Citrix Endpoint Management

App inventory device policy

The App inventory policy lets you collect an inventory of the apps on managed devices. Citrix Endpoint Management can then compare the inventory to any app access policies deployed to those devices. In this way, you can detect apps that appear on an app allow list or block list and act correctly. Use an App access policy to define the allow list or block list.

To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.

iOS, macOS, Android (legacy DA), Android Enterprise, and Windows Desktop/Tablet

Device Policies configuration screen

  • For each platform you select, leave the default setting or change the setting to Off. The default is On.

Inventory and delete Win32 apps

You can determine whether the Win32 apps on user devices follow your App access device policy. To view an inventory of Win32 apps on managed Windows 10 and Windows 11 Desktop and Tablet devices:

  1. Go to Configure > Device Policies and add an App Inventory policy for the Windows Desktop/Tablet platform. Deploy the policy.

  2. Go to Manage > Devices, select the Windows 10 and Windows 11 device that you want to view, click Edit, and then click the Apps tab.

    The results of the inventory appear.


    If you’re configuring a Windows 11 device, you must wait up to 24 hours for correct inventory results, as designed by Microsoft.

    Devices configuration screen

  3. Compare the app inventory to your App access device policy. If the device has apps installed that are on the block list, you can delete them from the device.

App install and uninstall issues caused by an incorrect Product Code

If a Win32 app is configured with the incorrect Product Code, the app initially installs, however Microsoft doesn’t return the app status to Citrix Endpoint Management. As a result:

  • The App Uninstall device policy doesn’t uninstall the app.
  • Citrix Endpoint Management continues to deploy the app because it doesn’t have confirmation that the app installed. With each deployment, the device generates an error code because the app is already installed. The error shown in Manage > Device > Delivery Group Details is: Msi Application received: Reporting:AppPush id:7z1701-x64.msi: Command execution failed -2147023293

To correct the Product Code:

  1. Manually remove the app from the device.
  2. In the Citrix Endpoint Management console, go to Configure > Apps and correct the Product Code for the Win32 app.
  3. Deploy the Win32 app.
App inventory device policy