Limitations
These are cumulative release notes. If a release does not appear in this section, then there are no associated third-party limitations.
Product nomenclature: This is cumulative documentation and the product names you encounter in this documentation were accurate at the time of publication. Ivanti updates each new section to reflect evolving product nomenclature, but leaves legacy citations intact to ensure proper frame of reference for the reader.
- VSP-69784: Certain accessibility settings with integer values (for example, cursor size or mouse driver delay and speed) do not correspond correctly to the integer values on the device.
Workaround: None.
-
VSP-69780: Accessibility settings in the device channel are overridden by accessibility settings in the user channel.
Workaround: None.
-
VSP-69704: When the number of entries per page is set to N, the server should return N results across LDAP servers. However, it is fetching a maximum of N results from individual servers, which means that the combined number of results are more than the expected number of results.
Workaround: None.
-
VSP-69118: Entrust Corp. has changed the way Ivanti obtains derived credentials from the Entrust self-service portal. The portal does not support log-in requests originating from different sites.
Workaround:
- In the Ivanti EPMM portal, select Request Derived Credential to open the Entrust log-in page.
- Select Login in the Smart Credential Log In section.
- Select the action I'd like to enroll for a derived mobile smart credential in the Self-Administration Actions page to open the original Entrust page and generate the derived credential password.
-
VSP-68427: Due to a MySQL issue, creating labels by copying and pasting existing label information does not work as expected when copying Japanese, Chinese, or Korean characters that require 4 bytes of storage. These characters are replaced with a question mark ('?')
Workaround: Use the drop-down options to create labels.
VSP-68317: User enrollment through iReg or Mobile@Work fails on iOS 16.0 and iOS 16.1 beta. A feedback ticket has been filed with Apple.
Workaround: Use account-driven user enrollment instead.
-
VSP-68168: When a second Update OS Software command is initiated during a download, the first download stops and a second download is initiated. The second download might get into a stuck state where the download percentage is 0%.
Workaround: Reboot the device, turn the Wi-Fi off, then back on.
VSP-68143: When you register a shared iPad, then initiate an OS update to a higher version on the same device, the device is updated, but the updated version is not reported to Ivanti EPMM even when you log in with a managed Apple ID or check in multiple times.
Workaround: None.
- VSP-67037: When a user attempts to register an iPad with Ivanti EPMM through Mobile@Work, the user is prompted to download the profile before being given the steps to complete the iPad device registration.
-
VSP-66876: A vendor limitation prevents the Azure active directory (AD) conditional access with partner compliance use case from working properly. The Azure AD attributes do not display properly in the Device Details page and the compliance state of the device is not reported to Azure AD.
-
VSP-66573: There is an issue when a Transport Layer Security (TLS) certificate with a validity period longer than 27 months is uploaded to the Enterprise Connector. The upload fails with the following error message: "TLS server certificate uploaded does not comply with new security requirements in iOS 13 and macOS 10.15. TLS Server certificate must have a validity period of 825 days or fewer." 825 days is approximately 27 months, or 2.25 years.
Workaround: Upload TLS certificates to Connector with an expiration period of less than 825 days.
-
VSP-65216: There is an issue with the error message that results when issuing the API call /api/v2/appstore/inhouse with invalid credentials. The error message HTTP 502 Bad Gateway should be an error more closely denoting the cause of the failed call, for example, HTTP 401 Unauthorized.
-
VSP-66144: Due to an Apple limitation, the Enforced Fingerprint Timeout restriction is not available for iOS devices, although it is available for macOS devices.
-
VSP-62043: There is a vendor issue that is blocking Ivanti EPMM from accessing restrictions set on macOS devices. A ticket has been filed with the vendor.
-
VSP-65327: There is a limitation where the Shared iPad for Education fails to receive the LDAP configuration from Ivanti EPMM.
-
VSP-60763: Wi-Fi Configuration for Wi-Fi Protected Access 3 (WPA3) is not supported for Android and macOS.