MobiControl[productSupport]
This release includes the following new features:
You can now conditionally grant or deny access to Microsoft 365 apps and other mobile apps which utilize Azure AD authentication on Android or iOS devices. SOTI MobiControl integration with Microsoft allows you to use MobiControl device compliance status in Azure AD conditional access policies. When configured, only the compliance statuses of devices assigned to the compliance policy will be reported to Microsoft, enabling you to manage the scope of the devices synchronized with Microsoft.
Configure App-specific and OEM-specific policies on your Android Enterprise devices using Managed Configurations without requiring Google Play Services. With this upgrade, you can easily manage and deploy OEM Specific features on Android devices even while offline.
Enroll personally-owned Android devices into Work Profile management using Google's new Android Management APIs. Most importantly, quickly deploy them without needing to install the SOTI MobiControl agent. You can enroll your devices into Work Profile via Android Management API using Enrollment Policies, configure them by deploying supported Profiles, and can deploy Apps from Google Play Store using App Policies.
Keep Windows Modern devices in your organization up-to-date with the latest Windows Updates available through Windows Server Update Services (WSUS) or the public Windows Update service. Through SOTI MobiControl, you can control the types of Windows Updates to apply to the devices, such as feature releases or security patches. In addition, there are a variety of new controls, including when to apply the updates automatically, differ the update for a period, mandate MobiControl Administrator approval before using the updates, and more.
SOTI MobiControl now includes two new user permissions, View SOTI Announcements and View System Announcements, to help administrators limit the announcements shown to certain user roles.
Android Enrollment Policies (formerly called Add Device Rules) creation and management is migrated to the next-generation user interface for a better user experience and overall consistency. The new design provides a view of all Android Enrollment Policies in a list along with a detailed view of each policy.
The Android Enrollment URLs have changed in this version of SOTI MobiControl. If you are upgrading MobiControl to this version, Enrollment URLs of the Enrollment policies created before the upgrade will continue to work. This backward compatibility is made possible with a new toggle in Global Settings under Enrollment Rules to redirect the old enrollment URLs to the new URL. However, the backward compatibility will end in a future version of MobiControl (released after 12 months). We recommend moving to the new URLs for all your Android Enrollment policies as soon as possible to avoid any potential issues. Once you complete the move, you can disable the redirection toggle in the Global Settings.
Policy features have been migrated to the next-generation interface in SOTI MobiControl under the Policies menu item. All the existing policies such as App, Compliance, and Enrollment are listed along with legacy rules such as File Sync, Device Relocation, Data Collection, and Alerts to provide better visibility of features available within MobiControl.
We have dropped support for the following Windows OS's for SOTI XTreme Hubs. You can no longer enroll devices with these operating versions as an XTreme Hub device:
Windows Server 2008, Windows Server 2012, Windows 7, Windows 8.
Users are now able to filter options visible in the Global Settings menu using a search bar. This makes navigating through the different categories to locate a specific feature a quicker and easier process.
The device details screen now displays the information about the version of the installed application.
Users can now use Device Enrollment Time as a filter criteria for Profile, App Policy, and Compliance Policy assignment.
The Deployment Server port number is now displayed on the device details page for Windows CE/Mobile devices. It is additionally available as a device search criteria.
The assignment dialog for Profile, App Policy, and Compliance Policy now includes a refresh button to retrieve an accurate count of targeted devices, which includes the impact of a filter criteria.
Enterprise apps deployed as mandatory apps now automatically uninstall when the corresponding app policy is removed.
Through the embedded Zero-Touch Enrollment (ZTE) iFrame, you can now easily configure your devices that are part of your ZTE program without requiring you to leave the SOTI MobiControl Web Console.
iOS 15 is now officially certified and supported.
You can now prevent copy/pasting of data from a managed to an unmanaged app/service and vice-versa on iOS 15+ devices.
You can now disable the randomizing of MAC addresses (also known as disabling private MAC addresses) on iOS 14+ devices.
You can now prevent the removal of Managed iOS Apps on supervised devices with iOS 14+ through a new toggle in App Policies.
For iOS 12+ devices, the Device Details page shows eSIM information such as Carrier Settings Version, Mobile Country Code, Mobile Network Code, ICCID, IMEI, Phone Number and more.
For iOS 14+, you can also now view time zone information.
You can now configure corporate network boundaries for Windows Modern devices in the Windows Information Protection profile to isolate and protect corporate data. The network boundaries include domains names of cloud, work and personal resources, IP ranges, and internal and external proxy servers.
We have made performance and security improvements to give a better user experience.
You can now allow device users to enable/disable Device Time Zone.
SOTI MobiControl now supports the distribution of Java through AdoptOpen JDK. See SOTI MobiControl Help for installation instructions.
he SOTI MobiControl-issued TLS certificate validity period has been reduced to two years from the issued date. On-premises customers are responsible for renewing TLS certificates when required.
The “View Device Scripts” general permission has been added to SOTI MobiControl to allow granular access control for Device Scripts. Upon upgrade to MobiControl 15.5.0, the “View Device Scripts” permission will be automatically granted to all users who were previously granted “Manage Device Scrips” permission.
SOTI MobiControl now provides the ability to specify non-repudiation key usage for Generic SCEP templates.
The following new REST APIs are included in this release:
Azure Active Directory API deprecation starting June 30, 2022. Microsoft will end support for Azure Active Directory (AD) Graph API’s and will no longer provide technical support or security updates. SOTI MobiControl after this time will no longer receive responses from the Azure AD Graph endpoint. Azure AD Graph API’s in MobiControl have been replaced with Microsoft Graph API’s which is the recommended way forward by Microsoft. Refer to this article for more information.
| MC‑123363 | Packages referenced by an assigned version of a profile could be deleted |
| MC‑128960 | All text instances and logos for “SOTI Assist” are updated to “SOTI XSight” |
| MCMR‑21378 | ZeroConfig profiles with an open network were not saved |
| MCMR‑25379 | Windows Mobile devices did not inherit Time Synchronization from the group level |
| MCMR‑25454 | Profiles did not save when the name and description were changed at the same time |
| MCMR‑25541 | Device relocation rules that were assigned to root device groups auto-relocated devices in subgroups that were not selected within the relocation rule |
| MCMR‑26071 | Requesting the Deployment Server Activity report would trigger an "Unable to generate report" error |
| MCMR‑26296 | Android profile creation with feature control payload failed in Russian language |
| MCMR‑26339 | Cisco Any Connect VPN configuration would take between 15 minutes and 6 hours to appear |
| MCMR‑26376 | OneDrive sync failed when OneDrive was enabled in Windows Information Protection Profile |
| MCMR‑26502 | Search integrity dropped when Search Sync was performed, leading to intermittent failures |
| MCMR‑26999 | Web Console showed the "Database Maintenance Failed" notification repeatedly |
| MCMR‑27099 MCMR‑27100 MCMR‑27049 | iOS Profile restriction labels were inaccurate |
| MCMR‑27122 | Exporting CSV files for search filter results did not populate ICCID values correctly |
| MCMR‑27133 | The default Device Stable Storage Folder in Keyence WinCE devices was not stable |
| MCMR‑27827 | IPA files could not be uploaded into App Policy when the file path length exceeded a certain threshold |
| MCMR‑27983 | Templates inside the lockdown profile remained blank when opened for editing |
| MCMR‑28139 | Managing Automated Device Enrollment triggered an Internal Server Error |
| MCMR‑28159 | Announcements help link did not work when the console used German language |
| MCMR‑28160 | "Device Agent and Plugin" did not show on the web console |
| MCMR‑28311 | PKG files failed to be installed from the App catalog on macOS |
| MCMR‑28404 | Scheduled package installation stopped agent check-in |
| MCMR‑28437 | Applications did not install when devices had an app with an empty bundle ID |
| MCMR‑29325 | Web apps from the managed Google Play Store were not pushed until after the device checked with the server multiple times |
| MCMR‑29901 | The Bypass Activation Lock action sent an error and did not disable the activation lock on some iOS devices |
