Skip to main content
Matrix42 Self-Service Help Center

Release Notes Silverback 25.0 Update 1

  1. Last updated
  2. Save as PDF

About This Release

Matrix42 Silverback 25.0 Update 1 provides new and improved features that have been implemented. During the development of this version, we have been focusing on valued feedback from our customers and partners to provide an ideal feature selection.

Visit the following playlists on the Matrix42 YouTube channel to get a short overview presentation of the major new features: Link to English Video-Playlist | Link to German Video-Playlist.

Build Information

  • Current Status: Technical Preview
  • Download: Marketplace
  • Initial Build Version: 25.0.1.8

Important Announcements

New from WWDC2025

Apple hast finished their WWDC2025, and as part of this event, MDM vendors have already received early information regarding upcoming changes and enhancements to Apple’s platforms. Below is a summary of the key points that are relevant to the day-to-day use of Silverback and may require your attention:

  • The legacy Kerberos Single-Sign On (com.apple.sso) is now deprecated and you should use Extensible Single Sign-On (com.apple.extensiblesso).
  • A Profile removal is now disallowed before first unlock and will return NotNow. This means when you execute the Delete Business Data action, the device may answer not now and the profile will only be removable after the device has been first time unlocked. 
  • Top-level Telephony properties have been removed from the DeviceInformation command, and the ServiceSubscriptions property should now be used to get Telephony properties. This affects getting the SIM Card information from devices in your Device Information and we will provide a Hotfix for 25.0 Update 1, where this changes will be reflected. 

New Features

Location Tracking for Android Enterprise

With this new release, we introduce Location Tracking for devices enrolled via Android Enterprise. Administrators now have the ability to monitor real-time and historical location data of managed Android Enterprise devices. This feature enhances device visibility, improves field operations coordination, and supports security use cases across logistics, service, and mobile workforces.

clipboard_e7ca3c0dd9eab9d736d7851b81aae3ed3.png

Key Capabilities

  • Location tracking of Android Enterprise-enrolled devices
  • One-time location request to retrieve the current device position
  • Time-stamped historical data for movement analysis
  • Configurable tracking accuracy:
    • Balanced (optimized for battery life)
    • High accuracy (using GPS and additional location sources)
  • Flexible update intervals:
    • Configurable from every 15 minutes up to every 24 hours
    • Allows a tailored balance between precision and battery usage
  • Data retention policies:
    • Location history can be retained for up to 365 days
    • Manual deletion is possible via the device overview
    • Default retention period is 7 days

Requirements

  • Devices must be enrolled via Android Enterprise (Device Owner)
  • Devices require an active internet access
  • Depending on OS version and policy, user consent for location access may still be surfaced by the system

Privacy & Compliance

This feature has been implemented with a strong focus on enterprise data protection and Android Enterprise policy compliance:

  • Tracking is explicitly profile-driven – only active on devices with an assigned location profile
  • The current location can be request with a one time-action
  • All data is access-controlled
  • User transparency is ensured via system notifications and in-app visibility

Companion App Behavior

  • The Companion App automatically applies all required location permissions immediately after profile assignment, ensuring smooth activation without user intervention.
  • When users disable Location Services and/or the Restriction Allow Configuration of Location is set, Companion will enable and utilize the service automatically.
  • Companion also reports the Location Service status to Silverback (Location Service Enabled).
  • Users are transparently informed by the system that their organization allows access to their location.
  • Additionally, within the Companion App’s “Profiles” section, a clear notice is displayed indicating:
    • The assigned tracking profile
    • The accuracy and interval settings in effect
     
Screenshot_20250611-140922_framed.png

Screenshot_20250611-152723_framed.png

 Screenshot_20250611-140901_framed.png

Re-designed App Portal for Users

We’re excited to announce a complete redesign of the App Portal for managed Apple devices! The App Portal serves as a user-facing interface where employees can easily access and install enterprise-approved applications. When enabled via configuration, the portal is automatically deployed to managed devices as a web clip (home screen shortcut) – providing a seamless bridge between IT and end users.

What’s New in the Updated App Portal UI

  • Modern and clean design optimized for iOS, iPadOS, macOS
  • Improved navigation, with a clearer app layout
  • Search and filtering options for faster app discovery

User Experience

  • When a device is enrolled and App Portal is enabled, a shortcut is automatically added to the home screen.
  • Users can launch the portal to browse and install available applications without needing access to the App Store or Apple ID credentials.
  • The portal provides dynamic visibility, showing only the apps relevant to the user’s role, device group, or configuration.
  • Updated icons, typography, and layout bring a modern, intuitive experience aligned with native design patterns.

Configuration & Requirements

  • Available for all iOS, iPadOS, macOS devices
  • The App Portal must be enabled in the configuration profile
  • Automatically deployed as a web clip via device profile

clipboard_e4c7d5b75afd2897e0f23c8204fbd34a4.png

Strong Certificate Mapping 

With the introduction of KB5014754, Microsoft enabled Strong Certificate Mapping for certificate-based authentication — requiring inclusion of a user’s SID (Security Identifier) in the certificate. We now support this mechanism for devices enrolled via LDAP user association. This enhancement ensures compliance with Microsoft’s strong mapping requirements and enables seamless authentication for environments that depend on SID-based identity mapping.

How it works

  • During pending enrollment creation, the user’s SID is automatically retrieved via LDAP and stored as part of the enrollment record.
  • A background service runs every 4 hours to retroactively collect and store missing SIDs for already enrolled devices.
  • When issuing SCEP certificates, the system includes the SID in the Subject Alternative Name (SAN) using the following format:
URL=tag:microsoft.com,2022-09-14:sid:<value>

New Improvements

Please find all new improvements in Silverback 25.0 Update 1 below.

Management Console

  • Added additional debug information to external provider validation when Write detailed logs for STS is enabled.

Android Enterprise

  • Improvements for enrollment process in Companion.
  • Improvements for background services including notifications and logging in Companion.

SQL

  • Files from database are now downloaded in chunks to reduce memory consumption.
  • Added Queue.CommandResults to Data Retention period

Knowledgebase 

The following new Knowledge Base articles have been added:

New Changes

  • We removed the tab "Enterprise" and "App Portal" apps within the App Portal based on user feedback, to provide a clearer and more streamlined experience for end users.
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
    Stage
    Final
  2. Tags
    This page has no tags.