Product Documentation

Configuring Device Manager to Connect to App Controller

Oct 20, 2015

If you have purchased XenMobile Enterprise Edition and are using Device Manager with App Controller to provide apps to your Worx Home users, you will need to configure the Device Manager server so it can communicate with the App Controller server. Conversely, you also need to configure the App Controller server so it can communicate with the Device Manager server.

For secure communication between the Device Manager and App Controller server, both servers should as a best practice use public trusted certificates. When App Controller initiates communication with Device Manager, it must validate the server certificate from Device Manager, and when Device Manager initiates communication with App Controller, it needs to validate the server certificate from App Controller. This handshake will fail if the issuer of the certificate is not trusted on both systems.

If you select Allow Secure Communication in the App Controller web console interface, Device Manager communicates with App Controller on a secure port (for example: 443). This secure communication requires public certificates on both servers, and requires that the ports are open in both directions.

The communication between Device Manager and App Controller are RESTful API calls (which can be fully inspected by any inspector between App Controller and Device Manager) if the traffic is over port 80. The typical communication is App Controller communicating to Device Manager that userX needs AppY because they subscribed to it on Worx Home, or Device Manager calls App Controller to determine if App Controller exists and the user is registered on it, in order to determine if the connecting device is in MDM-Only mode or MDM+MAM (enterprise) mode.

For information about how to add a public certificate to the Device Manager server, see Configuring an SSL Certificate from an External Certificate Authority. For information about how to upload a public certificate to the App Controller server, see Installing Certificates.

Note: If you want device users to be able to access and install virtual desktops from Citrix XenDesktop or published apps from Citrix XenApp, they must have Citrix Receiver installed on their devices.
  1. Configure the Device Manager server to be able to communicate with the App Controller server. To do this, first log in to the XenMobile Device Manager web console.
  2. Click Options.
  3. In the Options dialog box, select Modules Configuration > AppC Webservice API, enter the name of the App Controller server, a shared key that you will use when you configure App Controller web console for XenMobile and then select Enable App Controller.
    Note: Do not click Test Connectivity, until you have configured the XenMobile server connection in the App Controller management console.
  4. Exit the Device Manager web console.
  5. Log on to the App Controller management console.
  6. Click Settings -> XenMobile MDM and then configure the XenMobile Device Manager hostname and port.
  7. Enter the same shared key that you entered in the XenMobile Device Manager web console and then select the Require Device Manager Enrollment check box if you want to enforce enrollment (recommended), which requires users to enroll into Device Manager.
  8. Select Allow Secure Communication. Device Manager communicates with App Controller on a secure port (for example: 443). This secure communication requires public certificates on both servers, and requires that the ports are open in both directions.
  9. Log out of the App Controller management console.
  10. Log on to the XenMobile Device Manager console again.
  11. In the Options dialog box, select Modules Configuration > AppC Webservice API and then click Check connection to establish communication between Device Manager and App Controller.
  12. When the connection has been established, click Close.