With Relution 5, the system for cross-platform device management is expanded by many functions. In addition to numerous optimizations for iOS, macOS, tvOS and Android Enterprise, the management of Windows 10 devices is also enabled. Relution does not require any cloud IDs and can be operated in your own infrastructure in compliance with data protection regulations.
Relution 5 can thus be ideally used with different devices in a variety of application scenarios. The open interfaces of the overall system also enable integration into existing IT system landscapes.
Before installing Relution 5, the Relution 5 Update Checklist should be considered.
Windows 10 device management
Relution 5 supports the management and configuration of Windows 10 devices. For more information see Insight Manage Windows 10 devices with Relution
Supported versions are Windows 10 Home, Windows 10 Professional, and Windows 10 Education. Relution user assignment is required at enrollment.
Then, enrollment can be performed on the device using the appropriate user email address, MDM server URL, and enrollment code. Microsoft ID is not required for enrollment.
Enrolled devices can be configured via policies. Restrictions can be used to restrict selected device functions.
Actions applied can be used to restart a device, update device information, or reset a device to factory default.
Modern Windows Apps can be natively uploaded to the Relution Store and installed and uninstalled via actions on enrolled Windows 10 devices. For the creation of modern Windows apps and the conversion to other file formats for Windows applications, there will be an insight on the website soon.
The range of functions for configuring, restricting and securing Windows 10 devices as well as installing applications will be continuously expanded from now on.
Apply multiple policies to one device
Relution 5 allows device configurations to be applied across multiple policies on a single device. For example, a base policy can now be used for all devices, plus individual policies with configurations for specific devices. The new functionality applies to all iOS, Android, and Windows 10 platforms. Furthermore, iOS, macOS and tvOS also allow multiple restriction configurations to be applied to a device, which iOS automatically combines on the device. For more information, see Insight Apply multiple policies to one device
Set priority for guidelines
Basically, there are configurations that can be present multiple times on a device and configurations that may only be present once. For each platform, it is therefore now possible to specify an order for the policies, which can be used to define the priority. If several policies are now applied with a configuration on a device that may only be present once, the settings of the first policy have priority and are adopted.
To better track the application of individual configurations on devices, the compliance view in the device details has been revised with Relution 5. For each policy applied, all current configurations on the device can be viewed at a glance.
New appearance and optimized user interface
Relution 5 appears in a new look and feel. The modern look and feel includes the new Relution branding and a more intuitive user interface. Thus, the usability is increased by an improved structuring of the information and an improved usability and the work is much easier. For more information see Insight New Relution Portal
The new portal includes the following optimizations:
- Fade-in navigation bar with vertical alignment flush left
- User and group settings directly in the main navigation
- Revised list views including context menu globally and per line for actions
- Multi-Search function with tags in list views
- Revised configuration of columns in list views
- Subpages of settings on own distribution page
- Notification Center for System and Organization Admin
- Language settings and date values in the user profile
Configure Domain VPN for iOS (Per Account VPN)
Relution 5 enables the configuration of VPN for domains for iOS. This allows a VPN connection to be automatically established when accessing defined domains and thus access protected content. For this purpose, “VPN connections for apps and accounts” must be activated in the VPN settings. Afterwards, the desired domains can be entered directly in the VPN configuration.
Configure In-App VPN for iOS (Per App VPN)
Relution 5 enables the configuration of VPN for iOS apps. This allows a VPN connection to be automatically established for selected apps and thus protected content to be accessed. The configuration “App to VPN mapping” must be created in the policy in which the desired VPN connection for the apps is also configured (not possible across policies). The functionality is available for the VPN types IPSec, AnyConnect and JuniperSSL. L2TP is currently not supported by iOS.
Unique email addresses
As of Relution 5, the email address for new user:in Relution is unique and cannot be used by another user:in the same or a different organization. This uniqueness is used in user authentication via Single SingleOn (SSO) to identify the user:in and assign them to the correct organization. Relution supports the OpenID Connect and SAML protocols.
Add Android Apps via the Managed Google Play Store
Apps can be added to the Relution App Store directly from the Managed Google Play Store with Relution 5 and can then be distributed to compatible devices. This requires that Android Enterprise is configured for the Relution organization. See Insight Android Enterprise set up in Relution
Skip password” option for Android Enterprise enrollments
When enrolling a device with Android Enterprise, it is recommended to always protect the device with a password. In case this is not desired, it is now possible to disable the requirement during enrollment. By default, the option “Always require a device password” is enabled. This will always require a password to be assigned on the device regardless of a password policy. Especially for class sets or loan devices at schools, this feature increases flexibility in use.
Enrollment of multiple devices with one enrollment code
Relution 5 enables the creation of a multi-enrollment code. This means that any number of devices can be enrolled with one code. The optimization simplifies mass Android enterprise enrollments, for example for class sets or loan devices at schools, but also for enrollments of Bring Your Own Device (BYOD) devices with iOS.
The automatic enrollment of Samsung Knox Mobile Enrollment (KME) devices with Android Enterprise is also simplified by transferring the multi-enrollment code from Relution via Custom JSON into the MDM profile at Samsung KME. This eliminates the need to manually scan the Android Enterprise enrollment code from the Relution portal, further automating enrollment. For more information see insight Samsung KME with Android Enterprise
Device name configuration for iOS, macOS and tvOS supervised devices
Relution 5 enables the control of device names via a policy. A variety of placeholders can be accessed to allow dynamic individualization of device names.
Time zone configuration for supervised iOS and tvOS devices
With Relution 5, the time zone can be automatically transmitted to iOS devices via policy. This way, the activation of location services during commissioning can be completely omitted and thus an out-of-box experience (OOBE) can be realized. The activation of location services can be skipped by setting in the DEP profile.
Usability / Functional Optimization
- The new "Log in as organization admin" button in the context menu of the overview list of organizations allows system administrators to conveniently switch to another organization with corresponding permissions of the organization administrator
- The links to the devices via the VPP license details are automatically hidden if there is no authorization for the Device Manager role
- For fully managed Android Enterprise devices and Android devices with work profile, the installation of apps from untrusted sources can be enabled via the restrictions
- Linking from the app settings to the app categories
- Alphabetical sorting of the students of a course in the field of education
- Sorting VPP apps by name in the device VPP license list
- Rearrangement of Dashboard Widgets
- Adaptations of the app compliance configurations to the new list design
- Adaptation of the auto-deployment overview to the new list design
- Fixing the table headings in all lists
- Adding public apps from the Windows App Store to the Relution App Store
- Automatic renewal of Education CA certificates if they expire in the next 180 days
- Adding the Global Proxy Configuration for Android Enterprise
- Adding the "Play Store Management" configuration for Android Enterprise
- Replace multiple drop-down filters in the inventory list with a list of selectable options
- Adaptation of the certificate lists to the new list design
- Adding the Windows platform in the app release workflow
- Display of groups and group members for the Content Manager role
- Adaptation of the view for conformity violations to the new list design
- Move selection labels to search field in app selector modals
- Removal of the Windows Update configuration from the restrictions, as the functionality has been moved to a separate configuration
- Remove from the Development Hub function
- Remove App Store Ratings
- During device enrollment, it is ensured that an enrollment type is set according to the platform
- Resetting the database baseline for Relution 5. Prerequisite for the update to version 5 is the installed version 4.79 (see Relution 5 Update Checklist)
- Update to Java version 11 or higher and, if using MySQL, version 8.0 or higher (see Relution 5 Update Checklist)
- Update to Spring Boot 2.4.2 which also supports operation with Java 15
- Switching all API endpoints to the unified /api/ path. All previous endpoints are redirected (see Relution 5 Update Checklist)
- Automatic separation of assigned VPP licenses when deleting tvOS and macOS devices
- Optimization of the query of devices with many installed apps
- Optimization of persistence of LDAP-referenced fields in user settings, which can be removed accidentally
- Troubleshooting database update to Microsoft SQL Server
- Bug fix for handling invalid characters in certificate file names on the Windows platform
- Troubleshooting Assigned Policies on Android Enterprise Devices
- Troubleshooting policy cloning on systems running MS SQL Server
- Preventing the modification of LDAP groups and system groups
- Optimization of notifications for new native client versions in the Notification Center
- Full support for installing .pkg files on macOS devices
- Allow ignoring of auto-assigned policies also for auto-enrollment
- Adding the automatic update function of the Notification Center
- All failed authorization checks will respond with a 401 (Unauthorized) instead of 403 (Forbidden) status if no valid authentication is present
- Performing connection date update from Apple devices only for MDM communication
- Enable partial downloads of resources
- Support for custom client names for SAML2 registrations and additional attribute value formats
- Preventing password changes when the user is managed by a third-party user management system
- Adding an optional configuration to automatically remove completed VPP tasks older than a defined time period
- Do not include hidden ping actions in the count of open actions
- Add selection list of installed apps for the "Remove app" action
- Checking if the email address already exists when it is edited in the user profile
- Improved performance when loading auto deployments
- Optimization of VPP Sanity Check Performance in Cluster Environments at Server Startup
- Troubleshooting the deletion of organizations with VPP publications
- Bug fix for extracting bundle identifier from .pkg files in another format
- Avoiding a 422 HTTP status by retrying to upload a VPP token when Apple responds with a temporary error
- Troubleshooting of failed actions to update device information for Shared iPads, even if all available information could be retrieved successfully
- Fixing the calculation of file sizes and hashes when using MongoDB-based GridFS
- Ensure that Windows devices can be logged in via the Device User group and not via a specific user
- Preventing the active "Update OS" button for tvOS devices when no update is available
- Ensuring correct display of available storage units for a Windows device
- Bug fix for policy export when special characters are used in the passcode
- Bug fix for re-enrolling Windows 10 devices after they have been previously enrolled on the server
You can find the changelog for the release here