VMware Hands-on Labs - VMware AirWatch - Unified Endpoint Management for Windows 10


Lab Overview - HOL-1857-02-UEM - Workspace ONE UEM - Managment for Windows 10

Lab Guidance


NOTE - It may take more than 90 minutes to complete this lab. You should expect to only finish 1-2 of the modules during your time.  The modules are independent of each other so you can start at the beginning of any module and proceed from there. You can use the Table of Contents to access any module of your choosing.

The Table of Contents can be accessed in the upper right-hand corner of the Lab Manual.

The Unified Endpoint Management for Windows 10 lab is designed to dive deeper into the aspects of managing, securing, and configuring Windows 10 devices. Each Module can be taken independently or you can start at the beginning and work your way through each module in sequence. In most cases, a unique "sandbox" instance of AirWatch will be created just for you when you begin a Module. When the Module has ended, this sandbox will be deleted and the device that you are enrolling in the lab will be returned to the state that it was in prior to the lab. The approximate time it will take to go through all the modules is around 2 hours.

Lab Module List:

 

This lab manual can be downloaded from the Hands-on Labs Document site found here:

http://docs.hol.vmware.com

This lab may be available in other languages.  To set your language preference and have a localized manual deployed with your lab, you may utilize this document to help guide you through the process:

http://docs.hol.vmware.com/announcements/nee-default-language.pdf


 

Location of the Main Console

 

  1. The area in the RED box contains the Main Console.  The Lab Manual is on the tab to the Right of the Main Console.
  2. A particular lab may have additional consoles found on separate tabs in the upper left. You will be directed to open another specific console if needed.
  3. Your lab starts with 90 minutes on the timer.  The lab can not be saved.  All your work must be done during the lab session.  But you can click the EXTEND to increase your time.  If you are at a VMware event, you can extend your lab time twice, for up to 30 minutes.  Each click gives you an additional 15 minutes.  Outside of VMware events, you can extend your lab time up to 9 hours and 30 minutes. Each click gives you an additional hour.

 

 

Alternate Methods of Keyboard Data Entry

During this module, you will input text into the Main Console. Besides directly typing it in, there are two very helpful methods of entering data which make it easier to enter complex data.

 

 

Click and Drag Lab Manual Content Into Console Active Window

You can also click and drag text and Command Line Interface (CLI) commands directly from the Lab Manual into the active window in the Main Console.  

 

 

Accessing the Online International Keyboard

 

You can also use the Online International Keyboard found in the Main Console.

  1. Click on the Keyboard Icon found on the Windows Quick Launch Task Bar.

 

 

Activation Prompt or Watermark

 

When you first start your lab, you may notice a watermark on the desktop indicating that Windows is not activated.  

One of the major benefits of virtualization is that virtual machines can be moved and run on any platform.  The Hands-on Labs utilizes this benefit and we are able to run the labs out of multiple datacenters.  However, these datacenters may not have identical processors, which triggers a Microsoft activation check through the Internet.

Rest assured, VMware and the Hands-on Labs are in full compliance with Microsoft licensing requirements.  The lab that you are using is a self-contained pod and does not have full access to the Internet, which is required for Windows to verify the activation.  Without full access to the Internet, this automated process fails and you see this watermark.

This cosmetic issue has no effect on your lab.  

 

 

Look at the lower right portion of the screen

 

Please check to see that your lab is finished all the startup routines and is ready for you to start. If you see anything other than "Ready", please wait a few minutes.  If after 5 minutes you lab has not changed to "Ready", please ask for assistance.

 

Module 1 - Windows 10 Software Distribution and Troubleshooting (45 minutes)

Introduction


Many issues in PC management arise from the delivery, integration, and support of applications. As end-user demand drives organizations to adopt more applications, these issues only grow in complexity and number. Today’s sophisticated user requires control over apps on both personal and corporate-owned devices. VMware AirWatch on Windows 10 introduces features and tools to simplify application integration and management.


 

Software Distribution and Lifecycle Flow with VMware AirWatch

 

You can deploy Win32 applications from the Apps & Books section of the AirWatch Console and, in doing so, use the application life-cycle flow that exists for all internal applications. This feature is called software distribution.

You can use the VMware AirWatch software distribution feature to deliver Win32 applications, track installation statuses, keep application versions current, and delete old applications.

 

 

Connect to Windows 10 VM


We have provided you a Windows 10 VM to complete the necessary steps for this lab. Let's connect to it to complete the steps in the following section.


 

Connect to the Windows 10 VM

 

Double-click the Win10-01.rdp shortcut on the lab desktop.

If prompted, the login credentials for the Windows 10 VM are:

 

Login to the AirWatch Console


To perform most of the lab you will need to login to the AirWatch Management Console.


 

Launch Chrome Browser

 

Double-click the Chrome Browser on the lab desktop.

 

 

Authenticate to the AirWatch Administration Console

 

The default home page for the browser is https://hol.awmdm.com. Enter your AirWatch Admin Account information and click the Login button.

NOTE - If you see a Captcha, please be aware that it is case sensitive!

  1. Enter your Username. This is you email address that you have associated with your VMware Learning Platform (VLP) account.
  2. Enter "VMware1!" for the Password field.
  3. Click the Login button.

NOTE - Due to lab restrictions, you may need to wait here for a minute or so while the Hands On Lab contacts the AirWatch Hands On Labs server.

 

 

Accept the End User License Agreement

 

NOTE - The following steps of logging into the Administration Console will only need to be done during the initial login to the console.

You will be presented with the AirWatch Terms of Use. Click the Accept button.

 

 

Address the Initial Security Settings

 

After accepting the Terms of Use, you will be presented with a Security Settings pop-up.  The Password Recovery Question is in case you forget your admin password and the Security PIN is to protect certain administrative functionality in the console.  

  1. You may need to scroll down to see the Password Recovery Questions and Security PIN sections.
  2. Select a question from the Password Recovery Question drop-down (default selected question is ok here).
  3. Enter "VMware1!" in the Password Recovery Answer field.
  4. Enter "VMware1!" in the Confirm Password Recovery Answer field.
  5. Enter "1234" in the Security PIN field.
  6. Enter "1234" in the Confirm Security PIN field.
  7. Click the Save button when finished.

 

 

Close the Welcome Message

 

After completing the Security Settings, you will be presented with the AirWatch Console Welcome pop-up.

  1. Click on the Don't show this message again check box.
  2. Close the pop-up by clicking on the X in the upper-right corner.

 

Enrolling Your Windows 10 Device


We will now enroll our Windows 10 device in AirWatch.  First, we will need to download the AirWatch Agent.


 

Download AirWatch Agent

 

From a new tab in the browser, if not opened already,

  1. Enter "https://www.awagent.com" in the navigation bar and press Enter.
  2. Click Download.
    NOTE - Please wait while the AirWatch Agent installer finishes downloading.  
  3. Click Keep when warned about the AirWatchAgent.msi download.
    NOTE - If you do not see the warning about the AirWatchAgent.msi file, skip this and continue to the next step.

 

 

Launch the AirWatch Agent Installer

 

Click the AirWatchAgent.msi file in your download bar.

NOTE - The installer may take a few seconds to launch, please be patient after clicking the AirWatchAgent.msi file.

 

 

Enroll Your Windows 10 Device Using the AirWatch Agent

 

Click Server Detail.

 

Deploying Notepad++


In this exercise, we will deploy Notepad++ to our Windows 10 device to see how to configure and deploy an application to your end users and what the end user experience is like for interacting with these applications.


 

Deploying Notepad++ In AirWatch

 

  1. Click Apps & Books.
  2. Click Applications.
  3. Click Native.
  4. Click the Internal tab.
  5. Click Add Application.

 

Confirm the aduser Certificate Has Installed


We have configured few device profiles for you to automatically install the user certificate you will need for this lab. In this section, we are going to validate if that user certificate is installed on your Windows 10 device or not before proceeding.


 

Check the Device Details for the Certificate Profile Status

 

In the AirWatch Console,

  1. Click Devices
  2. Click List View
  3. Click the device link for the enrolled device.

 

 

Check the aduser Certificate on the Windows 10 Device

 

  1. Click the Windows button.
  2. Type "user certificates" and the Search bar will populate.
  3. Click the "Manage user certificates" option.

 

Login to the Workspace ONE Application


 

  1. Click the Windows button.
  2. Click the Workspace ONE app icon from the start menu.

 

Enter the Workspace ONE Server Address

 

  1. The server address "https://ws1user.vidmpreview.com" should already be set when launching the Workspace ONE app, enter the value in the Server Address field if it is not already set.
  2. Click Next.

 

 

Enter Your Username for Workspace ONE

 

  1. Enter "aduser" for the username.
  2. Click Next.

 

 

Allow Access to Credentials

 

Click Allow to allow access to your private key.

NOTE - The user will only be prompted once for this permission.

NOTE - If you receive the "Access Denied. Certificate login failure." screen, please wait a few minutes and try to login again.  The device may take several minutes to receive the certificate due to scalability and lab network limitations.

 

Verify Notepad++ Deployment


Now that you have published Notepad++ to your Windows 10 Devices and logged into the Workspace ONE catalog, let's review how to verify that your application was deployed successfully.


 

Confirm Deployment in the Workspace ONE Catalog

 

  1. Click Catalog.
  2. Ensure the Notepad++ app displays and shows as Installed.
  3. If the Notepad++ app is not installed yet, you may need to wait a few minutes for it to complete.  Click the Refresh button to reload the page as needed.

As an end user, you will have access to the Notepad++ application once it is installed.  If you are able to see the Notepad++ application in the Catalog and the status displays as Installed, then the deployment was successful and our parameters for determining a successful install were correct.

 

 

Confirm Application Installed

 

  1. Click the Windows button.
  2. Confirm Notepad++ displays in the Recently Added section, confirming the install.

 

 

Deployment Details and Troubleshooting

In most cases, a successfully deployment is easily verified by inspecting if the app was installed or deployed to your device through either the Workspace ONE Catalog or by inspecting files that you are expecting to install.  Continue through this section to see how you can inspect other details for further troubleshooting and for additional details on Software Distribution on Windows 10.

 

 

Conclusion

There are several ways to debug a failed or erroneous Software Distribution deployment, as we have reviewed.  The AirWatch Console is a good first step for determining what is occurring, but digging into the AppDeploymentCache and AppDeploymentAgent registry files will assist in deeper troubleshooting to determine any issues.

With this knowledge in mind, we will move onto deploying Office 365.  Continue to the next step.

 

Deploying Office 365 ProPlus


In this hands on lab, you will package Office 2016 with a configuration file for click-to-run delivery to remote and enterprise worker devices. You will configure and assign the application to smart groups with the flexible deployment feature.

We have provided you with all of the files needed to complete the steps; however, in your organization you will have a customized configuration file to embed with your Office installation.


 

Preparing the Office 365 ProPlus Files

Before we can upload the ProPlus app to the AirWatch Console, we need to prepare and zip the files.

 

 

Deploying Office 365 Pro Plus in AirWatch

Now that you've zipped the setup.exe and configuration.xml files for your Office 365 deployment, the next step is to upload and deploy this application through the AirWatch Console.

 

Verifying Office 365 Pro Plus Deployment


Due to the scalability of this lab, time constraints, and the size of the install size, the Office 365 Pro Plus installer WILL NOT complete on your Windows 10 device before the lab session expires.  This section will guide you through verifying that the install command was completed and how you can verify your software distribution process for scenarios outside of this lab.


 

Verify App Availability in Workspace ONE

You can confirm that the Office 365 Pro Plus application was assigned to your device and is installing within the Workspace ONE application.  

 

 

Verify Install Command Was Sent

You can retrieve details about the current install status of an application on the assigned devices.  This can be used to monitor if devices are installing the application appropriately.

 

 

Using Device Details to Track Applications & Troubleshooting

In addition to the applications details view, you can view Apps information and Troubleshooting logs, which can aid in tracking application deployments and debugging why deployments may fail.

 

 

Verify Install Was Completed (follow along)

The following steps are for instructional purposes only, as the Office 365 Pro Plus installer WILL NOT complete before the lab expires!  Please follow along to see how you can verify that software distribution installs are completed and successful.

NOTE - As mentioned before, the Office 365 Pro Plus installment will likely not complete before your lab expires due to limited network resources and the lab time limit!  This section will demonstrate what a successful install would look like in the AirWatch Console in a real deployment.

 

Un-enrolling your Windows 10 Device


In this section, we are going to un-enroll our Windows 10 VM so that we can use it for other lab modules. We will delete the device record from the console, which will also un-enroll the device and remove all the apps and profiles that are pushed from AirWatch console, also known as managed content.


 

Delete Device from AirWatch Console

 

From the AirWatch Console,

  1. Click on Devices
  2. Click on List View
  3. Select the check box next to your device friendly name.
  4. Click on More Actions
  5. Click on Delete Device

 

 

Enter Reason and Delete

 

  1. Enter the reason as "lab completed"
  2. Click on Delete

 

 

Validate DELETE IN PROGRESS...

 

  1. You may see device friendly name changing to DELETE IN PROGRESS...
  2. Click on the Refresh Icon to validate if the device deletion is successful.

 

 

Ensure that device record is deleted

 

  1. Use the Refresh Button if needed.
  2. Ensure that the device record is now deleted from the AirWatch console and you see the message No Records Found.

 

 

 

Navigate to Windows 10 Settings

 

  1. Click on the Windows Icon
  2. Click on the gear icon to access Windows 10 Settings

 

 

 

Access Accounts Settings

 

From the Settings Menu, access Accounts

 

 

Validate That No Management Account Exists

 

  1. Click on Access work or school
  2. Validate that you DO NOT see any account connected to device management or other types.

 

Sign Out of the Workspace ONE Application


 

Within the Workspace ONE application,

  1. Click the User Icon
  2. Click Sign Out

 

Confirm Sign Out

 

Click Sign Out

 

 

Close the Workspace ONE App

 

Click the Close button.

 

Close Chrome to Clear Session Cookies


 

  1. Return to your Chrome browser.
  2. Click the Close (X) button.

Workspace ONE saves your OAuth session details in cookies.  Closing your browser ensures your previous session cookies will be deleted and won't interfere with the any additional modules you take.


Conclusion


Software Distribution in AirWatch allows you to deliver Windows applications and adhere to the application life-cycle.  Software Distribution enables your organization to deploy applications, track the installation statuses, debug and troubleshoot installation issues, and maintain applications with ease.

This concludes the Deploying Office 365 Pro Plus module.


Module 2 - Windows 10 Real-Time and Automated Security Protection and Compliance (45 Minutes)

Introduction


 

The release of Windows 10 introduced fundamental changes to the Windows operating system to address the security and data concerns of today’s digital workspace. To take advantage of VMware AirWatch Unified Endpoint Management’s capabilities, you can fold the Windows 10 functionality into an existing VMware AirWatch management solution. Combining traditional client requirements with modern enterprise management capabilities creates a simplified, cost-effective management solution. Use VMware AirWatch Unified Endpoint Management to establish user trust, assess the device posture, enforce conditional access, and enable data loss prevention.

In this hands on lab, we will explore how to configure many of the end-to-end security features, however, due to using VMs we will not be able to fully test all of our security configurations.

NOTE - You may need to scroll to the right to view the full screen button on the video above.


Connect to Windows 10 VM


We have provided you a Windows 10 VM to complete the necessary steps for this lab. Let's connect to it to complete the steps in the following section.


 

Connect to the Windows 10 VM

 

Double-click the Win10-01.rdp shortcut on the lab desktop.

If prompted, the login credentials for the Windows 10 VM are:

 

Login to the AirWatch Console


To perform most of the lab you will need to login to the AirWatch Management Console.


 

Launch Chrome Browser

 

Double-click the Chrome Browser on the lab desktop.

 

 

Authenticate to the AirWatch Administration Console

 

The default home page for the browser is https://hol.awmdm.com. Enter your AirWatch Admin Account information and click the Login button.

NOTE - If you see a Captcha, please be aware that it is case sensitive!

  1. Enter your Username. This is you email address that you have associated with your VMware Learning Platform (VLP) account.
  2. Enter "VMware1!" for the Password field.
  3. Click the Login button.

NOTE - Due to lab restrictions, you may need to wait here for a minute or so while the Hands On Lab contacts the AirWatch Hands On Labs server.

 

 

Accept the End User License Agreement

 

NOTE - The following steps of logging into the Administration Console will only need to be done during the initial login to the console.

You will be presented with the AirWatch Terms of Use. Click the Accept button.

 

 

Address the Initial Security Settings

 

After accepting the Terms of Use, you will be presented with a Security Settings pop-up.  The Password Recovery Question is in case you forget your admin password and the Security PIN is to protect certain administrative functionality in the console.  

  1. You may need to scroll down to see the Password Recovery Questions and Security PIN sections.
  2. Select a question from the Password Recovery Question drop-down (default selected question is ok here).
  3. Enter "VMware1!" in the Password Recovery Answer field.
  4. Enter "VMware1!" in the Confirm Password Recovery Answer field.
  5. Enter "1234" in the Security PIN field.
  6. Enter "1234" in the Confirm Security PIN field.
  7. Click the Save button when finished.

 

 

Close the Welcome Message

 

After completing the Security Settings, you will be presented with the AirWatch Console Welcome pop-up.

  1. Click on the Don't show this message again check box.
  2. Close the pop-up by clicking on the X in the upper-right corner.

 

Device Posture and Real-Time Compliance


VMware AirWatch assesses device posture by evaluating, locally enforcing, and remediating devices using the compliance engine, a VMware AirWatch tool that ensures that all devices abide by specified policies. A policy can include basic security settings or more critical security configurations.


 

Navigate to All Settings

 

  1. Click Groups & Settings.
  2. Click All Settings.

 

 

Navigate to Windows Health Attestation

 

  1. Click Devices & Users
  2. Click Windows
  3. Click Windows Desktop
  4. Click Windows Health Attestation
  5. Select Override for the Current Setting
  6. Verify that Secure Boot Disabled is Checked under the Compromised Status Definition section is checked.

 

 

Configure Health Attestation

 

  1. Scroll down to the bottom of the page.
  2. Click Save

 

 

Close Settings

 

  1. Ensure the Saved Successfully prompt is displayed.
  2. Click the Close (X) button to close the Setting window.

 

Conditional Access


For this lab we will be using the VMware Workspace ONE app to demonstrate the conditional access and Single Sign-On functions instead of a public 3rd party application such as the native SalesForce app.


 

Introduction

 

Conditional access to corporate resources through Workspace ONE combines VMware AirWatch management capabilities with VMware Identity Manager™. Available across all platforms and device types, conditional access provides the intelligence necessary for comprehensive unified endpoint management. While VMware AirWatch automatically denies access to unmanaged devices, conditional access enables a more nuanced approach by allowing managed devices to access corporate resources if they report a healthy compliance status.

For this lab several items such as Identity Manager integration and Certificate Profiles have been pre-configured for your Organization Group.

 

 

View Conditional Access Flow

We will now launch the Workspace ONE App to see how our access is affected when logging in from a device that is not enrolled.

 

Enrolling Your Windows 10 Device


We will now enroll our Windows 10 device in AirWatch.  First, we will need to download the AirWatch Agent.


 

Download AirWatch Agent

 

From a new tab in the browser, if not opened already,

  1. Enter "https://www.awagent.com" in the navigation bar and press Enter.
  2. Click Download.
    NOTE - Please wait while the AirWatch Agent installer finishes downloading.  
  3. Click Keep when warned about the AirWatchAgent.msi download.
    NOTE - If you do not see the warning about the AirWatchAgent.msi file, skip this and continue to the next step.

 

 

Launch the AirWatch Agent Installer

 

Click the AirWatchAgent.msi file in your download bar.

NOTE - The installer may take a few seconds to launch, please be patient after clicking the AirWatchAgent.msi file.

 

 

Enroll Your Windows 10 Device Using the AirWatch Agent

 

Click Server Detail.

 

Confirm the aduser Certificate Has Installed


We have configured few device profiles for you to automatically install the user certificate you will need for this lab. In this section, we are going to validate if that user certificate is installed on your Windows 10 device or not before proceeding.


 

Check the Device Details for the Certificate Profile Status

 

In the AirWatch Console,

  1. Click Devices
  2. Click List View
  3. Click the device link for the enrolled device.

 

 

Check the aduser Certificate on the Windows 10 Device

 

  1. Click the Windows button.
  2. Type "user certificates" and the Search bar will populate.
  3. Click the "Manage user certificates" option.

 

Compliance with Workspace ONE


In this section, we are going to create a Compliance Policy and validate both the compliant and non-compliant states on our Windows 10 device to show how you can control access to apps and services by requiring devices to remain within compliance.


 

View Conditional Access Flow After Enrollment

Now that our Windows 10 device is enrolled, let's sign in to Workspace ONE again and see how the authentication flow has changed.  We will validate that the Windows 10 device is able to login to the Workspace ONE app after enrollment but prior to adding in a Compliance Policy.

 

Login to the Workspace ONE Application


 

  1. Click the Windows button.
  2. Click the Workspace ONE app icon from the start menu.

 

Enter the Workspace ONE Server Address

 

  1. The server address "https://ws1user.vidmpreview.com" should already be set when launching the Workspace ONE app, enter the value in the Server Address field if it is not already set.
  2. Click Next.

 

 

Enter Your Username for Workspace ONE

 

  1. Enter "aduser" for the username.
  2. Click Next.

 

 

Allow Access to Credentials

 

Click Allow to allow access to your private key.

NOTE - The user will only be prompted once for this permission.

NOTE - If you receive the "Access Denied. Certificate login failure." screen, please wait a few minutes and try to login again.  The device may take several minutes to receive the certificate due to scalability and lab network limitations.

 

Confirm Successful Login to the Workspace ONE App


 

Upon successfully logging in, you should see the Apps page of the Workspace ONE app with access to the Bookmarks and Catalog tabs.

Continue to the next step after confirming your login was successful.


Sign Out of the Workspace ONE Application


 

Within the Workspace ONE application,

  1. Click the User Icon
  2. Click Sign Out

 

Confirm Sign Out

 

Click Sign Out

 

 

Close the Workspace ONE App

 

Click the Close button.

 

Create a Compliance Rule


We will now create another Compliance rule to cause our device to become non-compliant. This way, we can validate the flow in the scenario where device becomes non-compliant.


 

Add a Compliance Policy

 

Back to the AirWatch console in Chrome browser,

  1. Click Devices
  2. Click Compliance Policies
  3. Click List View
  4. Click Add

 

 

Confirm Device is Non-Compliant

With the new Compliance Policy in place, we will now confirm that our device is showing as non-compliant.  Because our enrolled Windows 10 device is not encrypted, and our Compliance Policy requires devices to be encrypted, it will be marked as non-compliant once the policy applies.

 

 

Launch the Workspace ONE App

Now that our Windows 10 device is showing as non-compliant, let us return to the Workspace ONE app on the Windows 10 VM and see how the authentication flow has changed for our non-compliant device.

 

Data Loss Prevention


Let's take a look at how VMware AirWatch can help with Data Loss Prevention with your Windows 10 devices. To limit the scope of this lab, we will be going through videos, rather than actual configurations.


 

Windows Information Protection (WIP), App Control, & Per-App VPN

AirWatch can configure the Windows Information Protection, App Control, and Per-App VPN feature that is built into Windows 10.   Please watch the video for a demonstration on configuration and it working on a device.

NOTE - You may need to scroll to the right to view the full screen button on the video above.

 

 

Bit Locker Encryption

With the latest release of AirWatch, you are now able to configure BitLocker settings, please watch the video for a demonstration on configuration and it working on a device.

NOTE - You may need to scroll to the right to view the full screen button on the video above.

 

Un-enrolling your Windows 10 Device


In this section, we are going to un-enroll our Windows 10 VM so that we can use it for other lab modules. We will delete the device record from the console, which will also un-enroll the device and remove all the apps and profiles that are pushed from AirWatch console, also known as managed content.


 

Delete Device from AirWatch Console

 

From the AirWatch Console,

  1. Click on Devices
  2. Click on List View
  3. Select the check box next to your device friendly name.
  4. Click on More Actions
  5. Click on Delete Device

 

 

Enter Reason and Delete

 

  1. Enter the reason as "lab completed"
  2. Click on Delete

 

 

Validate DELETE IN PROGRESS...

 

  1. You may see device friendly name changing to DELETE IN PROGRESS...
  2. Click on the Refresh Icon to validate if the device deletion is successful.

 

 

Ensure that device record is deleted

 

  1. Use the Refresh Button if needed.
  2. Ensure that the device record is now deleted from the AirWatch console and you see the message No Records Found.

 

 

 

Navigate to Windows 10 Settings

 

  1. Click on the Windows Icon
  2. Click on the gear icon to access Windows 10 Settings

 

 

 

Access Accounts Settings

 

From the Settings Menu, access Accounts

 

 

Validate That No Management Account Exists

 

  1. Click on Access work or school
  2. Validate that you DO NOT see any account connected to device management or other types.

 

Remove the Compliance Policy


 

  1. Click Devices.
  2. Expand Compliance Policies.
  3. Click List View.
  4. Find the Encryption Compliance Policy and click the X button to remove it.

 

Confirm the Compliance Policy Removal

 

Click OK to delete the Compliance Policy.

 

Close Chrome to Clear Session Cookies


 

  1. Return to your Chrome browser.
  2. Click the Close (X) button.

Workspace ONE saves your OAuth session details in cookies.  Closing your browser ensures your previous session cookies will be deleted and won't interfere with the any additional modules you take.


Conclusion


In this hands on lab, we explored how to configure many of the  end-to-end security features, however, due to using VMs we were not able to fully test all of our security configurations. Thus, below you will find an end-to-end demo of Windows 10 management using VMware AirWatch including many of the same security features we configured.

NOTE - You may need to scroll to the right to view the full screen button on the video above.


Conclusion

Thank you for participating in the VMware Hands-on Labs. Be sure to visit http://hol.vmware.com/ to continue your lab experience online.

Lab SKU: HOL-1857-02-UEM

Version: 20180425-080944