Product Documentation

MDX Policies for Mobile Apps

Oct 08, 2015

You can configure MDX policies for mobile apps, including the WorxMail and WorxWeb apps. The policies you can configure depend on the mobile app and the mobile device. You configure the policies after you wrap the app with the MDX Toolkit and when you upload the app to AppController 2.5 or 2.6, or App Controller 2.8.

When you upload a mobile app to App Controller, the following app details appear on the Details page. When the app is wrapped, the person wrapping the app defines some settings. Citrix recommends that you do not change the fields that contain app information, such as the app name, description, and version.

  • App name. The name of the app.
  • Description. A description of the app.
  • Application type. The platform on which the app can run.
  • Application version. The internal version number of the app.
  • Minimum OS version. The minimum operating system version on which the app can run.
  • Maximum OS version. The maximum operating system version on which the app can run.
  • Excluded devices. The device types on which the app cannot run. You must define iPhone or iPad and not the specific version of the device, such as iPad 3 or iPhone 4S. For Android devices, you need to specify the manufacturer and phone model, such as Samsung HTC or Motorola Droid Razr M.
  • Category. Where the app appears in Receiver.
  • Assigned role. The role assigned to the app. The role defines the Active Directory groups from which users are obtained. You must select a role.

On the Workflow page, you can either create a new workflow or select a workflow you configured by using the Workflows tab in the management console. If you use an existing workflow, when you click Next, you go to the Policies page where you configure the policies as described earlier in this topic If you are creating a new workflow, when you click Next, you go to the Manager Approvals page where you can configure the levels of approvers and any additional approvers.

Configuring MDX Policies for WorxMail

You can configure the following policies for WorxMail apps on both Android and iOS devices:

  • WorxMail Exchange Server. The fully qualified domain name (FQDN) for Exchange Server. Default is empty.
  • WorxMail user domain. The default Active Directory domain name for Exchange users. Default is empty.
  • Background network services. The FQDN and of the ActiveSync server, such as servername:443. This might be an Exchange Server, either in your internal network or in another network that WorxMail connects to, such as mail.mycompany.com:4443. If you configure this policy, set the Network access policy to Tunneled to the internal network. This policy takes affect when you configure the network access policy. In addition, use this policy when the Exchange Server resides in your internal network, or if you want to use NetScaler Gateway to proxy the connection to the internal Exchange Server.
  • Background ticket expiration. The time period that a background network service ticket remains valid. When WorxMail connects through NetScaler Gateway to an Exchange Server running ActiveSync, App Controller issues a token that WorxMail uses to connect to the internal Exchange Server. This property setting determines the duration that WorxMail can use the token without requiring a new token for authentication and the connection to the Exchange Server. When the time limit expires, users must log on again to Receiver to generate a new token. Default value is 168 hours (7 days).
  • Background network services gateway. This is the NetScaler Gateway FQDN and port number with which WorxMail uses to connect to the internal Exchange Server. The format is "fqdn:port". In the NetScaler Gateway configuration utility, you must configure the Secure Ticket Authority (STA) and bind the policy to the virtual server. The default value is empty, implying that an alternate gateway does not exist. If you configure this policy, set the Network access policy to Tunneled to the internal network. This policy takes affect when you configure the network access policy. In addition, use this policy when the Exchange Server resides in your internal network or if you want to use NetScaler Gateway to proxy the connection to the internal Exchange Server.

For the complete list of MDX policies, see Configuring MDX Policies for Android Apps in App Controller and Configuring MDX Policies for iOS Apps in App Controller.