Home
Release Note27.06.2023

Relution MDM - Innovations Server 5.18

Relution

LDAP Configuration

Lightweight Directory Access Protocol (LDAP) is a standardized protocol for managing and querying information in a directory service, often used for authentication and authorization in networks. Relution has supported the connection of LDAP based directory services since the beginning. In order to successfully connect to an LDAP, it was previously necessary to configure it in the server configuration file. Since the new version it is possible to configure the LDAP based directories via the Admin Console. For this purpose, there is a new configuration item "LDAP synchronization" in the settings.

Release_5.18_01.01_EN.jpg

The new configuration interface is divided into individual areas for server configuration and user, group and class synchronization. In each area, it is possible to test the configuration in advance without having to restart the server as before. In addition, the user receives an overview of which objects will be synchronized in advance. In the server configuration, it is also possible to trust self-signed certificates and to read out the base DN from the LDAP server.

Release_5.18_01.02_EN.jpg

In the global "Store" client there is an additional function to assign objects in individual clients via LDAP filters. This makes it possible to connect to a global LDAP server and assign objects to individual clients.

Release_5.18_01.03_EN.jpg

In the detailed view of an LDAP provider, there is a detailed overview of which and how many objects were synchronized and when. If an error should have occurred during a synchronization, this can be seen directly in the user interface.

Release_5.18_01.04_EN.jpg

To transfer the existing migration from the server configuration file to the new configuration interface, the configuration must be created in the interface and removed from the configuration file in the second step. The provider name must not change. The configuration is active after the server is restarted.

Global permissions

In the "Store" client, it is possible to publish only created permissions globally in order to use them in the subordinate clients. In the clients, the public permissions are read-only and can be assigned to users or groups.

Release_5.18_02_EN.jpg

Impersonization

In "System" clients, the system administrator has the option of assuming the identity of another user. This function can now be disabled via the configuration file with the parameter "relution.security.impersonation.enabled=false ".

Release_5.18_03_EN.jpg

Java 11 discontinuation

In this release, Relution supports Java versions 11 and 17. Long Term Support (LTS) for Java 11 ends on September 30, 2023. Starting with Relution version 5.21, support for Java 11 will be discontinued. All on-premises servers must be upgraded to Java 17 by then. The SaaS environments and Docker installations have already been updated.

Apple

Bypass the activation lock

In the iOS and macOS policies, there is a new "Device Settings" configuration to allow Activation Lock. This allows the user to trigger activation lock in the "Where is?" settings, so that either the AppleID or an activation code is required when resetting a device. Relution now reads the activation code for newly enrolled devices in supervised mode. This can be viewed in the device details of the "System" section.

Release_5.18_04_EN.jpg

Bluetooth

For macOS and iOS devices, there is a new action to turn Bluetooth on or off.

Release_5.18_05_EN.jpg

In addition, the Relution Teacher App (version 5.14.5) has been extended to activate Bluetooth when starting a lesson. This function can be defined in a subprofile.

Release_5.18_06_EN.jpg
Android

Localization can be disabled

In version 5.17, the Relution Companion App for Android Enterprise was released. This app enables the localization of devices, asking the user for permissions when opening the app for the first time. Now there is an option to disable the localization feature. The administrator can disable this option in the "Settings -> Device Management" for COD (Company Owned Devices) or BYOD (Bring Your Own Device) devices. This way, the Companion App will no longer ask the user for localization permission and no localization action will be displayed in the web console.

Release_5.18_07_EN.jpg
Technical Changelog

The changelog for the release can be found here.