024 12.19 Quick Fix 1 | The following IT policy rules have been added for devices with iOS 17.2 and later:
For more information, see the UEM 12.19 IT policy rules reference. |
Changes to console URLs | October 2023 12.19 | The UEM console URLs have changed in this release to include additional information at the end of the path:
If you integrate UEM with Entra ID, the UEM console URLs change to the following ("&redirect=no" is removed from the end of the URL):
|
New OS support | October 2023 12.19 | The following operating systems are now supported:
|
JRE 17 required | October 2023 12.19 | You must install JRE 17 on the servers where you will install UEM , and you must set an environment variable that points to the BB_JAVA_HOME home location.For more information, see Set an environment variable for the Java location. |
Connect UEM on-premises to Entra ID | October 2023 12.19 | You can now connect BlackBerry UEM on-premises to Entra ID to create and synchronize users and directory-linked groups.For more information, see Connect BlackBerry UEM to Entra ID. |
New Android Management activation types | October 2023 12.19 | Three new activation types that support the Android Management API have been added:
|
Knox Service Plugin policies | October 2023 12.19 | You can now configure KSP policies from the Policies and profiles menu in the UEM management console instead of an app configuration.For more information, see Managing Android devices with OEM app configurations profile. |
iOS app update dispositions | October 2023 12.19 | You can now specify new "Required without updates" or "Optional without updates" dispositions for iOS VPP apps and assign them to users, user groups, device groups, shared device groups, and public device groups. For shared iPad groups you can assign "Required without updates". |
iOS RSR versions | October 2023 12.19 | You can now select an RSR version as the minimum allowed OS version in activation profiles for iOS devices. |
New BlackBerry
Dynamics profile setting | October 2023 12.19 | You can use the new "Allow WatchOS apps" setting to control whether end users can pair their Apple WatchOS apps with BlackBerry
Dynamics apps. This setting is off by default.For more information, see BlackBerry Dynamics profile settings. |
New email profile setting for iOS | October 2023 12.19 | You can use the new "Allow Mail Drop" setting to control whether users with the MDM controls activation type can send files from their account using Mail Drop. For more information, see iOS: Email profile settings. |
Updated compliance variable | October 2023 12.19 | You can now use the %ComplianceApplicationList% variable to display the names of restricted apps that are installed on a device in compliance notifications that are sent to users. For more information, see Using variables in profiles, emails, and notifications. |
LDAP directory enhancements ( UEM on-premises only) | October 2023 12.19 | Paged search results are now supported for LDAP directories. |
SIM management enhancement | October 2023 12.19 | You can now view the information for multiple SIMs for a device on the Device details screen, including eSIM information. |
Enhancements to the Managed device users screen | October 2023 12.19 | You can now add the Bluetooth MAC address as an optional field in the Advanced view of the Managed device users screen. You can also export this data from this view. |
Export personal apps list | October 2023 12.19 | You can now export a list of the personal apps that are installed on a user's device. The list includes the user and device name, the app name and version, the OS type and version, and the installation date. |
Feature enhancements for the BlackBerry UEM Client | October 2023 12.19 | See the UEM Client Release Notes to learn about the latest features:
|
New in UEM version 12.18 and UEM Cloud
UEM
version 12.18 and UEM Cloud
The table below details the new features in this release. For information about the fixed and known issues in this release, see the UEM 12.18 Release Notes or the UEM Cloud Release Notes.
Feature | Cloud release date and on-prem version | Description |
---|---|---|
Export personal apps list | July 2023 12.18 QF1 | You can now export a list of the personal apps that are installed on a user's device. The list includes the user and device name, the app name and version, the OS type and version, and the installation date. |
Preserve the data plan on Android eSIM devices | May 2023 12.18 | UEM now provides an option to preserve the data plan on an Android eSIM device when you select the delete all device data command. By default, the data plan information is preserved when you select the delete all device data command.For more information, see Sending commands to users and devices. |
Show last password change in the management console | May 2023 12.18 | The date and time of the last time that a user changed the password for the BlackBerry UEM Client or a BlackBerry
Dynamics app is now displayed in the devices table and on the device details page. This feature requires a version of the UEM Client or BlackBerry
Dynamics apps released in June 2023 or later. |
Display information for multiple device SIMs in the management console | May 2023 12.18 | If a device has more than one SIM (for example, a physical and eSIM), information for all SIMs is now displayed in the device report. The device details page shows SIM information only for the phone number that has been selected by the user as the default for voice calls. |
Feature enhancements for the BlackBerry UEM Client | May 2023 12.18 | See the UEM Client Release Notes to learn about the latest features:
|
New in UEM version 12.17 and UEM Cloud
UEM
version 12.17 and UEM Cloud
The table below details the new features in this release. For information about the fixed and known issues in this release, see the UEM 12.17 Release Notes or the UEM Cloud Release Notes.
Feature | Cloud release date and on-prem version | Description |
---|---|---|
Export personal apps list | July 2023 12.17 MR1 QF2 | You can now export a list of the personal apps that are installed on a user's device. The list includes the user and device name, the app name and version, the OS type and version, and the installation date. |
Preserve the data plan on iOS eSIM devices | February 2023 12.17 MR1 | UEM now provides an option to preserve the data plan on an iOS eSIM device when you select the delete all device data command. If eSIM information is detected on the device, a pop-up will display asking if you want to preserve the data plan. The default action is to delete the data plan and you have to choose to preserve it.For more information, see Sending commands to users and devices. |
Rapid Security Response support for iOS | February 2023 12.17 MR1 | After a Rapid Security Response (RSR) build has been installed on an iOS 16 or later device, the RSR version is displayed in the users table, the device details page, device reports, and exports. You can also select the RSR version as a restricted OS version in compliance profiles. |
Activate Android Enterprise devices while on a mobile network | February 2023 12.17 MR1 | Android Enterprise devices can now be activated when they are using a mobile network. This feature applies only to Work space only (Android Enterprise ) and Work and personal - full control (Android Enterprise ) activation types. |
Support for multilingual compliance variables in email templates | February 2023 12.17 MR1 | You can now use multiple languages (German, Spanish, French, and Japanese) with the following compliance variables in email templates:
For more information, see Variables. |
New Android IT policy rule (Samsung Knox ) | February 2023 12.17 MR1 | Allow screenshots in the work profile to be stored in the personal profile: Specify whether screenshots taken in the work profile can be saved in the personal profile. For more information, see the Policy reference spreadsheet. |
New end user capabilities for BlackBerry
Dynamics apps using third-party identity provider credentials | September 2022 12.17 |
|
New OS support | September 2022 12.17 | This release adds support for devices running:
|
DEP activation enhancements for iOS | September 2022 12.17 | After the UEM Client has been activated on an iOS device that is enrolled in DEP, during any subsequent activation, if there is no device activation password set for the user, the UEM Client displays a message that tells the user how to activate their device. |
Export a list of iOS devices not using a hardened channel | September 2022 12.17 | You can export a list of devices that are not already using a hardened channel and migrate them so that they use a hardened channel. For more information, see Migrate iOS devices to use a hardened channel. |
BlackBerry
Dynamics passcode fallback for iOS biometric authentication | September 2022 12.17 | A new option, "Permit fallback to device passcode if biometric authentication fails", has been added to the BlackBerry
Dynamics profile. This option allows iOS biometric (TouchID/FaceID) authentication to fall back to the device passcode if biometric authentication fails.For more information, see Controlling BlackBerry Dynamics on users devices. |
App removal enhancements for Android | September 2022 12.17 | For devices that were activated using the Work space only (Android Enterprise ) activation type, when an app is removed from Google
Play or unassigned from a user, the app is removed from the device automatically. |
Enhancements for Chrome OS support | September 2022 12.17 |
For more information, see Extending the management of Chrome OS devices to BlackBerry UEM. |
New iOS IT policy rules | September 2022 12.17 |
For more information, see the Policy reference spreadsheet. |
New in UEM version 12.16 and UEM Cloud
UEM
version 12.16 and UEM Cloud
The table below details the new features in this release. For information about the fixed and known issues in this release, see the UEM 12.16 Release Notes or the UEM Cloud Release Notes.
Feature | Cloud release date and on-prem version | Description |
---|---|---|
Support for Chrome OS | August 2022 12.16 MR1 | UEM now supports devices that are running Chrome OS . The Chrome OS integration with BlackBerry UEM extends some of the Chrome OS management functionality to UEM . You can perform some commands on Chrome OS devices, such as view device report, view device actions, and delete only work data.For more information, see KB 98789 and Extending the management of Chrome OS devices to BlackBerry UEM. |
Multiple connections for Entra ID conditional access | August 2022 12.16 MR1 | You can now configure multiple Entra ID connections for conditional access in a UEM tenant. You can also configure multiple UEM domains to connect to the same Entra ID tenant.For more information, see Connecting BlackBerry UEM to Microsoft Azure. |
Changes to the on-premises installer | August 2022 12.16 MR1 | The BlackBerry Affinity Manager , BlackBerry Dispatcher , and BlackBerry MDS Connection Service components have been removed from the installation and upgrade process. These components were used only for managing BlackBerry 10 devices, which are no longer supported.For more information about a BlackBerry Affinity Manager disconnected status, see KB 90941. |
Support for shared iPad devices | March 2022 12.16 | iPad devices can now be shared between multiple users. When users sign in with a Managed Apple ID, their data loads and the user has access to their own email accounts, files, iCloud Photo Library, app data, and more.For more information, see Creating and managing shared iPad groups. |
Support for the CryptoTokenKit framework for iOS | March 2022 12.16 | UEM now supports the CryptoTokenKit framework for iOS devices so that BlackBerry
Dynamics apps can access cryptographic tokens from PKI apps such as Purebred. Support for cryptographic tokens is enabled when you select the “Native keystore” connection option and the iOS platform in the user credential profile. This feature requires apps that use BlackBerry Dynamics SDK 10.2 or later.For more information, see Sending client certificates to devices and apps using user credential profiles. |
UTI requirement for Purebred 2.1 (8) | March 2022 12.16 | When you use the Purebred app version 2.1 (8) or later, which must be submitted through the Custom App Distribution mechanism, you must update the uniform type identifiers (UTI) that contain underscores (‘_’) to dashes ('-') for the BlackBerry UEM Client app policy. For example, use purebred.select.all-user; purebred.select.no-filter; purebred.zip.all-user; purebred.zip.no-filter . Users may need to reactivate the new Purebred app on their device. |
Profile enhancements | March 2022 12.16 |
|
Changes to the management console | March 2022 12.16 |
|
New Android IT policy rule | March 2022 12.16 | Work apps exempt from VPN: Specify the work apps that are not required to send data over the work connection when "Force work apps to only use VPN" is selected. For more information, see the Policy reference spreadsheet. |
New iOS IT policy rule | March 2022 12.16 | Recommended software update cadence (supervised only): Specify how software updates are presented to the user. When there is only one update available, the system shows the update to the user. Otherwise, the updates are displayed in the specified order. This rule applies only to devices running iOS 14.5.0 and later.For more information, see the Policy reference spreadsheet. |