MobiControl 15.6.1 Release Notes

Release Highlights

Automatically Update macOS App Store Apps

You can now use App Policies to distribute macOS app updates to devices automatically as soon as updates are available.

Distribute Unlisted Apps to iOS Devices

With this update, you can distribute unlisted apps to iOS devices using the same App Policy methods you use to search and add the apps from the App Store.

Bird’s-Eye View for App Policy Feedback Logs on Android

Get a bird’s-eye view of App Policy feedback logs from multiple devices, making it easier to identify how many Android Enterprise devices each error or warning has occurred on.

Enhanced Samsung Knox Service Plugin (KSP) Payload Support via Profiles on Android

Configure and deploy your Samsung KSP directly via Profiles for Samsung devices enrolled as Android Enterprise Work Profile and Corporate Personal. Administrators can now more easily discover and manage Samsung KSP features within the context of other Android Enterprise Work Profile and Corporate Personal profile configurations and avoid needing to create an App Policy.

Reset Bundles of Configurations in Samsung KSP on Android

With a single click, reset multiple configurations to their default value when configuring Samsung KSP for Android Enterprise devices.

SOTI Hub Report on Latest Document Access

Administrators can now generate SOTI Hub reports from the Report section of the SOTI MobiControl Web Console. These reports provide records of device user’s document access data from different repositories in SOTI Hub.

Configure Signal Service through the Administration Utility

Configuring Signal Service settings is now possible via the SOTI MobiControl Administration Utility. Administrators can specify Signal’s server address, port, logging level, as well as the ability to monitor and Start, Stop, or Restart the Signal service.

SCEP Basic Authentication Support

Administrators can now create a certificate authority in SOTI MobiControl using SCEP basic authentication, expanding the number of available options for certificate authorities.


API Endpoint for iOS Force Update

We have replaced the API endpoint /iOS/apps/actions/forceUpdate with /common/apps/actions/forceUpdate to separately support force update of apps on iOS and macOS devices through App Policy. Previously, we only supported force update on iOS devices and this upgrade expands support to include macOS as well. Administrators must change to /common/apps/actions/forceUpdate to use these new features. The API endpoint /iOS/apps/actions/forceUpdate will be officially deprecated in November 2023 and will no longer be supported. Continued use of the deprecated version may lead to unpredictable system behavior and is not recommended.

Feedback Log APIs

To facilitate improvements to the App Policy feedback logs, we have moved to using a new set of APIs. As a result, we will be deprecating the previously used APIs. The new APIs are available now and we recommend moving to them as soon as possible. As of October 2023, the previous APIs will be deprecated and will no longer be supported. Continued use of the deprecated version may lead to unpredictable system behavior and is not recommended.

These public APIs will be deprecated as of October 2023:

  • /appManagement/android/apps/googlePlayStore/{appPackageId}/appFeedback
  • /appManagement/android/apps/googlePlayStore/{appPackageId}/appFeedback/summary
  • /appManagement/android/apps/offlineOEMConfig/{appPackageId}/appFeedback
  • /appManagement/android/apps/offlineOEMConfig/{appPackageId}/appFeedback/summary

Use the following APIs in place of the deprecated APIs:

  • /appManagement/android/apps/googlePlayStore/{appPackageId}/appFeedbackGroups
  • /appManagement/android/apps/googlePlayStore/{appPackageId}/appFeedbackGroups/summary
  • /appManagement/android/apps/googlePlayStore/{appPackageId}/appFeedbackDetail
  • /appManagement/android/apps/offlineOEMConfig/{appPackageId}/appFeedbackGroups
  • /appManagement/android/apps/offlineOEMConfig/{appPackageId}/appFeedbackGroups/summary
  • /appManagement/android/apps/offlineOEMConfig/{appPackageId}/appFeedbackDetail

Upgrade Considerations

  • If you are using an older version of the Cloud Link Agent (CLA) (e.g.,1.x, 2.x ,3.x or 4.0), you must upgrade to CLA 4.1. Before upgrading, you must uninstall the older version of CLA. If CLA 4.1 is not set up with SOTI MobiControl 15.6.0, any operation or functionality related to LDAP and AD CS will not work.
  • If you are upgrading to SOTI MobiControl 15.6.0 and above, .NET Runtime 6.0 and ASP.NET Core Runtime 6.0 must be installed with all critical updates on the host server before you proceed with running the SOTI MobiControl installer.
  • If you are installing or upgrading to SOTI MobiControl 15.6.0 and above on a multi-server setup then port 13131 needs to be open for outbound communication from the Management and Deployment Servers to the server where the primary MobiControl Signal Service is hosted.
  • If you are upgrading from an older version of SOTI MobiControl (15.5.0 and before), “GetDeviceGroupConfiguration” and “ApplyDeviceGroupConfiguration” APIs will require “Configure Devices/Device Groups” permission. This permission is automatically assigned to SOTI MobiControl Administrators, SOTI MobiControl Technicians and SOTI MobiControl Viewers roles. Custom roles must have the “Configure Devices/Device Groups” permission granted manually.
  • As of the August 2022 update to SOTI Identity, improvements were made to streamline user role management across all SOTI ONE products. These changes only impact MobiControl versions 15.6.0 and greater.

    On upgrading from a version of MobiControl less than 15.6.0 to version 15.6.0 or higher the following impacts will be observed:

    • Functions to add, modify and remove roles are no longer accessible within the SOTI Identity console.
    • SOTI Identity roles that appeared in MobiControl as SOTI Identity user groups will be removed as part of the upgrade.
    • SOTI Identity users and groups that were mapped with SOTI Identity roles will be listed directly in MobiControl with the same permissions that those users and groups previously inherited from SOTI Identity roles.
    As a result of the above impacts, you may also have to recreate roles in MobiControl and associate them with the correct SOTI Identity users and groups. If you were using SOTI Identity for device side authentication through Add Device rules or Enrollment policies, or if you had mapped SOTI Identity user groups in the MobiControl Shared Device configuration, you must remap these in MobiControl after upgrading. Click here for a detailed explanation on these changes.
  • Windows CE/Mobile devices that reset to their default factory settings may be unable to reconnect to SOTI MobiControl 15.5.0 or later due to device date and deployment server binding certificate date being out of sync. Before you upgrade or generate a new certificate binding, you may need to set up a Network Time Protocol/Simple Time Network Protocol (NTP/SNTP) server. Having the SOTI MobiControl agent or device contact an NTP/SNTP server before connecting to SOTI MobiControl allows devices to retrieve the current date and time. Impacted devices can then connect to SOTI MobiControl successfully once they reset to the factory default date and time.

    For more information, see this article on SOTI Pulse.

Resolved Issues

MCMR-26333 Apple WebClip profiles did not pick a Deployment Server address at runtime when using a macro on device side
MCMR-30795 App previews were not visible under the application catalog on iOS devices
MCMR-31058 Lost Mode was not being correctly enabled on iOS devices
MCMR-31091 Drag and drop functionality on device groups was not working properly when dragging a group from the bottom of the list to the top
MCMR-31171 The base distinguished name field in the directory configuration did not allow spaces
MCMR-31225 Improving performance for device group search when there are many groups
MCMR-31257 Set Device Name macros were not applying names correctly
MCMR-31617 Interrupting the Management Service also stopped access to ERG for Email Exchange
Web filter configuration in Profiles did not allow more than 5 characters in the URL extension
MCMR-31708 Errors were incorrectly reported as HTTP status 500, indicating a server-side error
MCMR-31771 Users were unable to reinstall ERG if deleted from console
MCMR-31778 The ‘Any Version’ option was missing from package dependencies for packages that did not have multiple versions
MCMR-32195 New device certificates were generated instead of renewing the existing ones