Technical Changelog

Die Seite beschreibt das technische Changelog, das für erfahrene Anwender:innen gedacht und nur auf Englisch verfügbar ist. Die ausführlichen, deutschen Release Notes finden Sie hier →.

Allgemein empfohlene Version

Bitte beachten Sie, dass die hier gelisteten Versionen erst mit Verzögerung auch unter latest allgemein bereitgestellt werden, diese durchlaufen zuvor mehrere zusätzliche Quality Gates.

Aktuell unter latest verfügbare Version: 5.25.1 (Stand 09.07.2024)


  • Gerätegruppen: In Relution-Versionen, die ab Dezember 2024 veröffentlicht werden, werden noch nicht migrierte Organisationen automatisch auf Gerätegruppen umgestellt, der Support für die Legacy-Funktionalität entfällt
  • Java: Ab Relution 5.24 wurde der Support für Java-Versionen unter 17 endgültig eingestellt
  • Microsoft SQL Server: Relution 5.25 wurde der Support für Microsoft SQL Server endgültig eingestellt. Bitte migrieren Sie zu MariaDB oder PostgreSQL. Relution wird dazu eine Anleitung zur Verfügung stellen und unterstützt Sie gern bei der Migration
  • MariaDB
    • Relution wird mit einer der nächsten Versionen MariaDB 10.11 oder höher erfordern
    • MariaDB kann beim Erzeugen von Datenbank-Views in ein Cache-Problem laufen. Bitte stellen Sie sicher, die neuste Patch-Version der entsprechenden Minor-Version zu verwenden (MariaDB MDEV-17124)
  • GridFS: Mit Relution 5.24 wurde der Support für GridFS endgültig eingestellt. Bitte migrieren Sie zu S3-kompatiblem Storage

Version 5.25.1


  • Include IP address of the caller in audit log [REL-5040]
  • Fix an issue with existing lessons no longer being updatable after introducing lesson single app mode [REL-5070]
  • Fix wallpaper configurations with very long text [REL-4998]
  • Fix context information missing from logs [REL-5002]
  • Deliver Relution Teacher for native installations [REL-4987]
  • Fix Android Enterprise Kiosk configuration with stayOnPluggedModes for managed devices with personal usage allowed [REL-5005]
  • Fix application of Android Enterprise StrongSwan VPN profiles with VPN type “IKEv2 EAP-TLS” [REL-5018]
  • Fix enabled state of save button of Android Enterprise StrongSwan VPN profile configurations that contain a user certificate template [REL-5032]

Version 5.25.0


  • Add audit log showing API activity in settings of global organisation [REL-4891]
  • Add per-app VPN settings for Windows devices [REL-4669]
  • Add per-domain VPN settings for Windows devices [REL-4618]
  • Allow calling web hooks via device group actions [REL-3876]
  • Allow specifying additional mail addresses to notify in device group actions [REL-4342]
  • Add notification configuration for iOS/iPadOS and macOS devices [REL-3864]
  • Automatically merge multiple Apple notification configurations and enable notifications for Relution apps by default [REL-4328]
  • Add FileVault configuration for macOS devices [REL-4114]
  • Add “delete device” to available device group actions [REL-4341]
  • Add setup assistant configuration for Apple devices [REL-3871]
  • Add single app mode for Relution teacher app [REL-4394] [REL-4397]
  • Replace default OAuth2 error page with a custom Relution one, and improve error reporting [REL-4381]
  • Drop Support for Microsoft SQL Server [REL-4324]
  • Allow updating assigned user on auto enrollments via CSV upload [REL-4788]
  • Support all certificate options (single select, user, and certificate templates) in Apple Exchange and Certificate configuration [REL-4409]
  • Add device logging configurable via global orga to allow collecting logs for specific devices accessible via API [REL-4692]
  • Add support for Relution Agent on macOS [REL-2744] [REL-3930] [REL-4562]
  • Allow to select between delta and full sync when synchronizing Azure AD users & groups [REL-3567]
  • Add InstallationFailureReason for Android Enterprise devices in compliance violation. [REL-4103]
  • Handle possible issue during database migration on invalid resource references [REL-4909]
  • Adjust handling of Android Enterprise messages which do not belong to the current server if enterprises are connected to multiple servers (this kind of setup is not recommended!) [REL-4811]
  • Allow re-enrolled devices to still be attached to static device groups when re-used after deletion [REL-4528]
  • Add additional skippable steps to DEP profiles [REL-4427]
  • Adjust handling of referenced resources at several places [REL-2904]
  • Optimize access to streamed resources [REL-3715]
  • Remove “promote” feature for app versions [REL-4639]
  • Add index to speed up apple push notification processing [REL-4735]
  • Ignore certificates without CN or subject when checking for missing certificates on Apple devices [REL-4417]
  • Adjust handling of translated messages in server [REL-4422]
  • Drop support of WebEAM as security provider [REL-4216]
  • Reduce memory usage when using Wallpaper configurations and ImageMagick is not enabled [REL-4563]
  • Prevent deletion of CAs with certificate templates [REL-1914]
  • Extend placeholder support of global HTTP proxy configuration to additional fields [REL-4499]
  • Always add a history entry when devices are deleted or withdrawn [REL-3748]
  • Skip sending the child device name of the app to the server [REL-4360]
  • Add latest policy sync time and latest status report time to Android Enterprise device details [REL-4689]
  • Avoid calling the same endpoint twice when manually adding public apps to Relution via web portal [REL-4334]
  • Adjust lesson schedule settings view in Portal [REL-4197]
  • Adjust filters in policy list view [REL-4200]
  • Group macOS devices by major version in dash board view, since Apple changed the versioning scheme [REL-3937]
  • Fix a rare issue with the merge of store and system organization if an organization with an empty UUID exists [REL-4964]
  • Fix SAML extra attribute parsing [REL-4901]
  • Fix issue in Windows device action processing [REL-4837]
  • Fix running with --database-migration-only to only create the Relution schema [REL-4807]
  • Adjust error handling of query endpoints [REL-4617]
  • Add version filter to the list of devices an app is installed on [REL-4455]
  • Adjust behaviour concerning unsupported actions for specific Windows versions [REL-4641]
  • Fix CIDR evaluation not producing the expected results for in-between network prefix sizes [REL-4501]
  • Adjust validation handling in Portal for Windows Update configuration [REL-1413]
  • Fix default values and enabled state of save button in alert action view [REL-4459]
  • Adjust visibility conditions for auto enrollment profiles view [REL-4338]
  • Adjust page range start indicator in tables in web portal [REL-4330]

Version 5.24.2


  • Adjust periodic push for Apple devices with specific open actions to be more frequent [REL-4796]
  • Adjust visibility of interactive whiteboard configurations in Portal [REL-4859]
  • Fix running with --database-migration-only to only create the Relution schema [REL-4807]
  • Fix auto enrollment profile filter selection showing an empty list when configuring dynamic device group filters [REL-4836]

Version 5.24.1


  • Switch back to Java 17 in Relution Docker image temporarily to avoid higher CPU usage than expected with Java 21 [REL-4786]
  • Switch to Firebase Cloud Messaging protocol HTTP V1 to replace legacy push API that Google discontinues on June 21, 2024 [REL-4392]
  • Remove “promote” feature for app versions [REL-4795]
  • Fix creating compliance violations for required native macOS apps when not installed on the device [REL-4369]
  • Fix native app download session handling in cluster environments [REL-4770]

Version 5.24.0


  • Add age mode for dynamic device group filters for date fields, allowing to configure e.g. “enrolled in the last seven days” as a condition [REL-3887]
  • Extend device group filtering capabilities to allow to filter for devices which have no or any value set for a respective property [REL-3420]
  • Add support to run device group actions in a schedule [REL-3872]
  • Add dynamic device group filters for auto enrollment and auto enrollment profiles [REL-3959]
  • Allow selecting auto-assigned static groups in (auto-)enrollments [REL-3886]
  • Add device group action for reapplying device policies [REL-3877]
  • Allow pasting multiple values into device group filters which are split automatically at spaces [REL-3504]
  • Add option to choose User Principal Name (UPN) as Subject Alternative Name type (SAN) in certificate templates [REL-4403]
  • Make Relution Teacher web available as part of Relution Portal [REL-2792] [REL-2793]
  • Allow configuring custom validity periods for built-in CA templates [REL-3372]
  • Optimize Windows VPN configuration [REL-4281]
  • Support hotspot configuration on additional interactive whiteboards [REL-4272]
  • Add Active Directory Configuration for macOS [REL-3878]
  • Add Font configuration for Apple devices, including font management in settings [REL-3863]
  • Add support for PKCS12 certificates in Windows certificate configuration [REL-3238]
  • Add Windows Application Control configuration [REL-3975]
  • Allow customising preferred activities for Android Enterprise devices [REL-2880]
  • Reuse existing Android Classic device entity on enrollment of the same device [REL-3546]
  • Add support for Degen ADVANTouch interactive whiteboards [REL-3966]
  • Clean up resources on external storage earlier and more regularly [REL-2914]
  • Add additional security information like FileVault status to macOS device details [REL-3924]
  • Update to Spring Boot 3 which requires Java 17+ (Please upgrade to Java 21) [REL-735]
  • Switch to Java 21 in Relution Docker image [REL-4454]
  • Extend the filter support of the inventory table [REL-3893]
  • Add enrollment type to device inventory view [REL-4228]
  • Add support for WiFi mac and description in device inventory [REL-3873]
  • Adjust widgets content shown in global orga dashboard widgets [REL-3875]
  • Add support for parameterised higher resolution versions for system app icons [REL-3234]
  • Allow to select between delta and full sync when synchronizing Azure AD users & groups manually [REL-3567]
  • Remove remaining non-authority permissions previously used for system (now global) admins and replace them with additional authorities [REL-1803]
  • Handle unexpected IP address header content when not using recommended proxy settings [REL-4378]
  • Cache generated wallpapers in configured resource storage [REL-4002]
  • Remove support for GridFS, Relution will not start if still configured [REL-4220]
  • Add missing filters in device details action list [REL-4317]
  • Add Device Connectivity Management configuration for Android Enterprise devices [REL-4046]
  • Adjust parameters when accessing Microsoft Store [REL-4180]
  • Always use a message action to send push notifications, so it can be viewed in the message view in Relution Agent [REL-3318]
  • Always add a history entry when devices are deleted or withdrawn [REL-3748]
  • Reduce memory footprint of Apple wallpaper command generation [REL-3932]
  • Improve wording of device groups and/or options [REL-4379]
  • Do not show legacy auto-assignment information in policy header in Portal after migrating to device groups [REL-4337]
  • Make sure to not show empty sections in enrollments in Portal after migrating to device groups [REL-3847]
  • Show IP address in Android Enterprise device details [REL-3874]
  • Add creation and modification information to users and groups [REL-3869]
  • Fix inventory filter values for global organization. [REL-4329]
  • Do not include deleted certificates in dash board widget summary [REL-4352]
  • Fix CIDR evaluation not producing the expected results for in-between network prefix sizes [REL-4501]
  • Fix client dashboard widget referencing the legacy client apps instead of Relution Agent [REL-2495]
  • Fix Samsung Classroom not being deployed for teacher devices [REL-4333]
  • Ignore devices in “withdrawn” states for all dashboard widgets except “device status” [REL-2486]
  • Add missing translations in Windows Update configuration [REL-4583]
  • Fix device group action view in Portal sometimes allowing to save when not all required fields have been filled [REL-4544]
  • Remove redundant information in create organisation summary screen [REL-4525]
  • Fix manufactorer filter in Portal [REL-4541]
  • Fix visibility of settings page for users in some minimal settings permission scenarios [REL-4546]
  • Fix bulk enrollment action not being shown with minimal required permissions [REL-4503]
  • Fix possible translation issue in device group filter edit view [REL-4497]
  • Fix minor visual issues in Managed Configuration editor for Android Enterprise [REL-2519]
  • Hide locate device action for deleted devices [REL-4188]
  • Avoid clearing device group action notification user if the action is saved without changes [REL-4239]
  • Fix accessing the description of Android Enterprise app policy, when the app has no app policy [REL-3934]
  • An Android Enterprise Wi-Fi configuration for SIM/AKA can be saved immediately when all required fields are filled [REL-3710]

Version 5.23.1


  • Add prometheus metric with Relution server version [REL-3908]
  • Ensure deploying Relution Agent on re-enrolled devices immediately, even before device details have been retrieved [REL-4371]
  • Fix device group filter for installed apps showing a non-accurate list on editing in Portal [REL-4340]
  • Adjust behaviour when logging in on enrolled devices without an associated user [REL-4327]
  • Fix LDAP settings UI not showing saved synchronisation settings correctly [REL-4372]
  • Correctly show already selected organizations when re-opening dynamic device group filter selection [REL-4240]
  • Avoid clearing device group action notification user if the action is saved without changes [REL-4239]
  • Fix notification settings view not being able to open global orga after migration when no store organisation was present before [REL-4276]

Version 5.23.0


  • Replace system organization with new global organization and merge system and store on existing servers [REL-2985] [REL-3412] [REL-4149]
  • Allow defining calendar day and month periods for time-based policies during which they are not applied. Allow subscribing or importing calenders to define these periods [REL-2637] [REL-2803] [REL-2819] [REL-2922] [REL-3155] [REL-3413] [REL-3443]
  • Add support for uploading and distributing self-hosted Android apps via Android Enterprise [REL-4084]
  • Reuse existing Android Classic, iOS/iPadOS, tvOS or macOS device entity on enrollment of the same device [REL-3415] [REL-3546]
  • Allow moving Windows, Android Classic, iOS/iPadOS, tvOS or macOS devices to a different tenant in global organization [REL-1554]
  • Add Windows Caching configuration allowing to configure usage of Windows built-in PCCR (Peer Content Caching and Retrieval) to speed up downloads on Windows clients [REL-3224] [REL-3228] [REL-3781]
  • Add strongSwan VPN configuration for Android Enterprise devices [REL-3738]
  • Add Android Enterprise message configuration [REL-2879]
  • Add class membership filter for device groups [REL-2712]
  • Add reset password action for Windows devices via Windows companion [REL-2797]
  • Add server side support for Relution Parent app [REL-4162] [REL-2902]
  • Renew Apple push certificates, valid until February 2025. The previous ones will expire in August 2024 [REL-3678]
  • Show a notification if outgoing email settings are not configured [REL-4069]
  • Improve the filter selection in the table view to avoid unnecessary reloads [REL-3888]
  • Extend Android Enterprise settings with additional configurations [REL-2878]
  • Optimize setup and display of Windows app installation and uninstallation commands, including showing a preview [REL-970]
  • Optimize compilation and background processing for dynamic device group filters [REL-3776]
  • Adjust periodic push for devices with open actions to rotate the devices it pushes to [REL-3907]
  • Adjust email uniqueness check and detection of SSO providers to be case insensitive on all databases [REL-3889]
  • Adjust display of organization selector [REL-4141]
  • Add additional Windows versions used to display device detail information [REL-3764]
  • Adjust private key bag display name for certificate / key pairs generated by Relution [REL-3552]
  • Show device deletion date and deleted by in device inventory and device details [REL-3747]
  • Add action to log out current user on Shared iPad [REL-3462]
  • Adjust download session cache settings [REL-3522]
  • Add a few additional iOS and tvOS restrictions [REL-3087]
  • Add missing error code mapping to display human readable message on script deletion error in Portal [REL-3955]
  • Show policy platform when adding policies to a device group [REL-3785]
  • Disable “add new version” button for public apps since they are retrieved from external app stores [REL-4194]
  • Fix keystore expiration notifications recipient detection to avoid logging the mail content instead [REL-3465]
  • Adjust Portal validation for Windows app uninstaller path [REL-4169]
  • Avoid creating unnecessary multiple deploy actions for Android Classic Companion in some cases [REL-4159]
  • Fix immediate dynamic device group filter evaluation if the same field is used in multiple filter expressions combined in a single logical statement [REL-3906]
  • Skip change set creating new index which could cause issues on Microsoft SQL server since support for it will be dropped soon anyway [REL-3996]
  • Avoid possibly causing deadlocks when cleaning short-lived actions of individual devices on MariaDB [REL-3675]
  • Fix issues in system email settings: No longer require repeat password entry when testing previously saved settings, make SSL and STARTTLS mutually exclusive and require EHLO when STARTTLS is enabled [REL-3802]
  • Fix public device groups not being evaluated correctly after restarting the server [REL-3774]
  • Optimize group assignment evaluation cache behaviour [REL-495]
  • Fix policy export dialog behaviour when password auto-fill is enabled [REL-4189]
  • Fix icons being displayed cropped at the bottom in lists in Safari on macOS [REL-3620]
  • Fix detection rule for Windows apps display in Portal being not up-to-date after editing them [REL-4168]
  • Fix display of battery status if it is not known [REL-4142]
  • Fix spacing in export policies dialog [REL-4143]
  • Fix validation of empty passwords when changing passwords via the user profile [REL-3939]
  • Do not allow saving dynamic device groups without any filters [REL-3799]
  • Make sure Android Enterprise Wi-Fi configuration for SIM/AKA can be saved immediately when all required fields are filled [REL-3710]
  • Fixed device to app assignment for apps supporting multiple platforms (i.e. macOS devices were not shown in the devices selection list) [REL-3526]
  • Fix alignment in iOS purchased apps view [REL-3559]
  • Fix sorting managed media by type or size [REL-2779]
  • Adjust refresh behaviour of detection rule display in Portal [REL-3163]
  • Fix selection behaviour in device policy list [REL-3384]

Version 5.22.4


  • Add new iOS 17.4 restriction to (dis)allow marketplace app installations [REL-3909]
  • Set new USB Data Access configuration, which is now required by latest Android Device Policy [REL-4004]
  • Avoid compliance violation concerning CrossProfilePolicies on managed Android Enterprise devices where this policy cannot be applied [REL-3933]
  • Fix auto-enrollment list pagination and total count display in Portal [REL-4075]
  • Fix missing add button in managed media configuration [REL-3981]

Version 5.22.3


  • Only apply managed media list query if the organization has managed media, and auto-skip it on devices responding with “not now” due to the issue iOS/iPadOS has with this query [REL-3704]

Version 5.22.2


  • Resolve a possible rare issue in MDM push queue leading to threads waiting indefinitely (introduced with 5.22.0) [REL-3846]

Version 5.22.1


  • Adjust logging configuration for Android push [REL-3777]
  • Disable managed media query by default until the next release since it causes issues with some Apple devices responding with “not now” for a prolonged duration and without clear reason [REL-3780]
  • Fix public device groups not being evaluated correctly after restarting the server [REL-3772]
  • Resolve issue with MDM push channels on shared iPad and macOS, and push organization context in some cases (introduced with 5.22.0) [REL-3765]
  • Fix issue with device group filters not being configurable via Portal when using German translation [REL-3560]

Version 5.22.0


  • Extend device group filter to also evaluate group membership of the assigned device user. When saving device groups or performing a login on a shared device, this will be evaluated immediately, otherwise updates will be performed periodically in background [REL-2711] [REL-2849]
  • Add device group actions allowing to schedule actions or notifications via device groups. They will fully replace the now deprecated rule sets in a future release, which are no longer shown in organizations not using them already. Please migrate your rule set configurations to device group actions [REL-859] [REL-2919] [REL-2612] [REL-3101]
  • Allow notifying users and groups in device group actions via push or email [REL-2613]
  • Add extensible SSO policy configuration for Apple devices [REL-2802] [REL-3667]
  • Add support making PowerShell scripts public, so they can be used in all organisations of a Relution server [REL-2801]
  • Add self-service portal which allows users to view their devices and trigger actions on them if enabled by assigning the necessary permissions [REL-2816]
  • Add interactive board configuration for SMART boards [REL-1233]
  • Allow configuring outgoing mail server configuration via system organization settings in web portal [REL-2822] [REL-3134] [REL-3177]
  • Show if Apple are denied communication due to expired identity certificates and support selectively allowing them anyway to renew their profile. Also add corresponding columns to device inventory and details and add filters to device groups [REL-3282]
  • Allow customising compliance enforcement rules for Android Enterprise devices [REL-2877]
  • Skip directly to login with username and password if only SSO providers in the store organisation are configured [REL-3054]
  • Allow disabling SSO providers for login on Relution Shared Device [REL-3052]
  • Reduce memory footprint and optimise scheduling of push messages, e.g. by avoiding queueing multiple open pushes per device [REL-3249]
  • Simplify handling of push credentials for devices and Relution client apps [REL-2559]
  • Mark all actions with “Not Now” state if devices respond with it, not only actions with multiple sub actions [REL-3658]
  • Show Ping actions in device action list [REL-3662]
  • Allow canceling actions in state “Not Now” via device action list [REL-3700]
  • Allow disabling managed media list query for Apple devices via configuration property [REL-3694]
  • Adjust cached user names also for enrollments and auto-enrollments when user names are updated [REL-3553]
  • Clear IOT dummy data which might be present on servers created before 2018 [REL-3577]
  • Avoid excessive logging when imagemagick is not available [REL-3524]
  • Fix an issue with saving device management settings unintentionally setting device groups to OFF again [REL-3557]
  • Add “Domain Suffix Match” to enterprise Wi-Fi configuration on Android Enterprise platform [REL-3547]
  • Avoid unnecessarily saving actions to update their status when the status is already set [REL-3435]
  • Allow running liquibase database migration only, without actually starting Relution, via the argument --database-migration-only (environment variable RELUTION_ARGUMENTS can be used) [REL-3333]
  • Drop support for MySQL and remove scripts and references for no longer supported database types [REL-3332]
  • Follow transitive group memberships when doing ASM SFTP sync [REL#227868] [REL-2591]
  • Applying device group policies now takes the current tenant organization into account [REL-3220]
  • Add “wrong server time” notification, log entry, and endpoint [REL-3039]
  • Adjust auto enrollments list actions if device groups are enabled [REL#2210194] [REL-3566]
  • Move weblink options to general section of the weblink configuration [REL#229824] [REL-3487]
  • Allow configuring provider type for all iOS and macOS VPN types [REL-3034]
  • Extend airprint configuration for iOS with port and forceTLS parameters [REL-3213]
  • Handle invalid file types with a helpful error message when importing policies from files [REL-3157]
  • Support Windows Wallpaper on Windows Pro devices [REL-2386]
  • Avoid excessive logging when external services are not available during scheduled public app metadata update [REL-3286]
  • Reduce response size of the query auto enrolment endpoint [REL-2988]
  • Add ethernet MAC address of Apple TVs to inventory list and device details [REL-2891]
  • Adjust limits for DEP accounts and abbreviate if the values delivered by Apple exceed the limits [REL-1091]
  • Allow Android Enterprise devices to fetch their own actions [REL-3293]
  • Avoid excessive logging when PubSub responds with 502 Bad Gateway [REL-3288]
  • Improve handling of Windows Companion updates and versioning [REL-2961]
  • Use the same icons for static and dynamic device groups at different places [REL-2050]
  • Avoid having to call the analysis of the uploaded file twice when adding new native apps [REL-3550]
  • Adjust display of connection check result for certificate authority configuration [REL-3181]
  • Adjust error handling possibilities for Windows Office configuration [REL-3223] [REL-3221]
  • Adjust logging when the shared device scheduled logout encounters a device which no longer is in shared mode [REL-3683]
  • Clear user reference in auto enrollments when users are deleted [REL-3578]
  • Fix cancel button for actions without a details step [REL-3665]
  • Add missing lesson template permission in portal authority view [REL-3151]
  • Fix clearing of assigned user on application of a Relution shared device configuration [REL-3086]
  • Prevent the reset of a policy version, when the version is the only version which exists in the policy [REL-3363]
  • Fix adding URLs to the list of allowed URLs in the Windows kiosk mode configuration [REL-3364]
  • Avoid hiding the organization switcher when searching for organization names without a match [REL-3284]
  • Improve appearance of Portal header boxes for devices with very long names or serial numbers [REL-2546]
  • Avoid excessive logging when certificate authorities are not available to issue new certificates [REL-3672]
  • Handle error during device details processing of Windows Home devices [REL-2753]
  • Fix layout of DEP profile selection dialog [REL-3673]
  • Fix creating file detection rules for Windows apps [REL-3668]
  • Handle invalid file uploads in the upload VPP token wizard [REL-2488]
  • Avoid having to reload the web page to trigger auto enrollment sync after adding a new DEP account [REL-3649]
  • Fix issues with enabled state of the save button in iOS VPN configuration when switching VPN types [REL-3218]

Version 5.21.3


  • Disable managed media query by default since it causes issues with some Apple devices responding with “not now” for a prolonged duration and without clear reason [REL-3780]
  • Allow enabling managed media list query for Apple devices via configuration property [REL-3694]
  • Show Ping actions in device action list [REL-3662]
  • Allow canceling actions in state “Not Now” via device action list [REL-3700]

Version 5.21.2


  • Fix handling of glowroot agent if configured
  • Fix mapping of versions via store organisation [REL-3488]

Version 5.21.1


  • Add hint about the not yet available group filter to device group wizard as well [REL-3159]
  • Avoid unnecessary renewal of JWT token [REL-3366]
  • Avoid adding apps of public VPP tokens to the system organisation as well on PostgreSQL databases [REL-3321]
  • Fix scheduled renewal of Apple education certificates no longer working due to unique constraints introduced with 5.21.0 [REL-3289]
  • Fix scheduled cleanup of old login history entries [REL-3285]
  • Avoid hiding the organization switcher when searching for organization names without a match [REL-3284]

Version 5.21.0


  • Mark device groups no longer as beta. Add a hint about the not yet available user group filter [REL-3159]
  • Create new organisations with enabled device groups if the feature is enabled in the store organisation, or if there is no store organisation [REL-2826]
  • Create default dynamic device group which contains all active devices for new organizations [REL-1783]
  • Extend setup guide with additional steps for device group setup [REL-1776]
  • Use software enforce declaration on Apple devices supporting it instead of sending OS update actions [REL-2169]
  • Require explicit mapping of store LDAP users to organisations to avoid unintentionally syncing them into the store orga. Also allow defining an orga mapping for the store organisation itself. This behaviour is enabled by default for new providers, and disabled for existing ones [REL-2556]
  • Use external tool if installed for image rendering to improve performance and reduce memory footprint [REL-2572]
  • Add Office configuration to Windows policies [REL-1852]
  • Show FAQ and support in portal for every user if they are configured [REL-2814]
  • Add login history to user profile and user detail view [REL-2796] [REL-3150]
  • Support desktop login via browser in Portal for Windows client apps [REL-1686]
  • Allow selecting multiple apps to be remove from multiple devices at once [REL-2489]
  • Add support for IKEv2 AlwaysOn VPN configuration for iOS devices [REL-2308]
  • Allow deploying Office 365 apps to Windows devices via explicit action [REL-1694]
  • Add support for cross profile policies to Android Enterprise (restrictions) [REL-2865]
  • Merge multiple Windows app compliance configurations when applied on devices [REL-2554]
  • Add support for communicating with and configuring Relution Teacher on Windows devices [REL-429]
  • Allow creating users with empty password intended for SSO login only [REL-1801]
  • Add “wrong server time” notification, log entry, and endpoint [REL-3039]
  • Extend Android Enterprise restrictions with additional settings [REL-2810]
  • Extend Android Enterprise kiosk configuration with additional settings [REL-2811]
  • Support Windows scripts with more than 32k characters [REL-1858]
  • Allow configuring sync interval for ChromeOS as part of the settings [REL-2557]
  • Improve logging for DEP sync when encountering errors returned by the DEP API [REL-2830]
  • Improve handling of action display when activation bypass code is not available [REL-2480]
  • Fix cleanup of associated device references for deleted devices when deleting users [REL-3139]
  • Use rate limiter for Android Enterprise API requests to avoid running in Google’s limits [REL-3038]
  • Cleanup non-terminal duplicate actions for several additional action types immediately as well [REL-3045]
  • Add missing encryption types to tvOS WiFi configuration [REL-3036]
  • Clean up device actions more often and earlier by default [REL-2832]
  • Set the minimum supported MariaDB version of Relution to 10.5 [REL-2833]
  • Add foreign key from enrollment to organization [REL-2356]
  • Handle groups without names in Azure AD sync [REL-2725]
  • Enable declarative management for devices with iOS/iPadOS/tvOS 17 or macOS 14 and retrieve status updates including app status [REL-2450]
  • Migrate resources to another store type in batches and retry the operation on errors [REL-1763]
  • Create database indices for all foreign key columsn to avoid deadlocks and improve performance [REL-2336]
  • Extend text filter in device inventory to include given and surname of the assigned device user [REL-3046]
  • Allow entering exchange host with path in iOS and macOS exchange configurations [REL-2709]
  • Rename factory reset protection option for Android Enterprise to be more clear [REL-2558]
  • Allow installing VPP apps directly from assigned licenses view [REL-2549]
  • Write policy version number to “policy” and “executedPolicy” columns during device inventory CSV export [REL-2548]
  • Windows Office configuration will remove installed Office Suites on removal [REL-2636]
  • Update configuration of the axe linter to only check for WCAG 2.1 compliance [REL-2873]
  • Update main dependencies of the portal [REL-2602]
  • Simplify permission checks in device service to get rid of legacy roles [REL-2496]
  • Reuse device name when performing “Return to service” action on devices [REL-3024]
  • Make sure “Return to Service” continues trough setup assistant automatically, even when using a DEP profile with macOS user customization [REL-3024]
  • Add Apple restriction allowMailPrivacyProtection [REL-2589]
  • Optimize request classification for device and portal requests [REL-2193]
  • Drop unused SSH key entity, DB schema and service methods [REL-2201]
  • Use a service account for Google Workspace setup for ChromeOS management and streamline setup [REL-2537]
  • Retrieve BitLocker details during Windows Companion device details refresh [REL-1609]
  • Set Cookies SameSite flag explicitly [REL-1422]
  • Adjust empty state of tables in Portal [REL-2599]
  • Trim attribute names entered in LDAP UI [REL-3005]
  • Fix missing delivered dates for sub actions on Apple devices [REL-3160]
  • Fix clearing of assigned user on application of a Relution shared device configuration [REL-3086]
  • Fix chrome management API incompatibility causing device management software to no longer being deployed on ChromeOS devices [REL-3057]
  • Avoid repeated evaluation and logging of a few database migrations [REL-2440]
  • Fix sorting of columns with specific mappings on PostgreSQL [REL-605]
  • Invalidate the device key on device deletion on all cluster nodes immediately [REL-2497]
  • Fix marking actions as failed for devices not having an MDM push token [REL-2115]
  • Fix deferred initialisation of LDAP connections via application.yml when the organisation does not exist yet [REL-2273]
  • Fix disabled state of public dynamic device group filter query category inputs in child organizations [REL-3186]
  • Improve appearance of Portal header boxes for devices with very long names or serials [REL-2546]
  • Fix device inventory not applying a previously configured filter when navigating back to it [REL-2570]
  • Handle no longer existent VPP app details in the portal more gracefully, so that the user is able to still use the UI [REL#228258] [REL-2592]
  • Fix handling of serial numbers with multiple trailing null terminators on PostgreSQL which some interactive boards are sending [REL-3096]
  • Avoid sometimes once more adding devices to device groups which have been switched from dynamic to static [REL-3042]
  • Fix repeated “Device deleted from x and inserted to 0 groups” message in logs [REL-2631]
  • Fix deletion of specific Windows device from trash [REL-2872]
  • Fix action queue on Windows devices getting stuck if a policy containing a PowerShell script configuration is deployed during enrollment [REL-2582]
  • Avoid logging errors during post-sync actions of LDAP users with duplicated email addresses [REL-2391]
  • Do not report seemingly missing Azure AD settings for system organisation [REL-2455]
  • Fix text overflow in Windows enrollment page [REL-3189]
  • Adjust permission checks for device groups in Portal to avoid running into a forbidden response from server [REL-3179]
  • Make sure to always show an error toast message in Portal when applying an action fails [REL-2511]
  • Fix broken link on user cell in device inventory for devices without an assigned user [REL-3047]
  • Remove gray square in enrollment QR code modal [REL-2040]
  • Fix search field selection when adding policies [REL-2818]
  • Fix possible race condition when stopping lessons not having a weblink assigned [REL-3207]
  • Fix possible race condition during enrollment of Apple devices leading to some actions being delayed [REL-3094] [REL-3204]

Version 5.20.8


  • Clean up actions in terminal state only by default, since the cleanup now happens earlier than before [REL-3030]
  • Use clean up with default expiration instead of short expiration for action types where only one pending, successful and failed action is kept anyway [REL-3030]

Version 5.20.7


  • Clean up device actions more often and earlier by default. By default, actions are removed after 90d, 30d for short-lived types. The clean up by default runs every 15 minutes between 18:00 and 7:00, and deletes up to two times 1000 actions [REL-2832] [REL-2895]
  • Run the clean up of device actions described above also per device when ever an action is put into a terminal state [REL-2894]
  • Keep only the latest pending, successful and failed action of several types per device to reduce size of action history [REL-2603]
  • Fix HTTP method for (not yet used) POST endpoint erroneously being marked as GET [REL-2843]

Version 5.20.6


  • Fix running database migration on MySQL databases caused by a behaviour difference in comparison to MariaDB. Please note: Relution will drop official support for MySQL databases with version 5.22 [REL-2916]
  • Fix expiration notification for the iOS client app push certificate always referencing the legacy client’s certificate [REL-2874]
  • Fix performance issues in APK parsing by adjusting the parser library [REL-2953]
  • Fix rare cases of enrollment of iOS and Windows possibly failing with the message Organization is not the one which user belongs to [REL-2866]
  • Fix updating devices via CSV on instances which are using a PostgreSQL database [REL#228644] [REL-2868]

Version 5.20.5


  • Properly release LDAP connections to pool when done [REL#228488] [REL-2846]
  • Fix deserialisation of selected system apps in lessons and lesson templates [REL#228622] [REL-2845]

Version 5.20.4


  • Handle groups without names in Azure AD sync [REL-2725]
  • Ensure users can still be deleted even if referenced in (auto-)enrollments or devices with the changes in 5.20.2 [REL-2809]

Version 5.20.3


  • Optimize performance and handling of DEP syncs, especially for tokens with a very large number of devices [REL-2778]

Version 5.20.2


  • Resolve performance issue for security provider filter list occurring on instances with a very large number of organizations [REL-2701] [REL-2726]
  • Fix database migration for Android Enterprise device details for old deleted devices [REL-2649]
  • Fix translations of Lost Mode status in filters and CSV exports [REL-2648]
  • Add missing migrations for nullable device user group [REL-1820]

Version 5.20.1


  • Optimise wallpaper configuration and generation handling to reduce memory footprint [REL-2618]
  • Clear the informative userName field of auto enrollments when the user is nulled, and allow enrolling to specific users of a target organisation for store auto enrollments [REL-2606]
  • Avoid excessive creation of change policy actions on macOS devices when a specific, rare set of circumstances comes together [REL-2601]
  • Fix creation of education lessons in Relution Teacher app with no longer existing student users [REL-2588]

Version 5.20.0


  • Support deleting cached users from shared iPads [REL-2444]
  • Add “Return to Service” action for iOS 17 devices [REL-2038] [REL-2514]
  • Use softwareupdate information from declarative device management for devices supporting it [REL-2171]
  • Allow permanently and irreversibly deleting devices from trash, fix cleanup of devices when deleting organisations [REL-2119]
  • Enable enrollment without device user [REL-1818]
  • Add dynamic filter for device groups for IP ranges (CIDR) [REL-1734]
  • No longer create the “Device User” system group, migrate existing ones to standard groups [REL-1820]
  • Optimize memory usage of LDAP connections [REL-1707]
  • Adjust organizational unit mapping for ChromeOS devices [REL-1814]
  • Allow nulling the assigned user instead of using the device user group for devices without an actual user [REL-1819]
  • Add Android Enterprise work profile widget settings [REL-1622]
  • Add WiFi MAC randomisation setting for Android Enterprise WiFi configuration [REL-1621]
  • Support management of installed media (PDFs and ePubs) on supported Apple devices [REL-2137] [REL-1393]
  • Added support to auto-update B2B custom apps on Apple devices [REL-1795]
  • Streamline login process for different combinations of SSO configurations [REL-1646]
  • Support user certificate and certificate templates in Android Enterprise certificate configuration [REL-1529]
  • Add badges for iOS and tvOS 17 to restrictions [REL-2039]
  • Add VS interactive whiteboard policy configuration [REL-1408]
  • Add action to refresh the applied policies on multiple devices in the device inventory [REL-1733]
  • Add DISABLE_DEVICE_NAME_CHANGE feature toggle to disable synchronising the device name on the device itself with the name in Relution for devices supporting it [REL-2426]
  • Support installing Windows Companion on Windows arm platform devices [REL-1335]
  • Support deleting cached users from shared iPads [REL-2444]
  • Renew Apple push certificates, valid until August 2024. The previous ones will expire in February 2024 [REL-2147]
  • Do not wait for LDAP initialisation before marking the application as ready [REL-2429]
  • Run cleanup operations nightly based on a cron schedule instead of in an interval after system start [REL-2395]
  • Prevent deadlocks when saving users when running Relution in a cluster [REL#225904] [REL-2318]
  • Removed all legacy code of CockroachDB support [REL-2325]
  • Users can now also upload .json files to support setting up the start menu layout for windows 11 devices [REL-1758]
  • Adjust order and handling of security filters [REL-2262]
  • Changing the password renders all existing logons invalid, effecting immediate logout on all non-enrolled devices and browsers, so that the new credentials need to be entered [REL-1705]
  • Handle large Windows apps meta data [REL-1109]
  • Add numerical IP address field to make devices sortable and searchable via this property [REL-1823]
  • Serve OpenApi web UI as a standalone webpage in the server [REL-254]
  • Optimize performance when handling MDM requests of Apple devices [REL-2191]
  • OS changes will now be shown in the device history for iOS, Android Enterprise and Windows devices [REL-2175]
  • Add a history entry for a device that was deleted due to DEP re-enrollment [REL-2162]
  • Add device history entry on ICCID change for iOS [REL-2146] [REL-2146]
  • Set connection state of Android Enterprise devices based on the applied state reported by Google [REL-971]
  • Exclude disabled Android Enterprise devices from license count [REL-973] [REL-2462]
  • Switching from a map of strings to utilizing resource messages for translations [REL-2128]
  • Add general user placeholder support for Android Enterprise WiFi configuration [REL-1651]
  • Fix iOS system app icons, removed musicmemos system app [REL-1726]
  • Move device unlock token to device security information [REL-1704]
  • Added new macOS restrictions [REL-1703]
  • Companion for Android Enterprise re-installs missing certificates periodically [REL-1530]
  • Add option to request apps from Microsoft store [REL-2261]
  • Add more keywords to the settings dashboard search to improve search for OIDC, ASM,SFTP and DEP [REL-2172]
  • Re-add the list mode of the settings overview as a optional representation [REL-2225]
  • Support inviting users in non-store organizations into public vpp tokens within their orga [REL-362]
  • Allow configuring synthetic group for LDAP when periodic sync is off [REL-1509]
  • Improve handling and display of Azure AD sync settings in store organisation [REL-2504]
  • Adjust updating user passwords with administrative permissions [REL-2425]
  • Adjust location where the Windows companion stores its files [REL-2194]
  • Allow updating MDM profiles of Apple devices with outdated but still valid server urls [REL-2374]
  • Improve performance of updating Windows Companion sub-actions [REL-2153]
  • Adjust logging of user import service [REL-2246]
  • Allow filtering users and groups by deleted providers [REL-2151]
  • Change provider name for global Azure AD sync [REL-1009]
  • Use system context when distributing apps from store organisation [REL-2042]
  • Prevent assigning non-public permission roles to users or groups of other organisations [REL-1750]
  • Add hint to iOS/iPadOS wallpaper configuration about changed behaviour on iPadOS 17 [REL-2491]
  • Fix cause for “User could not be authenticated: Invalid credentials” if Secure Mail Gateway is active [REL-2447]
  • Fix translations for device action types filter and support multi-select [REL-2382]
  • Show Relution Agent in System certificates dashboard widget instead of legacy system certificate [REL-2453]
  • Fix cloning native Windows app detection rules from store organization to child organizations [REL-1835]
  • Update password log message [REL-2291]
  • Automatic certificate renewal on Android Enterprise now works as expected [REL-2206]
  • Fix enrollment clean up on device deletion [REL-2332]
  • Fix editing of allocation limit per organization in license allocation table [REL#227617] [REL-2316]
  • Fix excessive memory consumption when determining shared device status [REL-1445]
  • Apply time based policies correctly on Android Enterprise devices [REL-2279]
  • vpp tokens can’t be added multiple times to the same organization [REL-249]
  • Fix Android Enterprise devices losing their last location whenever device info is updated, e.g. by a policy update [REL-1213]
  • Prevent recreating synthetic groups with every LDAP sync in some cases [REL#225933] [REL-1843]
  • Fix whitelisting of web clips and auto-deployed apps for merged App compliance configurations containing at least one blacklist [REL#226711] [REL#227506] [REL-1861]
  • Do not display version and permission mappings tabs for incompatible ‘Web clip’ app type [REL#227716] [REL-2379]
  • Fix detection of macOS 14 devices on the enrollment landing page [REL-2319]
  • Fix value for device inventory Shared iPad column [REL-2333]
  • Fix crash in Android Enterprise work profile passcode configuration, when the selected type is Complex [REL-2303]
  • Fix crash in Android Enterprise device passcode configuration, when the selected type is Complex [REL-2303]
  • Ensure that the login as organization administrator ignores deactivated administrators [REL#227377] [REL-2275]
  • Fix overflow of texts in selection chips [REL-2117]
  • Display iOS WiFi configuration EAP details for published policy versions [REL#227354] [REL-2197]
  • Fix disabled state of the available apps for selected items of the iOS Homescreen Layout configuration iPhone layout [REL#227220] [REL-2159]
  • Fix refresh data button in device lending list [REL-2012]
  • Fix updating Windows native apps when also modifying detection rules [REL-2482]
  • Adjust display of Android Enterprise connection status when no communication has been triggered yet [REL-2465]
  • Adjust device group counts displayed in portal to exclude deleted devices [REL-2485]
  • Automatically update display of MSI detection rules after editing them [REL-2481]
  • Fix deferred initialisation of LDAP connections via application.yml when the organisation does not exist yet [REL-2273]
  • Adjust handling of DeviceStatusChangedEvent to avoid misleading log messages [REL-2313]
  • Fix migrating the store organisation to device groups when using SQL server [REL-2331]
  • Fix handling of importing new VPP books to avoid misleading error log messages [REL-2242]
  • Avoid unnecessary loading of user and group roles [REL-2035]
  • Improve handling of very long orga names in organisation switcher [REL-1886]
  • Ensure to commit the transaction clearing resource content in SQL database after migrating to external storage [REL-2555]

Version 5.19.5


  • Optimized memory usage for the LDAP connector [REL-2032] [REL-2133]
  • Bound cluster communication to local port 7800 instead of a random port [REL-2317]

Version 5.19.4


  • Allow login for LDAP users with non-matching user DN [REL-2270]

Version 5.19.3


  • Set default location permissions of Agent on managed Android Enterprise devices based on COD location settings and allow to override default Agent settings with a manage apps configuration [REL-1829] [REL#225955] [REL#227344]
  • Resolve potential performance issue of database migration for 5.19.0 [REL-2202]
  • Add missing permissions to Portal dynamic role configuration view and make settings visible for users having only LDAP settings permissions [REL-2195]
  • Display iOS WiFi configuration EAP details for published policy versions [REL-2197] [REL#227354]

Version 5.19.2


  • Adjust imprint floating behaviour on login page [REL-2185]
  • Adjust allowed checksums for liquibase changes for instances with PostgreSQL or SQL Server which had 5.19.0 installed before [REL-2154]
  • Fix SQL Server failing to acquire device group lock due to FOR UPDATE clause allowed only for DECLARE CURSOR [REL-2165]

Version 5.19.1


  • Fix failing of database migration to duplicate entries in filter_holder_acl table which should not exist on productive systems. Migration was updated so that this defect is dealt with appropriately [REL-2154]

Version 5.19.0


  • Support Android Enterprise devices in Secure Mail Gateway by identifying them as Android devices and add the placeholder ${device.exchangeDeviceId} for managed configuration [REL-909]
  • Allow blocking users automatically after a configurable set of consecutive failed login attempts [REL-693]
  • Add support for IP blocking in system organization [REL-1199]
  • Add script configuration for Windows [REL-1329]
  • Add action to locate Windows devices [REL-1469]
  • Add default permission roles in the system organization. The system groups created automatically for each organization now get these permission sets attached [REL-1480]
  • Support setup of OIDC single sign on via Portal, also server wide via store organization [REL-840] [REL-841]
  • Display deleted and withdrawn devices in a separate device view [REL-1198]
  • Display all devices of the server in the device inventory of the store organization [REL-1375]
  • Add dynamic links to navigate from the Dashboard to the data sources [REL-1613]
  • Show information about the assigned user in device inventory list [REL-1591]
  • Add support for VPN on demand rules to additional VPN types [REL-1421]
  • Throw explicit error when trying to access Relution using a login cookie without SSL when not originating from localhost and cookie secure flag setting now depends on how the client accesses the Relution server. Correct setup of reverse proxy forward headers is required [REL-1766]
  • Remove message prefix in the action message column of the action table in a device [REL-1478]
  • Add deep link to windows landing page and use access token for login page [REL-1565]
  • Add option to use placeholders in script content [REL-525]
  • Display warning when Azure group could not be synced because group with same name already exists [REL-1007]
  • Keep only the latest pending, successful and failed education action of each device to limit excessive growth of device action history [REL-1371]
  • Simplify VPP app association for single device to improve performance [REL-1611]
  • Display the configured privacy policy of the server on the enrollment landing page during an Apple enrollment [REL-1644]
  • Prevent triggering additional VPP syncs when encountering error 9646 (too many requests) [REL-1760]
  • Simplify parsing in Relution SCEP servlet [REL-790]
  • Display supplemental build version in iOS system details [REL-1349] [REL-1771] [REL-1860]
  • Remove unknown ownership column from device management settings [REL-1477]
  • Apply Angular Material Design Components (MDC) migration [REL-1496]
  • Remove modes from location sharing from Android Enterprise policies that are no longer supported by Google [REL-1586]
  • Use locally served GAPI scripts instead of loading it from remote [REL-1866]
  • Restrict the selection of dynamic permission roles to permissions which are available in the organization of the role [REL-1871]
  • Add support for additional WiFi EAP modes for Android Enterprise [REL-356] [REL#224386]
  • Support deployment of AE WiFI EAP TLS certificates [REL-1497] [REL#225686] [REL#226256]
  • Restrict LDAP UI feature to paid licenses [REL-1789] [REL-1790]
  • Perform automated VPP app updates on all Apple platforms [REL-1652]
  • Use Apple product name for ‘model’ column content on CSV export [REL-1583] [REL#226423]
  • Rename installed app list column name ‘Publisher’ to ‘Managed App’ [REL-1849]
  • Filter data received on cluster port before deserialization [REL-2136]
  • Fix LDAP UI incorrectly using the teacher’s search scope for classes and never setting the teacher’s search scope [REL-1841]
  • Attempting to sign in with invalid credentials is logged as a warning again [REL-1756]
  • An installer (msi/exe) writing a single new line to Standard Error is no longer treated as a failed uninstallation [REL-1224]
  • Allow legacy Relution clients to update device details [REL-1459]
  • Fix LDAP connection check without a port, because the server incorrectly used 386, instead of 389 as default [REL-1616]
  • Do not query for activation lock bypass code on Shared iPads as it is not applicable in this case [REL-1832]
  • Certificate Authority or Certificate Template update delete does not delete issued certificates [REL-1884]
  • Immediate update of dynamic device groups filtering on device name [REL-900]
  • Add drag and drop delay to list column selectors on mobile devices, to allow scrolling and dragging via the same gesture [REL-1403] [REL#226035]
  • Fix update of device names via CSV [REL-1526]
  • Update underscoreJS to fix CVE-2021-23358 in enrollment landing page [REL-1730]
  • Fix handling of Android Enterprise system update configuration start and end time fields [REL-1827] [REL#226800]
  • Enable ‘Add’ button in installed apps list for iOS and macOS user enrolled devices [REL-1849]
  • Fix display of editing a device name in the device inventory [REL-351]
  • Add missing icon label to the add shortcut action [REL-677]
  • Remove unsupported filter type ‘BuiltIn’ from macOS Web Content Filter configuration [REL-687] [REL#224941]
  • Fix clear selection button when editing assigned user of a device [REL-1619]
  • Fix null as CN of Apple device identity certificates for devices enrolled with legacy certificates. Also fixes repeated unnecessary MDM profile updates [REL-2125] [REL#227063]
  • Android agent is correctly auto-deployed when native iOS agent is present in store [REL-2009]
  • Avoid unnecessarily reapplying currently inactive policies when refreshing device information [REL-2122]

Version 5.18.2


  • Support usage of Relution client apps on enrolled devices with users requiring MFA [REL-1620]
  • Fix failure of LDAP UI connection checks for non-LDAPS connections without an explicitly specified port. The server incorrectly used 386, instead of 389, as default [REL-1616]
  • Remove orphaned entries in role, user and group tables to ensure migration of organization column works as expected, especially on long-running Relution servers [REL-1625] [REL#226517]
  • Fix restoring certificates previously marked as deleted in settings [REL-1629]

Version 5.18.1


  • Resolve a potential performance issue when accessing the security_group_members_view introduced with 5.18.0 [REL-1588]
  • Fix automated deployment of Relution Files when having a Files configuration but no required app [REL-1582] [REL#226421]
  • Fix filter menu header overlapping first filter [REL-1585]

Version 5.18.0


  • Mark Java below 17 as deprecated and adjust requirements and installation guide [REL-1257]
  • Add option configure LDAP connections via UI [REL-1511]
  • Add public dynamic permission role support in the store organization [REL-1373]
  • Add option to enable and retrieve the activation lock bypass code on supervised iOS/iPadOS and macOS devices [REL-1140] [REL-1144]
  • The impersonation of arbitrary users available to the system administrator using the portal UI can now be disabled by setting in application.yml configuration [REL-1063]
  • Set default location permissions of Companion on managed Android Enterprise devices based on COD location settings [REL-1436] [REL#225955]
  • Allow to override default Companion for Android Enterprise settings with a manage apps configuration [REL-1436]
  • Display compliance violation details for Android Enterprise restrictions configurations [REL-1037]
  • Add option to enforce bluetooth in lessons [REL-1102]
  • Add action to enable or disable bluetooth on iOS or macOS devices [REL-1149]
  • Configure log levels via Relution API [REL-1195]
  • Configure certificate and key via new signer properties and support standard certificate formats [REL-946]
  • Log stack trace on ERROR level by default [REL-1197]
  • Drop app-installation repeat logic for un-managed apps to force app-updates. [REL-1328]
  • Add option to specify JWT secret key and signature algorithm via configuration properties. When no secret is specified, servers create an ES512 key pair automatically on first start. For existing servers this will happen immediately after update, so that they benefit from improved security. As a consequence users need to authenticate and are asked for credentials. [REL-1411]
  • Display the enrollment type and platform in the device header box [REL-1067]
  • Display the external ID at the device information page of Windows and Android Enterprise devices [REL-1262]
  • Update portal dependencies to Angular 15 [REL-1359]
  • Add badges for AP7 only features in the Promethean configuration [REL-690]
  • Execute policy assignments in sequential mode, to avoid deadlocks on SQL server [REL-1274]
  • Use BYTEA instead of OID data type on PostgreSQL for and sso_login_request_state.request [REL-511]
  • Avoid Apple devices having broken identity certificates after restoring from a time machine backup [REL-1062]
  • LDAP correctly accepts alternate names for ldap-base (ldapBase, ldap_base), manual mappings, synthetic groups and group roles [REL-1038]
  • Correct database transaction boundaries in periodic cleanup operations and some other cases [REL-1178]
  • Fix the iOS VPN configuration payload generation, when it defines a specific provider type [REL-1276] [REL#225610]
  • Set MFA status correctly after unimpersonation [REL-1282] [REL#225832]
  • Fix stopping of education lesson with deleted course [REL-1348]
  • Adjust device inventory database view (mdm_dvc_view) to match correct set of devices on Aurora, MySQL and MS SQL Server [REL-1449]
  • Fix OS names in device header box for Android Enterprise devices [REL-1067]
  • Fix LDAP group selection for rule set action modal. [REL-1230]
  • Fix clearing the selection of LDAP users or groups for rule set action modal. [REL-1230]
  • Fix LDAP group selection in the user details form [REL-1242]
  • Adjust displayed version in policy applied on devices view [REL-1277]
  • Sorting by version column in policy applied on devices view [REL-1277] [REL#225238]
  • Fix dialog actions not being visible on desktop screens which are zoomed to 125% [REL-1283] [REL#225832]
  • Fix saving of fields when editing an app [REL-1284] [REL#225840]
  • Fix access to home organization details for mulit-tenant user in system organization [REL-1311]
  • Deactivate delete action for externally provided courses [REL-1406]
  • Fix the search icon size in Android Enterprise managed app configuration, and add missing translations [REL-375]
  • Android Enterprise Home Screen Layout light and dark theme are applied when no wallpaper is defined [REL-1564] [REL#226352]

Version 5.17.5


  • Show local login option also on the organization login page [REL-1476] [REL#226247]
  • Always display the correct SAML2 provider name [REL-1476] [REL#226247]

Version 5.17.4


  • Allow to override default permissions of the Companion for AE on managed devices with a Manage Apps configuration [REL-1423]
  • Fix login and token handling, especially for users requiring MFA [REL-1404] [REL-1411] [REL#226085] [REL#226086] [REL#226093]
  • Ensure LDAP connections revert to correct bind context after user authentication errors [REL-1414]
  • Adjust redirect handling during user registration [REL-1420]

Version 5.17.3


  • Fix wrong MongoDB database name if connection string is used [BR-11479]

Version 5.17.2


  • Allow users of other organizations, to login via the custom login screen of the store organization, during the DEP login process [REL-1327] [REL#225885]

Version 5.17.1


  • Use the updated designated VPN identifier from app to VPN mapping when installing managed apps [REL-1297] [REL#225863]

Version 5.17.0


  • Allow configuring scheduled activation and deactivation of policies [REL-849]
  • Add support for exporting and importing dynamic permission roles via JSON files [REL-952] [REL-953] [REL-1026] [REL-1027]
  • Create a Home Screen Layout Configuration for Android Enterprise devices when starting a lesson [REL-684]
  • Add setting to disable users after a configurable amount of consecutive failed login attempts [REL-851] [REL-852]
  • Show a script history for latest script execution results and errors [REL-958]
  • Keep the latest IPv4 address devices connected from and the country the address is associated to, and add a history entry when this country changes [REL-703] [REL-704] [REL-705]
  • Add a dashboard widget displaying devices grouped by country based on the latest known IP address and roaming status [REL-701]
  • Display ICCID and roaming status in device inventory and device details [REL-698]
  • Support user CSV import in system organization [REL-1025]
  • Show organization specific login page during DEP login process instead of the generic login page [REL-947]
  • Update design of settings overview including adding a keyword-sensitive search [REL-371]
  • Renew Apple push certificates, valid until February 2024. The previous ones will expire in October 2023 [REL-654]
  • Allow configuring login management settings of the system organization [REL-890]
  • Show that Windows Companion is not supported on Windows Home edition and do not try to install it or trigger actions only available with it [REL-896] [REL-981]
  • Add notification if the used Java version is deprecated and will soon be no longer supported [REL-950]
  • Add auto update mode to Android Enterprise Policy [REL-375]
  • Save large script execution output as a separate resource [REL-402] [REL-866]
  • Display the installed certificates in the device information page for macOS and tvOS devices [REL-1069]
  • Add setting to disallow guest sessions on a Shared iPad to iOS/iPadOS restrictions [REL-895]
  • Add new Android Enterprise configuration to manage Always-On VPN [REL-373]
  • Add new Android Enterprise configuration to configure a personal profile on a managed device [REL-386]
  • Add auto update mode setting to Android Enterprise App compliance policy [REL-749]
  • Add preferential network service settings to Android Enterprise restrictions [REL-383]
  • Add stay on plugged modes and maximum time to lock for Android Enterprise kiosk configuration [REL-827] [REL-828]
  • Replace deprecated microphone disable, camera disable and auto date and time zone settings in the Android Enterprise Restriction configuration [REL-378] [REL-380]
  • Add encryption policy property to Android Enterprise Advanced Security Overrides configuration [REL-381]
  • Show details of health status for users with SYSTEM_HEALTH permission, also when using an access token [REL-1121]
  • Adjust VPNUUID value for Apple per app/account VPN configurations to optimize behaviour during policy changes [REL-1147]
  • Let the device base info endpoint /api/v1/devices/baseInfo now also use the inventory database view which leads to slight changes in the response model [REL-275]
  • Allow configuration of setup modes in the WiFi configuration for macOS [REL-1118]
  • Improve the performance of the installed app list of devices [REL-590]
  • Add general endpoint to enable cancellation of internal actions for users with the respective permission [REL-600]
  • Update Spring Boot to 2.7.8 which includes support for Java 17 [REL-74]
  • Reduce WARN log messages for VPP assignment failures [REL-806] [REL#225066]
  • Update enrollment settings since Google no longer enforces a 90 day limit for Android Enterprise enrollments [REL-1116]
  • Optimize display of policy status in device compliance details [REL-264]
  • Show the current version of the Windows companion in the Settings and make Processor architecture in device details easier to read [REL-555]
  • Display the username field in Apple WiFi configurations when only TLS is selected as EAP type [REL-977] [REL#225413]
  • Automatically provide organization unique name on organization specific login page to bind login to the given organization [REL-990]
  • Show Android classic devices having a given public app installed even though deployment is not supported in this case [REL-1045]
  • Make connect timeout and response timeout for LDAP configurable in application.yml [REL-1225]
  • Resiliently handle broken content-type response header of in secure mail gateway [REL-992]
  • Ensure that a DEP account with too long meta data can still be created [REL-1091] [REL#225598]
  • Remove extra license checks in courses API [REL-920] [REL#225354]
  • Fix permission check in CSV device import [REL-843] [REL#225037]
  • Fix Query Device Info messages stuck on state “Delivered” for some Windows Devices [REL-869] [REL#225180]
  • Allow configuring column dimensions of license allocation table [REL-959] [REL#223574] [REL#225292]
  • Fix loading of large app metadata for Windows Store apps [REL-870] [REL#225159]
  • Ensure Windows wallpaper text placeholders will be replaced correctly [REL-533]
  • Prevent displaying out-dated Azure AD sync results [REL-575]
  • Support triggering refresh device information action via Relution Agent on Android Enterprise [REL-798]
  • Disable affiliation changes for courses synchronized via LDAP [REL-820]
  • Fix the disabled state of the setup guide Policy configured step [REL-998]
  • Ensure that the state of the device policy reflects the compliance violation state of the device [REL-1175]
  • Fixed deletion dialog in device inventory [REL-799]
  • Reduce default connect timeout for LDAP to ensure health check doesn’t block indefinitely [REL-1225]

Version 5.16.8


  • Remember authentication of SingleSignOn provider [BR-11274]

Version 5.16.7


  • Make pub/sub able to gracefully handle intermittent loss of database connectivity [REL-963]
  • Optimized SQL query to retrieve the type of the last delivered action for a device [REL-986]
  • Resiliently handle broken content-type response header in secure mail gateway [REL-992]

Version 5.16.6


  • Work around an issue where the Android Management SDK fails to serialize a device returned by itself when disabling devices [REL-908]

Version 5.16.5


  • Generate device certificates based on a given CA or intermediate certificate with key without using an external certificate authority [REL-559]
  • Attach device to new enrollment on re-activation to ensure lookups work as expected [REL-902]

Version 5.16.4


  • Ensure all Android Enteprise device models enrolled with COPE are not non-compliant due to keyguard restrictions [REL-874]
  • Ensure Android Enterprise devices running old Android versions do not get non-compliant due to unsupported app permissions [REL-876]

Version 5.16.3


  • Acknowledge incoming Android Enterprise enrollment requests when trying to enroll devices with deleted enrollments to prevent Google from sending the message again [REL-867]
  • Optimize rare case where Android Enterprise compliance violation detail status updates where not acknowledged to prevent Google from sending the message again [REL-867]

Version 5.16.2


  • Reintroduce Android Enterprise status handling for expired enrollments or confirmed deleted devices disabled in 5.16.1 without triggering any device deletion [REL-845]
  • Ensure Android devices with work profile are not subject to enforcement rules they cannot comply with [REL-845]
  • Ensure the update OS action is shown in all device action lists [REL-861]

Version 5.16.1


  • Do not delete Android Enterprise devices when Google sends enrollment messages for existing but no longer valid enrollments [REL-603]

Version 5.16.0


  • Support for MFA with TOTP or email on user login in Relution Portal. Can be enabled in settings and required for users having specific roles. Support in the Relution clients will be added with one of their next releases [REL-127] [REL-317] [REL-318] [REL-477] [REL-480] [REL-481] [REL-517] [REL-516] [REL-518] [REL-519] [REL-696]
  • Support reboot and shutdown action on macOS devices [REL-186] [REL-188]
  • Add 802.1X Global Ethernet configuration for macOS [REL-197]
  • Add support for viewing and managing all lessons. With the upcoming release of Relution Teacher, users with the required permissions will be able to see an overview of all lessons, including a history of each lesson, and to modify or finish still running lessons [MDM-25182] [REL-336] [REL-337]
  • Allow managing PowerShell scripts in Relution and executing them on Windows devices [REL-405] [REL-410] [REL-412] [REL-413] [REL-414] [REL-428] [REL-578]
  • Add refresh cellular plans action for iOS (eSIM) [REL-454]
  • Show and allow editing course membership in user edit form [REL-424] [REL-502]
  • Add Windows SharedPC configuration [REL-393]
  • Added getting started guide [REL-81] [REL-82]
  • Support PKCS12 certificates by Windows WiFi and VPN [REL-504]
  • Use database view for device base info endpoint to enable sorting for additional columns in device inventory and improve its performance [REL-275] [REL-616]
  • Add Freeform to known iOS System Apps [REL-528]
  • Allow declaring required permissions in a more streamlined way [REL-580]
  • Remove legacy Windows device reactivation [REL-352]
  • Use organization’s default language as fallback to search public app store [REL-196]
  • Support forgot-password feature in clustered installations by sharing state using the database [REL-220]
  • Remove implementation and database entities concerning legacy disabled app signing and publishing feature [REL-364]
  • Report additional database, operating system and Relution configuration parameters when requesting license information [REL-390]
  • Add support for formatting 22H2 Windows versions for display [REL-452]
  • Add Preserve Data Plan option to wipe action for iOS [REL-455]
  • Download native client apps, e.g. Windows companion, earlier after system start by default [REL-521]
  • Prevent that the user filter for push notifications is persisted since for customers with many users it could grow pretty huge [REL-532]
  • Do not set login date for impersonated users [REL-631]
  • Enhance Secure Mail Gateway preparing for future Java updates and offering better performance [REL-77]
  • Improve cluster performance with JGroups version 5.2.11.Final. Also upgrade stack protocols and switch to asynchronous I/O transport [REL-78]
  • Set default values for block delay to 20 days and wipe delay to 30 days for Android Enterprise instead of Google’s implicit default of 3 and 10 days [REL-644]
  • Support configuring auto-deployments in the details of web link apps [REL-305]
  • Relution properly handles Android Enterprise communication when Enrollment is no longer valid [REL-603]
  • Properly handle character sequences applying XML-output escaping when creating property lists for iOS device configurations. This corrects an issue when using ampersand in passwords, for example. [REL-308] [REL#224075]
  • Always set the scope of imported policies to non-public [REL-556] [REL#224716]
  • Do not remove client app from Relution Shared Device when lesson is finished [REL-713] [REL#224805]
  • Use commandline arguments on MSI installment via app compliance [REL-715] [REL#224953]
  • Fix execution of automated background actions for iOS System Updates configuration [REL-602] [REL#224694] [REL#224523]
  • Add support for Message action on iOS user enrolled devices [REl-482] [REL#224514]
  • Do not log premature client-side connection aborts, incl. any I/O errors caused by the client disconnecting while the response was partly transfered already. Both cases indicate normal webserver operation [REL-219]
  • Ensure LDAP users can log in again after being unlocked and emit additional diagnostic when authentication magic value is missing [REL-221]
  • Fix calculation of MD5 checksum for resources stored in Azure Blob Storage [REL-592]
  • Fix count of migratable Android devices when using a branded agent [REL-636]
  • Fix disable state of “Password for outgoing email server” in iOS Email configuration [REL-486]
  • Fix and unify stepper icons [REL-557]

Version 5.15.2


  • Fixed the issue that a large number of devices were stored in RAM, resulting in an OutOfMemoryError: Java heap space [BR-10270] [BR-10462]

Version 5.15.1


  • Fix issues with Shared iPad caused by a possible bug in iPadOS on devices running iPadOS 16+ [REL-537] [REL#224195] [REL#224310]
  • Fix PostgreSQL reporting the error “Cannot change transaction isolation level in the middle of a transaction” in some cases [REL-473]

Version 5.15.0


  • Deploy the Windows Companion on enrolled devices and support tasks like installing apps, executing scripts and more [MDM-23016]
  • Allow teachers to logout shared devices participating in their lesson. The feature will be available in Relution Teacher app soon [MDM-24909] [REL-141]
  • Change OS version filter in device inventory to allow selecting multiple versions [MDM-24990]
  • Start polling device actions if the device user has changed via device header box [MDM-25485]
  • Extend wipe action for macOS devices [REL-128]
  • Adjust action state after successful withdraw action on apple devices [REL-128]
  • Remove DISABLE_JWT_AUTHENTICATION feature toggle and unused session handling logic [MDM-25436]
  • Adjust iOS agent migration when specific feature toggles are enabled [REL-191]
  • Ensure to always send education updates [REL-200]
  • Remove redundant compliance history entries for remote logout of shared devices and adjust the text of the entries. [REL-228]
  • Discontinue query parameter versionNameLocaleFallback of api/v1/content/apps/baseInfo [REL-256]
  • Improved the UI feedback of the policy deletion process [MDM-25190]
  • Add option to refresh the device history [MDM-25418]
  • Ignore work profile passcode configuration on fully managed devices [REL-222] [REL#223727]
  • Avoid adding the supervision host certificate to remote profiles more than once to ensure robustness when multiple DEP accounts are used [MDM-25497]
  • Handle SQL server delivering query results as integer instead of long for action metrics [REL-340]
  • Trigger Companion refresh info action on Windows app installation, and skip unnecessary queries [MDM-25337]
  • Fix exception when Android classic clients confirm the default app compliance configuration [REL-255]
  • Fix clearing of app version mappings in the store organization [MDM-25357] [REL#223978]
  • Fix App permission mapping view showing bug reporter when users are removed [MDM-25358] [REL#223978]
  • Fix UTF-8 encoding of uploaded .mobileconfig files in the Apple Configurator 2 configuration [REL-247] [REL#224168]
  • Fix possible rendering crash of tabs under Safari 16.1 on macOS Ventura [REL-292] [REL-224]

Version 5.14.1


  • Adjust username field to be case insensitive on PostgreSQL during login [REL-269]
  • Improve robustness of health check [REL-296]
  • Extend logging of progress when migrating details JSON data [REL-297]
  • Optimize details JSON column data migration to run once per device and table only [REL-299]
  • Handle publisher names with more than 255 characters for installed apps on Windows devices [REL-301]
  • Exclude expired Android Enterprise enrollments having an account identifier from the one-time migration process [REL-300]
  • Fix exception that can occur during health checks when formatter is re-used by multiple threads [REL-306]

Version 5.14.0


  • Add macOS update configuration [MDM-24376]
  • Add monitoring metrics regarding Relution database operations, device actions, web requests, DEP, VPP, Autopilot and Azure AD [MDM-24583] [MDM-24585] [MDM-24589] [MDM-24590] [MDM-24591] [MDM-24828]
  • Add configuration for scheduled logout to Relution Shared Device policy [MDM-24621] [MDM-24619]
  • Allow teachers to logout students on shared device in the active lesson when deactivating them or finishing the lesson [MDM-24622]
  • Add support for Relution Shared Device login via access token based QR codes [MDM-24739] [MDM-24736]
  • Automatically retry to subscribe for VPP notifications in background if the subscription state is failed [MDM-24882]
  • Provide case-insensitive search and login using the proprietary ILIKE operator on PostgreSQL databases [MDM-25318]
  • Validate passwords also in Portal during password reset [MDM-24806]
  • Reduce the response time for VPP test notifications sent during the subscription process [MDM-24882]
  • Add android classic policy for additional interactive whiteboard devices [MDM-25071]
  • Ensure showing the app name in action details when the Relution Agent is deployed during enrollment [MDM-24106]
  • Add EAP option to inner authentication for iOS and tvOS Wi-Fi configuration [MDM-25199]
  • Support sorting additional device inventory columns, e.g. Wi-Fi MAC, lost mode status or Shared iPad [MDM-24732]
  • Adjust and clean up log messages according to log level definition [MDM-24899]
  • Add again automatic refresh of the status of installing apps after triggering an installation on Apple devices. Feature was disabled with 5.13.1 due to performance issues on some databases [MDM-25078] [MDM-25076] [MDM-24122]
  • Add human-readable product names of new Apple devices [MDM-25109]
  • Improve error responses for cases where no error code was present [MDM-25110]
  • Always ping devices in ping interval regardless of last connection date so that device details are updated at least once per ping interval [MDM-25319]
  • Redesign history views [MDM-22891] [MDM-22892]
  • Set initial zoom level of maps to a more sensible value when a location is known [MDM-24778]
  • Adjust tooltip position of action menu in lists to not block another element with which a user can interact [MDM-25176]
  • Change order of uninstall parameters and path for .exe files [MDM-25202]
  • Make version code read-only in most cases [MDM-25202]
  • Automatically focus the input field for the username or password on the login page [MDM-24952]
  • Fix duplicate key errors when fetching VPP entity details for inconsistend VPP data [MDM-25159]
  • Fix automated fetching of metadata for existing public store apps [MDM-25326] [REL#223899]
  • Fix possible race condition when enrolling Windows devices and directly assigning a policy caused by not yet available push token [MDM-25449] [REL#223974]
  • Allow teachers to access VPP license base info so the legacy iOS teacher console can still be used with default permissions [MDM-25455]
  • Ensure at least the Settings app is always whitelisted for devices in an active lesson [MDM-25018] [REL#223426]
  • Generate form-data bodies in OpenAPI [MDM-25050]
  • Fix the certificate field extractor for long values [MDM-25145]
  • Ensure not yet managed apps are updated correctly for iOS devices [MDM-25227] [REL#223434]
  • Handle case when Apple device reports installed app without name, fallback to identifier [MDM-25372]
  • Fix the automatic reset of the encryption type when the SSID is changed in the Windows Wi-Fi configuration [MDM-24934]
  • Fix Windows Wi-Fi configuration layout in case any Personal encryption type is selected [MDM-24935]
  • Fix tvOS Wi-Fi configuration layout and add option to toggle the password visibility [MDM-25022]
  • Adjust icon in menu updates when side navigation opens/collapses [MDM-25048]
  • Fix possible null reference error when accessing iOS/macOS device details [MDM-25129]
  • Remove duplicate toast message, when the deletion of an enrollment fails [MDM-25175]
  • Ensure selecting or removing certificates in the iOS exchange configuration always opens certificate modal [MDM-25234]
  • Fix display of some compliance violations in rule-sets [MDM-25303]
  • Fix highlighting of the current active main menu entry [MDM-25305]
  • Disable save button until the required apps are fully loaded in iOS and macOS app compliance views [MDM-25317] [REL#223909]
  • Fix login via “organization\username” format in Portal [MDM-25368]
  • Skip invalid accounts during DEP sync [MDM-25498]
  • Polices applied to Windows devices during enrollment no longer cause invalid noncompliance state [REL-177]
  • Avoid adding the supervisioning host certificate to remote profiles more than once to ensure robustness when multiple DEP accounts are used [MDM-25497]

Version 5.13.5


  • Deploy the custom galneoscreen Relution agent also for galneoscreen 9 devices during migration instead of the default agent [MDM-25112]

Version 5.13.4


  • Fix DEP profile lookup for auto-enrollments in store organization using authorization and default profile device name and distributing to other organizations [MDM-25128] [REL#223539]
  • Speed up home screen layout editor for Android Enterprise devices by querying installed apps by platform of specific organization only [MDM-25173]
  • Avoid periodically logging failures when repeatedly trying to reach Android devices having outstanding ping actions [MDM-25177]
  • Fix visibility of location tab for iOS devices which are in the new lost mode states [MDM-25178] [REL#223665]

Version 5.13.3


  • Ensure a value is set for lost mode in auto-enrollments, to avoid entries not to be shown in Portal due to filtering [MDM-25105] [REL#223539]
  • Fix downloading supervision certificates with tenant users belonging to a different organization [MDM-25118] [REL#223594]
  • Fix display of device details when OS update information is not up-to-date [MDM-25129] [REL#223611]

Version 5.13.2


  • Fix an issue preventing iOS/iPadOS devices from receiving new policy versions when they have an enabled iOS update configuration as part of the policy [MDM-25083]

Version 5.13.1


  • Even though the version used by Relution was not affected, update Apache Commons Text to 1.10 due to CVE-2022-42889 [MDM-25077]
  • Disable automatic refresh of the status of installing apps after triggering an installation on Apple devices due to performance implications on some databases, which has been added with 5.13.0. Will be re-introduced once they are resolved [MDM-25076]

Version 5.13.0


  • Enable the new permission system. Custom sets of permissions can now be defined via Relution Portal and assigned to groups and users [MDM-20013]
  • Support multiple DEP accounts per organization [MDM-23979]
  • Support per-user certificates for S/MIME signing and/or encryption in iOS Email and Exchange configuration [MDM-22832]
  • Automatically trigger MDM profile update to update the signer certificate of Apple devices to avoid showing a warning on the device [MDM-22899]
  • Automatically enable lost mode after DEP device reset if enabled before [MDM-24118]
  • Automatically refresh the status of installing apps after triggering an installation on Apple devices [MDM-24122]
  • Generate and configure an MDM supervision identity when enrolling new DEP devices. The identity can be downloaded from Relution and imported into Apple Configurator to allow connecting to devices even if pairing is disabled [MDM-24173]
  • Dynamically adjust the Apple education configuration on devices when starting a lesson with an ad hoc class [MDM-24247]
  • Add macOS OS Update action and configuration [MDM-24374] [MDM-24376]
  • Add macOS System Policy Control configuration [MDM-24513]
  • Renew Apple push certificates, valid until October 12th, 2023. The previous ones will expire on May 1st, 2023 [MDM-22876]
  • Validate the state of BitLocker configurations on “Refresh device info” and add compliance violations if necessary. [MDM-24230] [REL#222393]
  • Prevent timeout when publishing a ruleset version [MDM-23759]
  • Prohibit updating a DEP token with a token from a different MDM server [MDM-23959]
  • Handle duplicate VPP notifications [MDM-24406]
  • Optimize performance when updating information about installed apps on Windows devices [MDM-24804]
  • Extended macOS accounts configuration with mobile account configuration [MDM-24512]
  • Omit auto-enrollment synchronization for DEP accounts that are not linked to an Apple Business or School manager account [MDM-24762]
  • Migrate storage configuration properties in application.yml to a new human-readable structure. The legacy format and environment variables are still supported [MDM-22557]
  • Prevent selecting teachers as students of ad hoc lessons [MDM-24925]
  • Update Apple education configuration also on inactive or non-compliant devices since the restriction preventing this is no longer necessary [MDM-24989] [REL#223386]
  • Restore the certificate resource reference of the iOS certificate configuration [MDM-24764]
  • Ensure metadata of remaining certificates is updated even when a certificate in store is expired or cannot be processed [MDM-24761]
  • Fix authentication problem with Relution-Agent and Teacher-Console app for Android-Enterprise if more than one Manage Apps Configuration is present [MDM-24984] [REL#223280]
  • Allow saving users without email imported by LDAP in Portal [MDM-25016] [REL#223280]
  • Adjust links to Relution documentation to point to for native packages [MDM-24763]
  • Fix updating the domain or password of a Windows Exchange policy leading to an unintended compliance violation [MDM-24418]
  • Disable chips delete if configuration is disabled [MDM-24298]
  • Fix modal validation when creating lost mode actions for iOS devices [MDM-24572]
  • Fix enabling the personal hotspot on iOS devices when the action is triggered via Portal [MDM-24665] [REL#222900]
  • Fix No policy filter option in device inventory [MDM-24780] [REL#223087]
  • Fix and enhance organization search in store organization [MDM-24819] [REL#223162]
  • Fix an issue preventing users with few permissions from installing Play Store apps through the Relution agent on Android Enterprise devices [MDM-24982]

Version 5.12.2


  • Support compression when setting application.yml via environment variables in cloud scenarios [MDM-24705]
  • Fix display of license views when using system organization based licensing [MDM-24706]
  • Fix database migration failing when encountering unexpected invalid references in database [MDM-24704]

Version 5.12.1


  • Fix issue preventing import of Windows Store Apps due to breaking changes in the Windows Store API [MDM-24597]
  • Fix issue preventing a login via a SSO provider during a DEP enrollment on macOS [MDM-24613]
  • Fix database schema migration on PostgreSQL [MDM-24605]
  • Fix issue which caused duplicate group creations during a LDAP synchronization [MDM-24617]
  • Fix issue when a new LDAP user tries to login, that not all group memberships are resolved [MDM-24639]

Version 5.12.0


  • Deploy Relution Agent for Android Enterprise devices [MDM-23697]
  • Allow enrolling Autopilot auto enrollments from the store organisation into other organisations [MDM-23356] [MDM-23906]
  • Add Android Enterprise home screen layout configuration to configure Relution Home Screen app [MDM-23415]
  • Provide active branding to client apps over managed configuration [MDM-23898]
  • VPP tokens uploaded to the store-organisation will be publicly available in all other organisations [MDM-23827]
  • Show an error in the notification center if Android Enterprise communication has issues [MDM-23838]
  • Make it possible for Android and Windows devices to download native apps assigned via policies without the explicit need for general app store access [MDM-23970]
  • Use built-in APNS push credentials to handle push notifications for the Relution Agent [MDM-24049]
  • Use web views supporting single-sign on accounts for DEP authentication and shared device login [MDM-24240] [MDM-24241]
  • Add new field to the Android Enterprise Work profile passcode configuration to define if a separate passcode for the work profile is required [MDM-24324]
  • Add new restriction flags for iOS 16 and macOS 13 devices [MDM-24476]
  • Automatically try to reassign VPP licenses whenever deployment actions get retried [MDM-24454]
  • Add the count of open actions and last connection date to lesson device information [MDM-24209]
  • Persist additional meta data when parsing certificates [MDM-22995]
  • Optimize education updates and removals for Apple devices [MDM-23478]
  • Make DEP accounts in store organization global by default [MDM-23725]
  • Allow customizing the external VPP notification URL via relution.vpp.notificationUrl [MDM-23974]
  • Separate roles from authorities to comply with new permission schema in current authorization response [MDM-24032]
  • Set actions to error when no push notification could be sent for Windows devices [MDM-24258]
  • Consider action priorities when processing Windows actions [MDM-24258]
  • Use Gigabyte instead of Gibibyte based conversion for cache limit in macOS content caching configuration [MDM-24269]
  • Always activate users synchronized through LDAP even when deactivated on Relution side; users that should not be able to sign in need to be disabled in LDAP instead [MDM-24467]
  • Enable reset password action on android enterprise devices with personal profile [MDM-22661]
  • Adjust colors of enrollment page for Windows devices [MDM-23595]
  • Require the name field of an app version only for the default language [MDM-23619]
  • Add more filter options to the device history [MDM-24348]
  • Hide Windows paid apps from search results [MDM-23622]
  • Change styles of enrollment landing page dynamically, if needed [MDM-23595] [REL#221602]
  • Fix creation of organizations when administrator password does not conform to password policy [MDM-23127]
  • Apple education configuration updates no longer fail if a user is configured as both teacher and student in different courses [MDM-23790]
  • Updating a course as Content Manager updates the education configuration on the devices of the users involved. [MDM-23760]
  • Fix the first Relution Agent deploy action failing with LicenseNotFound error when enrolling a device with DEP [MDM-23954] [REL#222092] [REL#222025]
  • Fix error responses not providing an error code in some rare cases [MDM-24107]
  • Ensure license restrictions for servers where the system organization has an education or enterprise license are checked correctly [MDM-24128]
  • Ensure next synchronization date no longer incorrectly shows never after manual AzureAD device synchronization [MDM-24163]
  • Update Windows UpdatePush action to error, if it fails several times, with confurable retry count [MDM-24196] [MDM-24196]
  • Fix sample app import for new organizations created via a tenant user [MDM-24473]
  • Allow Windows platform to download file for action [MDM-24009]
  • Fix deletion of rule actions [MDM-23758] [REL#221630]
  • Fix unintended clearing of policies when extending enrollments [MDM-23811]
  • Fix unintended duplication of version constraints, when switching between app versions [MDM-24100]
  • Fix license information menu entry ignoring permission when the user switches between tenants [MDM-24249] [REL#222392]

Version 5.11.4


  • Allow disabling Clustering support on network or even service layer via configuration for restricted network environments [MDM-24131]
  • Fix issue preventing apps to be installed with VPP via Relution iOS agent and legacy client [MDM-23960] [REL#222264]
  • Avoid a possible issue in cluster channel initialization when also having a lot of LDAP connections [MDM-24145]
  • Fix issue in the smart board configuration preventing to configure lock screen on specific boards [MDM-24144]
  • Fix handling of pagination for requests currently preventing CSV export in some scenarios [MDM-24149] [REL#222294]

Version 5.11.3


  • Assign VPP license to devices early when creating a deploy app action [MDM-23960] [REL#222264]
  • Retry deploy app actions automatically after a short period of time when they fail with a LicenseNotFound error [MDM-23961] [REL#222033]
  • Include new authorities in well-known system permissions to improve performance when loading groups [MDM-24016]
  • Fix Relution Agent deploy action possibly failing once when enrolling an iOS device [MDM-23954] [REL#222092] [REL#222025]
  • Do not perform unnecessary multiple re-installations in rare case when an app appears to be stuck in installation [MDM-24025]
  • Add vertical scrolling for confirmation step in Apply action modal for multiple devices [MDM-23939]

Version 5.11.2


  • Display a message that explains that installation of the new Relution Teacher App after iOS client migration must happen manually. This can also be done with an App Compliance configuration [MDM-23849]
  • Fix SSO login button, when single sign on is active for a specific tenant [MDM-23858]
  • Fix default value of client migration on Microsoft SQL Server [MDM-23856]

Version 5.11.1


  • Optimize descriptions and translations for iOS client app migration wizard [MDM-22700]
  • Optimize handling of client migration on devices with a Relution shared device configuration [MDM-23791]
  • Fix display of organization push certificates in Portal after migrating to Relution Agent for iOS [MDM-23700]
  • Fix logout on shared devices for users which do not have any permissions [MDM-23798]

Version 5.11.0


  • Use the new Relution iOS apps for new organizations as a default and allow existing organizations using the public Relution app to migrate to them via the settings view [MDM-22700] [MDM-22705] [MDM-23118]
  • Allow making DEP configuration public in the store organization, so auto-enrollments can be assigned to other organizations [MDM-23332]
  • Use Json Web Tokens for session handling [MDM-23578]
  • Add user impersonation for system administrators using Json Web Tokens [MDM-20138]
  • Save and show the most recent synchronization result of Azure AD device sync, user sync and group sync [MDM-22818]
  • Add scheduled automated synchronization of Windows Autopilot devices [MDM-22929]
  • Renew Apple push certificates, valid until May 1st, 2023. The previous ones will expire on November 30th, 2022 [MDM-22876]
  • Automatically renew the Apple device SCEP CA and device certificates issued by it before it expires, default starting 180 days before expiration [MDM-22742]
  • Extend the Azure AD configuration wizard and allow checking the azure ad configuration on the fly while configuring it [MDM-22819] [MDM-22817]
  • Provide information about the most recent logged in Azure AD user on Autopilot devices [MDM-22936]
  • Make parsing of PKG files for macOS distribution more permissive to support more PKG formats [MDM-22288]
  • Automatically clean-up app history and device compliance history entries, per default after two years [MDM-22711] [MDM-22713]
  • Save Apple education configuration per device, no longer per action [MDM-22769]
  • Assign default groups to teachers & students imported from LDAP even when no courses can be created [MDM-22802] [REL#22820]
  • Even if Relution is not affected, add mitigation for Spring4Shell as suggested by the Spring team as an additional safeguard [MDM-23193]
  • Disable app signing by default unless the feature toggle APP_SIGNING is set since it is due to be removed [MDM-23458]
  • Use the Azure AD User Principle Name field for the Relution user email when importing users [MDM-23552]
  • Show the SSID for tvOS Wi-Fi configurations as name in tables [MDM-22814]
  • Use unified field names for user and groups and device CSV import and export [MDM-23061] [MDM-23060]
  • Show additional information in the VPP user and VPP license assignment views [MDM-23143] [MDM-23187]
  • Synchronization errors no longer trigger post-sync actions, which could incorrectly delete users [MDM-22991][REL#221066]
  • Fix manual LDAP sync in cluster environments not running when connected to a secondary node [MDM-23125]
  • Fix applying a policy in a tenant organization, when the policy contains a Relution Shared Device configuration [MDM-23249] [REL#221342]
  • Fix being stuck on login page because of missing permissions after page redirect [MDM-22783]
  • Fix organization icon in the portal header not refreshing after switching the organization [MDM-23530] [REL#221485]
  • Fix background transparency of information box in the DEP settings [MDM-23551]
  • Fix device custom fields only being displayed when the settings were loaded before [MDM-23130] [MDM-23721] [REL#221759]
  • Fix print view in Portal [MDM-23247]

Version 5.10.1


  • Use new Microsoft Store endpoints to fetch meta data of Windows public apps [MDM-23642]

Version 5.10


  • Use Apple VPP v2 API including real-time notifications for updated data [MDM-22114]
  • Execute high priority actions (e.g. enable lost mode, reset passcode, locate device) before regular actions for Apple Devices [MDM-22708]
  • Add support for Windows Autopilot enrollment [MDM-21897]
  • Add properties to Windows Antivirus configuration to improve scheduling defender scans [MDM-22563]
  • Make helpdesk link configurable via [MDM-22915]
  • Make imprint link configurable via [MDM-22917]
  • Add configurable privacy policy and EULA links which will be used instead of the previous privacy policy setting [MDM-22586] [MDM-23126]
  • Support user-defined custom device properties names as column header names in the CSV import for auto-enrollments and devices [MDM-22916]
  • Add full S/MIME support for iOS Mail configuration [MDM-22602]
  • Add custom JSON code for Android Enterprise to enroll a device via a Zero Touch profile. [MDM-23040] [REL#22979]
  • Add MDM-initiated auto-renewal of Apple device identity certificates [MDM-22656]
  • Disallow spotlight internet results for students in exams [MDM-22812]
  • Prevent starting on Oracle databases with a human-readable error message since Oracle is no longer supported [MDM-22099]
  • Extend ping action clean-up [MDM-22268]
  • Allow Relution client in iOS App Compliance under required apps and allowed apps [MDM-22390]
  • Refine API usage and permissions for listing groups and users [MDM-22808] [MDM-22804]
  • Reduce log output when SMG is configured [MDM-22810]
  • Optimize SQL queries used when checking for pending app or webclip installations [MDM-22908]
  • Remove the extra enabled state for categories [MDM-22986]
  • Remove supporting for deploying apps onto devices enrolled in other MDMs [MDM-23013]
  • Remove URL shortener setting which is no longer used [MDM-22677]
  • Allow updating the Apple MDM profile on devices with a legacy MDM server URL when triggered from the devices [MDM-22895]
  • Allow entering multiple search values into search bar [MDM-21477]
  • Adjust default values for new Windows Firewall configurations [MDM-22575]
  • Include original language name in profile language selector [MDM-22657]
  • Reduce network traffic when publishing a policy version [MDM-22734]
  • Adjust icon style of the state column in the sub action list [MDM-22752]
  • Allow uploading user certificates on profile page [MDM-22813]
  • Adjust email validation when updating existing user [MDM-22947]
  • Show Windows version name instead of build number in the device header box [MDM-22934]
  • Add managed app configuration to Relution Teacher when is deployed to iOS devices [MDM-22704]
  • Add new setting to deploy Relution Agent for iOS instead of legacy client [MDM-22706]
  • Force HTTPS for configured external URL [MDM-22710]
  • Fix education being removed from a device prematurely when the user only had indirect class memberships left [MDM-23132] [REL#221150]
  • Fix issue with installation of required apps in tvOS App Compliance configuration [MDM-22840] [REL#22914]
  • Fix deletion of users with user certificates [MDM-22883]
  • Fix “Elevation prompt for standard users” option for Windows Local Device Security confguration [MDM-23072] [REL#221192]
  • Fix device filter when searching for devices without a policy [MDM-22945] [REL#221055]
  • Handle the update case of Windows Exchange configuration [MDM-22177]
  • Remove existing compliance violations for Windows configurations that are deleted but not applied on the device [MDM-22568]
  • Set name, description and custom properties for a Windows device from enrollment, unless reactivation is enabled [MDM-22573]
  • Fix server startup when the system administrator was removed [MDM-22811]
  • On Relution Shared Devices, when a user is logged in, enable only the Relution client and Settings if no apps are whitelisted [MDM-22898]
  • Abbreviate long name and artist name for VPP publications to avoid errors when these values are excessively long [MDM-22941] [REL#221043]
  • Do not add Windows store apps without an internal name [MDM-23173]
  • Distinguish between Windows 11 and Windows 10 in the version name [MDM-22850]
  • Fix template for Apple User Enrollment configuration shown in settings [MDM-22111]
  • Adjust DEP profile status filter to avoid receiving false positive results [MDM-22803]
  • Make sure selecting configuration types in the configuration list now always navigates to configuration details [MDM-22827]
  • Clearing the position field in the user profile raises an exception [MDM-22992]
  • Allow resizing the columns in the VPP synchronization history view [MDM-23010]
  • Optimize initial performance and fix pagination counts of app selectors [MDM-22997]
  • Access of content manager permission to user and group view [MDM-23105] [REL#221228]

Version 5.9.2


  • Fix pub/sub not working as expected in cluster environments after registration for Android Enterprise in some cases [MDM-22690] [REL#22750]
  • Fixed an issue with handling no longer valid VPP tokens that could lead to VPP synchronisations being blocked [MDM-23000] [REL#221095]
  • Fix device filter when searching for devices without a policy [MDM-22945] [REL#221055]
  • Abbreviate long name and artist name for VPP publications to avoid errors when these values are excessively long [MDM-22941] [REL#221043]

Version 5.9.1


  • Assign public policies of store organisation DEP auto-enrollments to enrolled devices [MDM-22823] [REL#22813]
  • Extend logging of LDAP services [MDM-22824]
  • Fix display of “location” tab for locatable devices [MDM-22503] [MDM-22776] [REL#22603] [REL#22801]
  • Fix basic auth login, e.g. during DEP authentication, when the password starts with the basic auth separator character (colon) [MDM-22824]
  • Fix navigation bar entries [MDM-22800]

Version 5.9


  • Support for user enrollment of macOS devices [MDM-21927]
  • Support account-driven user enrollment for Apple devices [MDM-22343] [MDM-22111] [MDM-22529] [MDM-21749]
  • Add VPN type “Custom SSL” to iOS/macOS VPN configuration [MDM-22183]
  • Synchronize users, groups and their members from Azure AD [MDM-21382]
  • Synchronize Windows Autopilot devices [MDM-21896]
  • Manage auto enrollments for Windows Autopilot devices [MDM-22508]
  • Reactivate Windows devices [MDM-22419]
  • Use local short URLs for manual enrollments instead of external URL shortening [MDM-22641]
  • Add Spanish, French, Italian and Turkish as supported languages to the enrollment landing page [MDM-22556]
  • Allow managing pre-installed apps not available in Play Store in Android Enterprise configurations by entering their package name [MDM-21686] [RS-4549] [RS-7101]
  • Prioritize “Lost Mode”, “Reset Passcode”, “Wipe” and “Withdraw” actions for Apple devices. [MDM-22370] [REL#22235] [REL#22517]
  • Recreate Android Enterprise enrollments that still use a user account identifier automatically [MDM-22595]
  • Use name of a category’s default language as fallback for other languages [MDM-22387]
  • Search devices by UDID [MDM-22519]
  • Add Android Enterprise managed configuration for Relution Agent [MDM-22250]
  • Automatically install Relution Teacher Console alongside SCM on Android Enterprise devices of teachers with a Samsung Classroom Management configuration [MDM-21406]
  • Ignore policies specified in a DEP auto-enrollment when the device is enrolled in a different organization (system-wide DEP) [MDM-22166] [RS-7858]
  • Allow specifying ownership for auto-enrollments [MDM-22295] [RS-5709]
  • Base docker images on AlmaLinux 8 instead of CentOS 8, since CentOS Linux 8 has reached End Of Life (EOL) on December 31st, 2021 [MDM-22385]
  • Do not send push notifications to Apple devices when they are detected as being in-active [MDM-22388]
  • Ensure MDM profile of devices with disabled signature validation is also renewed [MDM-22534]
  • The education certificates will be checked and, if need be, fixed automatically if the last education deployment action failed with a specific certificate error [MDM-22660]
  • The enrollment validation date for Android Enterprise can only be chosen up to 89 days in the future since Google does not allow a longer period of time [MDM-22208]
  • Add missing Windows edition badges in the Restriction policy configuration [MDM-22276]
  • Remove deprecated calendar domains, contact domains and mail domains from Apple VPN configuration [MDM-22381]
  • Optimize the filter query in iOS app compliance configuration [MDM-22481] [REL#22337]
  • Hide remove app action for windows until device and user scope is fully supported [MDM-22571]
  • Persist how a policy was assigned to a device (auto-assignment, enrollment, manual) [MDM-21786]
  • Adjust S3 Connector to handle partial downloads correctly which improves the performance [MDM-22554]
  • Prevent additional automated re-install actions for devices when another action is already pending [MDM-22394] [REL#22257]
  • Create an app history entry when the version number of a public app changes [MDM-22482] [REL#22376]
  • Fix rendering of Android Enterprise managed configuration editor in various cases [MDM-22511]
  • Fix activation of URL blocklist setting in Samsung Classroom management app configuration [MDM-22392]
  • Fix exporting and importing policies as multi tenant user [MDM-22536] [REL#22346]
  • Fix update behaviour of Windows certificate configuration [MDM-22170]
  • Fix update behaviour of Windows update configuration [MDM-22179]
  • Hide details of persistence exceptions and show generic message instead regardless of user permissions [MDM-22269]
  • Add missing checks for Windows versions and editions to Windows restriction configuration [MDM-22310]
  • Manually created add/remove shortcut actions for Shared iPads and macOS [MDM-22528] [REL#22404]
  • Fix installation of missing apps on iOS devices when being triggered by a PING action [MDM-22560] [REL#22478]
  • Do not pre-fill user phone number when editing enrollments [MDM-22322]
  • Hide empty entry for device serial number in device header box [MDM-22371]
  • Inviting VPP users again after having removed them once already [MDM-22375]
  • Prevent showing an empty three dots menu if the user selects an item on the VPP synchronization history page [MDM-22431]
  • Truncate x-axis label of charts to avoid flickering [MDM-22533] [REL#22437]
  • Fix disappearing of multi tenant switcher after switching tenant with a text search active [MDM-22562] [REL#22483]
  • Fix unintended removal of multiple policies when assigning DEP profile in auto enrollment list via the short action [MDM-22601] [REL#22464]
  • Allow editing the ownership state of a device with ownership state unknown [MDM-22644]

Version 5.8.1


  • Even though Relution does not use Log4j for logging, update log4j-api again to the newly released 2.17.0 with respect to CVE-2021-45046 and CVE-2021-44228 [MDM-22301]

Version 5.8


  • Automatically register managed AppleIDs with VPP when enrolling devices with Apple User Enrollment [MDM-22017]
  • Automatically associate VPP licenses to assigned users of Apple User Enrollment devices when apps are installed [MDM-22018]
  • Display if Apple devices are currently in “Not now” state [MDM-22252]
  • Enable public policies for Android Classic [MDM-21732]
  • Show all available network adapters on Windows devices in device details [MDM-21962]
  • Add Spanish, French and Italian translations [MDM-22149]
  • Support managing associated apps in the details of app categories [MDM-21902] [RS-6802] [RS-6848]
  • Show all supported app platforms for newly added or refreshed public apps for Apple platforms [MDM-21721]
  • Remove Beta badge for iOS User-Enrollment [MDM-22018]
  • Even though Relution does not use Log4j for logging, update log4j-api to 2.15.0 and always enable formatMsgNoLookups as a default with respect to CVE-2021-44228. Also update the Splunk logging dependency so it no longer bundles log4j-core [MDM-22301]
  • Show user assigned VPP licenses in details of user enrolled devices [MDM-22193]
  • Allow filtering apps and app requests by categories [MDM-21901]
  • Add iOS system apps “Magnifier” and “Translate” for selection in app compliance and home screen layout [MDM-22104]
  • Extend known Apple product names for new devices [MDM-22155]
  • Register VPP users with managed Apple IDs without inviting them via mail [MDM-22156]
  • Optimize retrieval of installed and managed apps of Android Enterprise devices [MDM-22207] [RS-7940]
  • Enable Per-App-VPN configurations for iOS User Enrollment [MDM-22241]
  • Optimize installed app list in device details [MDM-21353]
  • Remove the option to create unsupervised devices via DEP enrollment since it is no longer supported in iOS 13+ [MDM-21985]
  • Remove no longer available app download count from apps list and app version details and remove most downloaded apps widget from dashboard [MDM-22041]
  • Hide already selected apps from multiple app selection lists [MDM-22052]
  • Adapt Windows email configuration [MDM-22110]
  • Hide private Android Enterprise apps when adding apps from Google Play [MDM-22137]
  • Display VPP licenses also for newly added apps in required apps list [MDM-18978]
  • Fix upload of files in specific multi tenant environments [MDM-22303] [RS-7980] [REL#22050]
  • Fix Windows Email configuration [MDM-21849]
  • Fix icon retrieval and display for Microsoft Store apps [MDM-21854] [MDM-22004]
  • Fix handling of compliance violations for Windows configurations in general and especially for the Windows app compliance [MDM-21960]
  • Fix sending notification mails concerning keystore expiration [MDM-22012]
  • Prevent adding Microsoft Store apps multiple times by using different country stores [MDM-22057]
  • Remove support of Windows 10 Home Edition in Windows update configuration [MDM-22154]
  • Do not set the app package name in Windows app compliance policy configuration for public apps from the Windows store [MDM-22047]
  • Fix upload button alignment when creating apps [MDM-22077]
  • Fix importing policies [MDM-22157]
  • Fix saving of certificates in tvOS Wi-Fi config [MDM-22164]
  • Allow changing device ownership according to organization settings [MDM-22180]
  • Fix translation of iOS restriction Allow USB connection while locked [MDM-22253]
  • Fix using user’s phone number as a default when creating new enrollments [MDM-22254] [RS-7991]
  • Add redirect for link format used in app request mail notification [MDM-22277] [RS-7966]

Version 5.7.3


  • Display the most recently used communication channel with a Windows device in device details [MDM-22261]
  • Show if Windows deploy app and remove app actions belong to user or device scope [MDM-22261]
  • Avoid blocking windows actions on device scope due to user scope being blocked [MDM-22206] [RS-7938]

Version 5.7.2


  • Optimize performance of Android Enterprise status report processing and exclude Android system apps from installed app list [MDM-22214]
  • Make Android Enterprise status report handling more robust [MDM-22171]

Version 5.7.1


  • Clean up duplicate entries from the device lending settings table automatically [MDM-22165]
  • Fix importing of policies from exported files [MDM-22157]
  • Remove invalid search results from Microsoft Store search instead of throwing an error [MDM-22108]
  • Fix an issue with Android Enterprise status reports when the Relution store contains the same app twice (public and native) [MDM-22171]

Version 5.7


  • Allow making policies public in the store organisation, so all organisations on the server can use them. Currently Android Enterprise, iOS/iPadOS, tvOS and macOS policies are supported. [MDM-21503]
  • Make it possible to install Play Store apps on Android Enterprise with an action by dynamically adjusting a device’s policy [MDM-21119]
  • Make it possible to hide notifications from the notification center [MDM-21484]
  • Add support for cron schedules in LDAP synchronization [MDM-21636]
  • Enable configuration of cross profile communication for managed apps on Android Enterprise devices [MDM-21718]
  • Make it possible to enforce iOS app uninstallation on MDM profile removal in server properties [MDM-21892] [RS-7290]
  • Enabled customized icon arrangement for Android Kiosk mode [MDM-21893]
  • Don’t allow the user of a user enrolled device to be changed [MDM-21910]
  • Add support for starting an ASM SFTP sync manually in the settings page [MDM-21925] [RS-6868]
  • Add a Windows local device security options configuration [MDM-21471]
  • Add settings for setup assistant account creation for macOS devices to DEP profile support, which allows creating MDM-controlled local administrators [MDM-21490]
  • Allow changing the password of MDM-controlled local administrator accounts on macOS via an action [MDM-21496]
  • Allow powering off interactive whiteboards via the reboot action [MDM-21923]
  • Activate device lending system [MDM-22058]
  • Add filter for hiding none existing apps to VPP apps list [MDM-21634]
  • Add new iOS 15.1 restriction allowMailPrivacyProtection to iOS restrictions configuration [MDM-22002]
  • Show sub actions of actions in device details [MDM-21872]
  • Make assigning of modified DEP profiles run asynchronously to make updates faster for profiles assigned to a large number of devices [MDM-21510]
  • Support multiple access tokens per device [MDM-21541]
  • Extend the lesson schedule settings to include configuring days on which lessons are held [MDM-21632]
  • Replace deprecated black and white list with deny and allow list for devices with iOS 15 or above [MDM-21670]
  • Display more details for Android Enterprise app policy compliance violations [MDM-21728] [RS-7106]
  • Optimize performance when saving education courses [MDM-21857]
  • Always show the store organization in the tenant organization switcher [MDM-21935]
  • Extend tooltip for allow simple password checkbox in Windows passcode configuration [MDM-21955]
  • Display policy export report [MDM-19798]
  • Improve handling of database exceptions [MDM-21432]
  • Remove “Screen resolution”, “Phone” and “IMEI” and “Wi-Fi MAC” information from Windows device details since they are not available for Windows devices [MDM-21729] [MDM-21865] [MDM-21886]
  • Extend hint shown in the Windows global proxies configuration [MDM-21832]
  • Add label and url of “Add Shortcut” actions to tooltip in device action list [MDM-21870]
  • Allow cancelling actions in “push sent” state for Apple devices [MDM-21873]
  • Display day of week selection as a toggle button group [MDM-21903]
  • Make sure the profile name of Windows VPN configurations is unique inside a single policy [MDM-21926]
  • Make sure the SSID of Windows Wi-Fi configurations is unique in a policy [MDM-21926]
  • Ensure that in case of multiple Windows Wi-Fi or VPN configurations with the same identifier only the one with the highest priority is applied on the device [MDM-21954] [MDM-21956] [MDM-21984]
  • Improve display of battery level values [MDM-21931]
  • Improve Windows BitLocker configuration and set additional fields validators [MDM-21939]
  • Extend hint for iOS home screen layout configuration [MDM-21951] [RS-7503]
  • Allow using the user’s email address as a placeholder in Windows email configuration [MDM-22009]
  • Avoid prematurely verifying the MDM signature certificate as a side effect when retrieving it for the Apple MDM signature verification [MDM-22101]
  • Make handling of challenge passwords cluster save even in scenarios without IP tables [MDM-22010]
  • Truncate action comment field to ensure that the comment does not exceed the database limits [MDM-21924] [RS-7476]
  • Fix VPP synchronization error on servers with more than 2,100 licenses when using Microsoft SQL Server [MDM-22027]
  • Prevent deploying multiple Wi-Fi configurations with the same SSID on Apple devices [MDM-21743] [RS-7150]
  • Prevent duplicated mails for rules when Relution runs as cluster [MDM-18737] [RS-4744]
  • Prevent web-links from being added as required apps in Android app compliance configuration [MDM-20352] [RS-4523]
  • Use the lesson schedule time zone when checking if a lesson can be started [MDM-21632]
  • Handle delivery confirmed not as finished state for actions [MDM-21817]
  • Prevent that Windows Wi-Fi configurations are applied on devices that do not have a Wi-Fi adapter attached [MDM-21834]
  • Change app management on Windows 10 devices by using the user scope instead of the device scope [MDM-21841]
  • Prevent deploying Windows apps that do not have a package family name [MDM-21847]
  • Retrieving public app icons from Microsoft Store [MDM-21854]
  • Fix copying of Apple Configurator 2 configuration from store organization to other organizations [MDM-21930]
  • Remove password enabled checkbox from Windows passcode configuration [MDM-21955]
  • Add missing validations for Windows passcode configuration [MDM-21955]
  • Support all locales for Windows app store [MDM-22006]
  • Prevent the cross-profile communication setting from being applied on Android Enterprise devices with an incompatible enrollment type [MDM-22016]
  • Prevent uploading files that are not images in the app details screenshots and icon sections [MDM-21845]
  • Display per app vpn section even if configuration is not editable [MDM-21862] [RS-7352]
  • Fix checkbox states not being displayed correctly when removing policy from auto enrollments [MDM-21881] [RS-7389]
  • Add enabled option for status bar handling in Android Enterprise Kiosk Mode configuration [MDM-21942]
  • Fix a race condition that might lead into browsers default language being selected over the one selected in the user profile [MDM-21961]
  • Remove emojis that are not processable for Windows configurations or actions [MDM-21838]

Version 5.6.5


  • Fix race condition on Shared Device sign in, causing the Relution app to incorrectly detect no user and ask for credentials again [MDM-22039] [RS-7561]

Version 5.6.4


  • Make the dynamic delay used in the MDM push queue configurable via relution.push.queue properties and adjust default values [MDM-22029]

Version 5.6.3


  • Optimize handling of events in various additional services in cluster environments [MDM-21947]

Version 5.6.2


  • Optimize handling of events in education service in cluster environments [MDM-21947]
  • Fix possible error in Apple MDM signature validation when multiple concurrent requests arrive at the same time [MDM-21958] [RS-7521]

Version 5.6.1


  • Fix broken Android Enterprise Work Profile enrollment which used an erroneous setting for personal usage since 5.6 [MDM-21944]

Version 5.6


  • Add enrollment setting to allow creating personal profiles on fully managed Android Enterprise devices [MDM-21800]
  • Add Windows local device security policy [MDM-21284]
  • Add allow personal usage setting for Android Enterprise enrollments [MDM-21716]
  • Allow removal of teachers, when they are referenced in a lesson or lesson template [MDM-20712] [RS-5508] [RS-6810] [RS-5421]
  • Allow custom separator for CSV files [MDM-21547] [RS-6781]
  • Extend MDM signature validation for Apple devices [MDM-21639] [MDM-15205] [MDM-21212]
  • Add support for Windows 10 to Secure Mail Gateway [MDM-20142] [MDM-20137] [MDM-21654] [MDM-21676]
  • Allow configuring when to send push notifications to devices on compliance state changes [MDM-21542]
  • Show cancel button always in the VPP token dialog [MDM-20732]
  • Do not report Android Enterprise devices as non-compliant when a device reports an app as not installed with the reason in-progress [MDM-21607] [RS-6040]
  • Recreate APNS client periodically to ensure a stuck client does not block push messages indefinitely [MDM-21612]
  • Update APNS client to the latest version which fixes channel clean-up after exceptions [MDM-21612] [RS-6882]
  • Update APK file parser to allow parsing of additional Android app configurations [MDM-21679] [RS-7102]
  • Display a hint if the old password is not correct during password change request [MDM-21474]
  • Optimize UI of Android Enterprise Kiosk Mode configuration [MDM-21646] [RS-7017] [RS-7018] [RS-7019] [RS-7020]
  • Update text for Android Enterprise Wi-Fi restrictions to better describe what is being disabled [RS-7192]
  • Fix updating devices via CSV [MDM-21652] [RS-7046]
  • Never enforce Relution client single app mode for Apple Shared iPad devices since it is not supported [MDM-21672] [RS-7055]
  • Do not block server startup until could be reached [MDM-21475]
  • Prevent that devices which are no longer matching the Secure Mail Gateway restrictions are sending additional requests to synchronize emails, contacts etc. [MDM-21668]
  • Rename SMTP parameter TTLS to STARTTLS, but allow incorrect spelling for backwards compatibility [MDM-21674]
  • Fixed a rare deadlock in pub/sub that could result in subscriptions no longer being polled [MDM-21717]
  • Fix app upload with two different apps if the first upload was aborted [MDM-20916]
  • Fix column alignments in several modals [MDM-21454]
  • Do not ask for the old password of a user, when the system administrator or the organization administrator tries to override the password [MDM-21474]
  • Clear all selected elements on all pages on hitting “clear selection” [MDM-21476]
  • Set current start page explicitly to dashboard for the user when he accepts terms and conditions for the first time [MDM-21605]
  • Set correct OS version filters in device inventory [MDM-21660]
  • Deactivate prohibited actions on public policies in standard organizations [MDM-21693]
  • Show a confirmation for successfully triggered deploy app actions [MDM-21706]
  • Fix deploying Windows apps via the “Installed Apps” tab in device details [MDM-21706]
  • Remove phone number validation in the user details [MDM-21735] [RS-7253]
  • Do not affect the search result when clearing search values [MDM-21737]
  • Fix saving of LDAP users without email address [MDM-21779] [RS-7164]
  • Remove required validator on server proxy PAC URL field in tvOS WiFi [MDM-21858] [RS-7412]

Version 5.5.5


  • Prevent a possible race condition for Shared iPads in guest mode leading to their action queue waiting until the next login [MDM-21804]

Version 5.5.4


  • Disable automatic update of iOS/iPadOS/tvOS managed apps for outdated management flags setting as a default. Can be enabled again by setting to true [MDM-21487]

Version 5.5.3


  • Always use device based Google accounts instead of user accounts when enrolling Android Enterprise devices to avoid the 10 devices per user limit [MDM-21733] [RS-6041]
  • Fix slow requests on systems with many Apple devices and profiles due to a missing database index [MDM-21739] [RS-7242]

Version 5.5.2


  • Fix processing error if full sensor data or position estimate batches are completely outdated [BR-2416]

Version 5.5.1


  • Fix an issue with Deploy and Remove App actions on Windows devices which are setting the action state to Error although the (de-)installation is still in progress [MDM-21610]

Version 5.5


  • Add support for certificate templates and user specific certificates to Android Enterprise Wi-Fi configuration [MDM-21304]
  • Add kiosk mode configuration for Android Enterprise fully managed devices [MDM-19518] [MDM-19519]
  • Add DNS settings configuration for iOS and macOS [MDM-21489] [RS-6167]
  • Add macOS content caching configuration [MDM-21488]
  • Add Windows wallpaper configuration [MDM-21273]
  • Display known Apple product names in a readable format (e.g. iPhone 12 instead of iPhone13,2) [MDM-21231]
  • Add new iOS 15 restrictions to iOS restrictions configuration [MDM-21431]
  • Extend iOS and macOS device details with information about active user accounts [MDM-21495]
  • Use already existing Android Enterprise device if it matches the device identifier of a newly enrolled device [MDM-21434]
  • Do not prevent data migration of managed apps on iOS and tvOS to new devices via device backup by disabling automated uninstallation on MDM profile removal [MDM-21487]
  • Count delivered actions as open actions for devices [MDM-21527]
  • Allow requested apps in released status in teacher console [MDM-21531] [RS-6744]
  • Reduce logged warnings when fetching files on Microsoft SQL Server [MDM-21537]
  • Clear device location data when lost mode is disabled [MDM-21561] [RS-6831]
  • Extend list of known Windows editions [MDM-21608]
  • Add filter for devices without a policy [MDM-21361]
  • Show tooltip for Android Enterprise enrollment type if Android Enterprise is not set up [MDM-21478]
  • Display homescreen layout editor by default [MDM-21519]
  • Allow editing search field badges [MDM-21577]
  • Add missing iOS 14.5 restrictions tooltips [MDM-21535]
  • Allow every user to access their home organization, even when not member of the “User” group [MDM-21153] [MDM-21385] [RS-6518] [RS-6650]
  • Fix duplicate and missing history entries for Android Enterprise devices [MDM-21417]
  • Fix app compliance configurations on Windows 10 devices which prevented other configuration within the same policy to be applied [MDM-21601]
  • Fix deploying and removing certain apps on Windows 10 devices [MDM-21610]
  • Fix pagination and sorting in the list “Devices with this app” [MDM-21536] [MDM-21552]
  • Fix error when LDAP server does not return a group member attribute (e.g. Novell eDirectory) [RS-6874] [MDM-21571]
  • Fix persisting pinning state of navigation bar [MDM-21352] [RS-6253] [RS-6424]
  • Fix saving of Android Enterprise managed app configuration after filtering [MDM-21526]

Version 5.4.2


  • Generated Wi-Fi payload for apple devices with type enterprise WPA2 and enterprise WPA3 [MDM-21562] [RS-6728]

Version 5.4.1


  • Exclude empty bundles and arrays from managed app configurations for Android Enterprise [MDM-21473] [RS-6682]
  • Improve rendering of Android Enterprise Managed App Configurations which do not follow Google’s specification [MDM-21472]

Version 5.4


  • Support bulk enrollments with provisioning packages for Windows devices [MDM-21110]
  • Restrict allowed lesson time frame to lesson schedule when enabled in organisation settings [MDM-18332]
  • Managed app configurations for Android Enterprise are now merged when multiple policies are applied [MDM-20962]
  • Add 3 new fields to the iOS restriction configuration for iOS 14.5+ devices [MDM-21298]
  • Verify whether iOS device has published policy versions applied when device refresh completes and update if needed [MDM-21302]
  • Update device name and user via CSV upload in device inventory [MDM-21326] [RS-3906] [RS-4726] [RS-4870] [RS-6137] [RS-6363]
  • Add Windows Antivirus configuration [MDM-20792]
  • Add Windows Licensing configuration [MDM-21054] [MDM-21044]
  • Add Windows version/edition badges for all actions and configurations [MDM-21182] [MDM-21291]
  • Add iTunes ID and bundle identifier columns to purchased apps list [MDM-21296]
  • Add filter in user list to filter by direct group memberships [MDM-21297]
  • Add “created by” column in enrollment list [MDM-21354] [RS-6431]
  • Reduce log messages on WARN level when fetching file content fails because of stream abortion [MDM-21263] [RS-5859]
  • Allow update of MDM profile if device certificate is expired [MDM-21349]
  • Extend “devices with this app” list in app details with columns containing general device information [MDM-21396]
  • Display device serial number in basic device information [MDM-21362] [RS-6159]
  • Adjust error code message to clarify that the action can not be cancelled any more as the device is already performing it [MDM-19686] [RS-4208]
  • Merge first column and context menu in all table views [MDM-21305]
  • Display the configuration name in the policy list of a device [MDM-21346] [RS-6425]
  • Adjust color of app history comments to black instead of light grey [MDM-21370]
  • Display restricted Play Store mode hint for Android Enterprise restrictions configuration [MDM-21416]
  • Remove duplicate translation files from i18n folder [MDM-21436]
  • Always re-apply policies on log in on Apple Shared iPad [MDM-21325] [RS-6375]
  • Fixed a race condition for rules that could prevent scheduled actions from being canceled when a previously inactive device became active again [MDM-21113] [RS-6091]
  • Creation of new policy versions no longer fails completely if a single configuration is invalid [MDM-21265] [RS-6268]
  • Fixed an error that could leave a VPP sync in a zombie state when an error with a message too large to be logged occurred [MDM-21429] [RS-6597]
  • Assigned user is now correctly cleared when an iOS device is enrolled as a shared device [MDM-21257]
  • Ensure the latest published policy versions are assigned to device when re-apply policy is used [MDM-21302]
  • Resolve performance issues when retrieving auto enrollments [MDM-21347] [RS-6396]
  • Fix prefilling of password field in the web portal, when a password manager was used [MDM-21162]
  • Pressing enter on username field during login did not perform a login attempt, when password is already filled [MDM-21163]
  • Password reset view was still visible after being logged in [MDM-21248] [RS-6604]
  • Re-add the option to create a policy version, if the current version is already published [MDM-21274]
  • Disable all fields in Windows Wi-Fi configuration if it was published previously [MDM-21333]
  • Set android enterprise fully managed device mode as default for Android Enterprise enrollments [MDM-21379]
  • Display issues on information page of an Android Enterprise device [MDM-21415]

Version 5.3.3


  • Add support for JMX based analysis of cluster environments [MDM-21462]

  • Fix transaction borders when handling user saved events, and skip some handlers not necessary for newly created users [MDM-21458]

Version 5.3.2


  • Adjust configuration of PKCS 12 key store generation on OpenJDK version 11.0.12 and above. The default settings have been changed in this OpenJDK version and the new defaults currently result in broken PKCS 12 archives which are not accepted by Apple devices [MDM-21410] [RS-6567]
  • Make Google Cloud Pub/Sub use the system proxy again [MDM-21405] [RS-6489]

Version 5.3.1


  • Fix Android Enterprise devices having no assigned policies any more after being inactive [MDM-20628] [RS-6512] [RS-6208] [RS-6074] [RS-5332] [RS-5296]

Version 5.3


  • Allow resizing table columns and save them in user’s preferences [MDM-21047] [MDM-21052] [MDM-21126]
  • Display list of devices on which a specific app is installed [MDM-18611] [MDM-21142] [RS-5851]
  • Support combining multiple app compliance configurations on Apple device [MDM-20551]
  • Add app compliance configuration for Windows devices [MDM-20407]
  • Add Samsung Classroom Management configuration [MDM-21118]
  • Support app installation for lessons on Android Enterprise devices [MDM-21124] [MDM-21267]
  • Add Shared iPad settings configuration [MDM-21232]
  • Display a custom JSON which can be used to enroll KME devices via Android Enterprise in the QR code view and enrollment details [MDM-21258] [RS-6005]
  • Ensure that policies are only applied on devices which are using the supported Windows edition and version [MDM-21237]
  • Extend app selection options for remove app action [MDM-20971]
  • Add Windows BitLocker configuration, which allows controlling disk encryption [MDM-21012]
  • Allow to define the certificate store in Windows certificate configuration [MDM-21089]
  • Add Windows Hello configuration [MDM-21136]
  • Apply actions on multiple devices with a single bulk request [MDM-21046]
  • Add wipe action for Android Enterprise fully managed devices [MDM-20955]
  • Add VPP licensed information to apps list and app details [MDM-21227]
  • Show available placeholders in certificate templates view [MDM-21228]
  • Support groups in CSV import for classes [MDM-20633] [RS-3586] [RS-5009] [RS-5884]
  • Add support to deploy and remove Windows public apps [MDM-21100]
  • Check MariaDB version requirement for 10.3 or newer during startup [MDM-21112]
  • Require to explicitly set a password for exiting the Android Kiosk mode [MDM-21211]
  • Fail VPP sync immediately when token expired, send no network requests [MDM-21229]
  • Extend model of lesson device with information about its platform and enrollment type [MDM-21320]
  • Add new properties on Windows Start Menu configuration - start layout and edge assets [MDM-20873]
  • Make Windows Update Auto-Update time a dropdown selection field [MDM-21058]
  • Add context menu actions “Use default device name from DEP profile” and “Use auto-assigned policies” to auto enrollment list [MDM-21067] [RS-5966]
  • Rename whitelist and blacklist to allow list and block list [MDM-21121]
  • Add CSV export to Windows account action and improve user interface [MDM-21125]
  • Update Windows Update Configuration to use the list of available Windows versions [MDM-21221]
  • Ensure Relution iOS client is always allowed if Relution Shared Device Configuration is active, especially when conflicting app compliance settings are present [MDM-21268] [RS-6261]
  • Android Enterprise devices no longer stay non-compliant when all violations have been resolved [MDM-20944] [RS-5943] [RS-6034] [RS-5771]
  • Fix issue with per app VPN connections not being associated correctly [MDM-21111]
  • The CORS preflight request (OPTIONS) now also responds with a HTTP 200 message for clients that do not provide credentials [BR-1710]
  • Deleting apps and weblinks referenced in a lesson or lesson template [MDM-21135] [RS-6084]
  • Fix enable state for new remote desktop service configurations [MDM-21180]
  • Show the missing icon for new device action state DELIVERY_CONFIRMED [MDM-21189]
  • Fix Windows Wi-Fi Configuration Open authentication type creation [MDM-21217]
  • Fix add app modal not closing after uploading a new app using drag and drop [MDM-21218]
  • Fix device name change validation in device inventory list and edit device page error messages [MDM-21235]
  • Fix multi tenant file upload for non file endpoints [MDM-21276] [RS-6305]
  • Fix Android Enterprise Work Profile device deletion [MDM-21286]
  • Fix formatting of battery level in device inventory [MDM-21327] [RS-6397]
  • Fix incorrect active task count shown in health indicator after deleting a VPP token [MDM-21301]
  • Fix potential endless recursion in VPP sync when multiple pending requests fail to send [MDM-21301]

Version 5.2.4


  • Change policy publishing mechanism to run in its own thread pool instead of the global one [MDM-21285]
  • Extend REST endpoint to reactivate Windows devices by changing the Device ID for active devices as well [MDM-21247] [RS-6231]
  • Add missing Android Enterprise platform option to policy prioritisation [MDM-21272]

Version 5.2.3


  • Add a new REST endpoint to reactivate Windows devices which were marked as deleted due to Device IDs used by multiple devices [MDM-21247] [RS-6231]

Version 5.2.2


  • Fix Android Enterprise platform migration for no longer needed policy configurations linked to violations [MDM-21239]

Version 5.2.1


  • Add defining initial Android Enterprise policies to enrollments [MDM-21222]
  • Allow soft deletion also for expired certificates [MDM-21219]

Version 5.2


  • Make Android Enterprise a separate device platform. Devices and policies including configurations are migrated to the new platform automatically [MDM-20819]
  • Add managed app configuration editor for Android Enterprise [MDM-20724]
  • Add Android Enterprise system update policy [MDM-19756]
  • Add custom device variables [MDM-19888] [MDM-20970] [RS-2838] [RS-3662] [RS-4242] [RS-5019]
  • Add configuration to persist enrollment user in device’s custom property on enrollment [MDM-20556]
  • Allow deleting certificates [MDM-20695] [RS-5915]
  • Delete device actions automatically after a configurable period, default two years (730 days) [MDM-20907]
  • Add client widget for desktop browsers [MDM-20959]
  • Add information box to policy details [MDM-19940]
  • Add information card to device details [MDM-20160]
  • Add Windows Defender scan action [MDM-20405] [MDM-20422]
  • Show Windows Defender Antivirus health data in device details [MDM-20798]
  • Add Action to add local accounts on Windows devices [MDM-21056]
  • Renew iOS App Store push certificate, the previous one will expire on December, 13th 2021 [MDM-20704]
  • Renew iOS MDM push certificate, the previous one will expire on November, 17th 2021 [MDM-20704]
  • Give all users “User” and “Device User” permissions regardless of group membership [MDM-18356]
  • Required apps, which refer to non-installable system apps, are not taken into account during compliance status detection [MDM-20714] [RS-5441]
  • Adjust off-time mode for iOS devices: Allow Settings app only for devices during off-time instead of activating lost mode as this allows to change Wi-Fi even during off-time. [MDM-20818] [RS-4630]
  • Enable remove app action for tvOS and macOS devices [MDM-20956] [RS-5852]
  • Allow triggering supervised device actions only on supervised devices [MDM-16290]
  • Adjust translation and information for DEP profile allow pairing setting [MDM-20884]
  • Display hint if selected VPN type does not support per app and account VPN connections [MDM-20957]
  • Add auto-scroll to column selector drop list [MDM-20958]
  • Hide unneeded checkboxes in Android app compliance [MDM-20966]
  • Removed contacts and calendar from Windows Email configuration [MDM-20979]
  • Change password field in the Windows Exchange configuration to no longer be required [MDM-20998]
  • Update validation of Windows Update configuration [MDM-21058]
  • Extend device state filter with the option to filter devices in status “withdraw pending” in device inventory [MDM-21070]
  • Extend add app options to allow selecting from both standard Google Play and the Android Enterprise managed Play Store [MDM-21076]
  • Optimize IOT license metric gathering [MDM-21186] [RS-5695]
  • Fix installation of .pkg files [MDM-20845] [RS-5571] [RS-5380]
  • Remove non-optimal JPQL to query parent groups when native SQL is not available and use legacy implementation instead [MDM-21057]
  • Fix adding of new members to existing courses during CSV import [MDM-21104] [RS-5974]
  • Hide the option to enable Secure Mail Gateway in Exchange configuration for Windows [MDM-21093]
  • Prevent error log message occurring in rare cases on system shutdown [BR-1417]
  • Hide confusing warning on startup when LDAP is not configured [MDM-20692]
  • Prevent education content synchronisation for manually triggered LDAP synchronisation if LDAP education synchronisation is not configured. [MDM-20896]
  • Fix saving the user profile with an empty phone number [MDM-21033]
  • Improve performance of user and device inventory when performing select or deselect actions [MDM-19991] [MDM-19992]
  • Fix overlapping device name pattern for Windows 10 devices [MDM-20908]
  • Ignore deprecated user preferences for dashboard [MDM-20918]
  • Disable autofocus on auto deployment search field in users and groups edit view [MDM-20934]
  • Display the collected ethernet MAC address on macOS [MDM-21006] [RS-5874]
  • Fix deploy action name shown for Microsoft Store application [MDM-21013]
  • Fix disabled next button in app selectors [MDM-21027]
  • Fix row selection with single click on tablet size screens [MDM-21065] [RS-5968]
  • Add missing translations in auto enrollment inventory [MDM-21066] [RS-5964]

Version 5.1.4


  • Add network rate-limiter to pub/sub and increase stability on large instances [MDM-21083]
  • Add ability to restore pub/sub subscriptions that were deleted (due to inactivity) [MDM-21071] [RS-5527]

Version 5.1.3


  • Support meta data update of public macOS apps [MDM-21084]
  • Meta data update of public apps not working in some cases [MDM-21084]

Version 5.1.2


  • Optimize pub/sub poll for large instances with support for parallel poll requests [MDM-21078]

Version 5.1.1


  • Replace CTE and native SQL resource files with string constants to avoid issues on some Windows installations [MDM-21035]
  • Fix initial state of checkbox in Android Enterprise Play Store management configuration [MDM-21038]
  • Fix update script that removes duplicate Content Manager groups, which could produce a contraint violation in rare cases [MDM-20936]
  • Fix saving organization administrator group, which incorrectly reported the administrator member as missing, preventing modifications such as adding new administrators [MDM-21034] [RS-5916]
  • Fix configuration of authentication types in Windows Wi-Fi configuration [MDM-21025] [RS-5893]
  • Fix persisting the automatic assignment of policies when being edited [MDM-21030] [RS-5898]
  • Add missing indicator for already used email addresses when editing the user profile of users created before Relution 5 [MDM-21031]

Version 5.1


  • Add support for uploading modern Windows apps [MDM-20953] [MDM-20739] [MDM-20790] [MDM-20917]
  • Add deploying modern Windows apps to devices [MDM-20952] [MDM-20759] [MDM-19789]
  • Add removing modern Windows apps from devices [MDM-20954] [MDM-20760] [MDM-19790]
  • Add selecting public applications from Windows App Store [MDM-20145]
  • Add Windows Update policy [MDM-20401]
  • Automatically renew education CA certificates when they will expire in the next 180 days [MDM-19930]
  • Add global proxy configuration for Android Enterprise [MDM-20080]
  • Allow multiple restriction configurations on Apple devices [MDM-20162]
  • Prevent modification of LDAP groups and system groups [MDM-20384]
  • Optimize new native client version notifications in notification center [MDM-20510]
  • Add Android Enterprise Play Store management configuration [MDM-20394]
  • Add full support for installation of .pkg files on macOS devices [MDM-20845] [RS-5571] [RS-5380]
  • Allow ignoring auto-assigned policies also for auto-enrollment [MDM-20717]
  • Add automatic refresh of notification center [MDM-20555]
  • Make all failing permission checks respond with a 401 (Unauthorized) instead of 403 (Forbidden) status when no valid authentication is provided [BR-996]
  • Update connection date of Apple devices only on MDM communication [MDM-17936]
  • Add possibility to perform partial downloads of resources [MDM-20380]
  • Add support for custom client names to SAML2 registrations and support additional attribute value formats [MDM-20691]
  • Prohibit changing the password of a user, when the user is managed by a 3rd party user management system [MDM-20719]
  • Add optional configuration for automatic removal of completed VPP tasks older than a defined period of time [MDM-20795]
  • Do not include hidden ping actions in open action count [MDM-20871] [RS-5611] [RS-5669]
  • Replace several dropdown filters in device inventory with a list of selectable options [MDM-20509]
  • Optimize translations in app compliance configurations [MDM-20543]
  • Add installed apps selection list for remove app action [MDM-20550]
  • Update certificate lists to the standard list style [MDM-20711]
  • Add Windows platform in app release workflow [MDM-20713]
  • Show user’s groups and group members for content manager [MDM-20718]
  • Update compliance violation views to the standard list style [MDM-20726]
  • Check if email is available when editing user details on the profile page [MDM-20774]
  • Remove Windows Update configuration from Windows restrictions policy configuration as it will be available as a standalone configuration [MDM-20825]
  • Improve performance when loading auto deployments [MDM-20705]
  • Fix VPP sanity check in cluster environments on server startup and optimize its performance [MDM-20795]
  • Fix removal of organizations with VPP publications [MDM-19989]
  • Fix extracting bundle identifier of .pkg files with a different format [MDM-20666] [RS-5571] [RS-5380]
  • Retry on VPP token upload when Apple responds with a temporary error, to avoid a 422 HTTP status [MDM-19826] [RS-5145] [RS-4388]
  • Fix refresh device info actions being marked as an error on Shared iPads, even if all available information could be retrieved successfully [MDM-20639] [RS-5520]
  • Fix calculation of file sizes and hashes when using MongoDB based GridFS [MDM-20927]
  • Ensure that Windows devices can be enrolled by using the Device User group instead of a specific user [MDM-20941]
  • Do not enable the update OS button for tvOS devices if no update is available [MDM-20226]
  • Move selection labels into search field in app selector modals [MDM-20706]
  • Prevent issues with translations using the same property name from a translation file, e.g. apps [MDM-20755]
  • Fix policy export when using special characters in the passcode [MDM-20786] [RS-5519]
  • Show correct available storage space units for a Windows device [MDM-20789]
  • Showing line breaks in reason why action buttons are disabled [MDM-20860]
  • Fix enrolling Windows 10 devices again after they have already been enrolled on the server before [MDM-20975]

Version 5.0.3


  • Fix handling of illegal characters in certificate file names on Windows platform [MDM-20877] [RS-5619]

Version 5.0.2


  • Fix important security issue, same as 4.79.4 [MDM-20765]
  • Fix database update on Microsoft SQL Server [MDM-20771]

Version 5.0.1


  • Serve the new Relution portal directly in / and fully replace the legacy portal [MDM-19864] [MDM-20563]
  • Add support for assigning multiple policies to a device [MDM-19741] [MDM-19742] [MDM-19743] [MDM-20440] [MDM-20449] [MDM-20440] [MDM-20507] [MDM-20450]
  • Add support for managing Windows 10 devices [MDM-19781] [MDM-19782] [MDM-19784] [MDM-19785] [MDM-19789] [MDM-19790] [MDM-19871] [MDM-19874] [MDM-19875] [MDM-19876] [MDM-19877] [MDM-19878] [MDM-19879] [MDM-19883] [MDM-19884] [MDM-20063] [MDM-20383]
  • Show all configurations of applied policies in device details, not only those with a compliance status [MDM-20507]
  • Replace default policy with more versatile automatic assignment to all devices or specific users or groups[MDM-20446]
  • Use the managed Google Play Store to select apps to add into the Relution app store when Android Enterprise is configured in the organization [MDM-20079]
  • Add a setting to make enrollments reusable which allows enrolling multiple devices with a single enrollment [MDM-20087]
  • Add configuring managed accounts to use a specific VPN on Apple devices [MDM-20128] [MDM-20128]
  • Add configuring managed apps to use a specific VPN on iOS and tvOS devices [MDM-20136]
  • Require email addresses of users to be unique on the system [MDM-20564]
  • Add device name configuration for supervised Apple devices [MDM-20447]
  • Add time zone configuration for supervised iOS and tvOS devices [MDM-20582]
  • Add the “Skip passcode” option also to Android Enterprise Work Profile enrollments [MDM-20526]
  • Require Java version 11 or higher and, when using MySQL, version 8.0 or higher [MDM-20564]
  • Reset the database baseline for version 5. Version 4.79 is required before updating to version 5 [MDM-19865]
  • Migrate Spring Boot to 2.4.2 which also supports running with Java 15 [MDM-19894]
  • Move all API endpoints to the unified /api/ path, the previous endpoints are redirected [MDM-19950] [MDM-19951]
  • Make table list headers sticky [MDM-20679]
  • Remove Development Hub [MDM-19868]
  • Remove App Store Ratings [MDM-19870]
  • Add “untrusted apps policy” to Android Enterprise restrictions, replacing deprecated unknown sources setting [MDM-19997] [RS-5029] [RS-4596] [RS-5230]
  • Optimize retrieval of devices with many installed apps [MDM-20635]
  • Reorder dashboard widgets [MDM-19565]
  • Add logging in as organization admin context menu action to system organization list [MDM-20445]
  • Change default visibility of the platform and enrollment type column in the device list as all devices now have an enrollment type [MDM-20557]
  • The members of a course are now sorted alphabetically [MDM-20596]
  • Replace legacy icons [MDM-20640]
  • Adjusted app compliance configurations to new list design [MDM-20543]
  • Adjusted auto deployment list to new list design [MDM-20644]
  • Automatically disassociate VPP licenses on device deletion also for tvOS and macOS [MDM-20553]
  • Hide the link into the device in VPP license details when the current user does not have the permissions to access it [MDM-20549]
  • Clean Up Windows Mobile implementation [MDM-19979]
  • Fix persisting LDAP referenced fields in user preferences that could accidently be removed [MDM-20399] [RS-4960]
  • Fix a problem causing Relution to forget the policy assigned to Android Enterprise devices [MDM-20628] [RS-5296] [RS-5332]
  • Fix cloning policies on systems with MS SQL Server [MDM-20579] [RS-4993]
  • Add missing translations to paginator [MDM-20665]
  • Remove the words in progress from app history titles [MDM-20654]
  • Sort VPP apps by name in the device VPP license list [MDM-20175]
  • Hide issued certificates in the certificate view as there is a separate view for them [MDM-20597]
  • Link from app settings to app categories [MDM-20600]
  • Fix various elements where the default font size was not honored [MDM-20641]
  • Fix header in VPP lists breaking the table layout [MDM-20642]
  • Fix VPP association modal layout [MDM-20646]
  • Fix empty state when no version was found in the current release state [MDM-20647]