What’s new history
We move sections about older Endpoint Management releases from What’s new to this article.
Endpoint Management 19.10.0
The following features are now rolling out to commercial customers. Releases to US government customers begin within three months. For feature differences between the commercial and US government offerings, see Endpoint Management service for US Government.
Expanded support for Zebra OEMConfig. Endpoint Management now supports managing Zebra devices using the Zebra Technologies administrative tool Zebra OEMConfig. (For information, see the Zebra Technologies website.) To manage devices using the Zebra OEMConfig app, publish the app and configure an Android Enterprise managed configurations device policy.
Content delivery network (CDN) availability for Windows apps. You can now deploy Windows apps by using a content delivery network. See Deliver enterprise apps from a CDN.
Group invitation support for users whose names include special characters. When you choose a group to receive enrollment invitations, Endpoint Management now gets the user list from Active Directory. The list includes users whose names contain special characters. See Enrollment invitations.
Fixed issues in Endpoint Management 19.10.0
After you enroll a new device or re-enroll an old device, an error message intermittently displays on Manage > Devices. [CXM-72634, CXM-73077]
When you select a Chrome or Workspace hub device in Manage > Devices > Enrolled Devices and then click Edit, the following message appears: “A configuration error occurred. Please try again.” That message also appears when you mouse over those devices in the devices list and click Show more. In either case, click OK to continue. [CXM-73010]
Endpoint Management 19.9.1
Support for encryption management for iOS and Android. When you add MDX apps, you can now choose whether MDX or the device platform encrypts data on your device.
When you switch to platform-based encryption, compliance checks run before every app launch. If the compliance checks pass, the app runs and is protected by platform encryption. Analyze > Reporting now includes a report of non-compliant devices, such as devices that are jailbroken or don’t have a passcode.
When you add an app, choose an Encryption type:
- MDX encryption: MDX encrypts the data. MDX doesn’t enforce compliance. For existing apps, the default is MDX encryption.
- Platform encryption with compliance enforcement: The device platform encrypts the data. You choose how compliance enforcement applies. For new apps, the default is Platform encryption with compliance enforcement.
Support for iPadOS. Citrix Endpoint Management supports iPadOS 13.x. Device policies for iOS apply to devices running iPadOS. If you plan to enroll iPadOS devices by sending an invitation link to users, see the Citrix support article CTX261981.
Simplified app management for Android Enterprise. You no longer must go to managed Google Play or the Google Developer portal to approve or publish apps for Endpoint Management. As a result, app approval and publishing take about 10 minutes rather than hours.
Approve Android Enterprise apps for the Public App Store in the Endpoint Management console. You can now approve managed Google Play store apps without leaving the Endpoint Management console. After you enter an app name in the search field, the managed Google Play store UI opens with the instructions for you to approve and save the app. Your app then populates in the results allowing you to configure its details. See Add a public app store app.
Approve the MDX apps for Android Enterprise in the Endpoint Management console. You can now approve managed Google Play store apps for Android Enterprise without leaving the Endpoint Management console. After you upload an MDX file, the managed Google Play store UI opens with the instructions for you to approve and save the app. See Add an MDX app.
Publish enterprise apps for Android Enterprise in the Endpoint Management console. You no longer must register for a Google Play developer account when you add an Android Enterprise private app. The Citrix Endpoint Management console opens a managed Google Play store UI for you to upload and publish the APK file. See Add an enterprise app.
More certificate management features for Android Enterprise devices in work profile mode or fully managed mode. In addition to installing certificate authorities in the managed keystore, you can now manage the following features:
Configure the certificates used by specific managed apps. The Credentials device policy for Android Enterprise now includes the setting Apps to use the certificates. You can specify the apps to use the user certificates issued by the credential provider selected in this policy. Apps are silently granted access to certificates during run time. To use the certificates for all apps, leave the apps list blank. See Credentials device policy.
Silently remove certificates from the managed keystore or uninstall all non-system Certificate Authority certificates. See Credentials device policy.
Prevent users from modifying credentials stored in the managed keystore. The Restrictions device policy for Android Enterprise now includes the setting Allow user to configure user credentials. By default, that setting is On. See Restrictions device policy.
Location device policy now available for Android Enterprise. You can define location settings for Android Enterprise devices that are managed or running in managed profile mode. Android location tracking requires Android 8.5 and higher. See Location device policy.
Easy access to BitLocker recovery keys. If a user loses their BitLocker recovery key, unlocking their device can be a challenge. Endpoint Management now displays the BitLocker recovery key for Windows desktops and tablets under the device details. See BitLocker recovery key.
Fixed issues in Endpoint Management 19.9.1
After adding a custom property with a special character, admins cannot access the Devices page on the XenMobile console. [CXM-57322]
The RBAC role
Tier 2 techs can’t create enrollment invitations to a user group with more than 2000 users. Only full administrative users can create the invitations. [CXM-72086]
On iOS devices, administrators might lose the ability to send an “unlock device” command to passcode protected devices after the device is upgraded to iOS 13.1.x. To resolve this issue, see
Endpoint Management 19.9.0
Manage keyguard features for Android Enterprise work profile and fully managed devices. Android keyguard manages the device and work challenge lock screens. Use the Keyguard Management device policy to control:
Keyguard management on work profile devices. You can specify the features available to users before they unlock the device keyguard and the work challenge keyguard. For example, by default users can use fingerprint unlock and view unredacted notifications on the lock screen.
Keyguard management on fully managed and dedicated devices. You can specify the features available, such as trust agents and secure camera, before they unlock the keyguard screen. Or, you can choose to disable all keyguard features.
Samsung Knox container password reset. The Container Password Reset security action is no longer available for Android Enterprise Samsung Knox devices. Use the Container Lock security action to reset passwords for Samsung Knox containers. The Container Password Reset security action is still available for Samsung devices in device administrator mode.
Configure the product track for your Android Enterprise apps. When adding a public store app or an MDX app for Android Enterprise, configure the product track you want to push to user devices. For example, if you have a track designed for testing, you can select and assign it to a specific delivery group. To learn more about rolling out your release, see Google Play Help Center. For information on configuring the product track, see Add an MDX app or Add a public app store app.
Windows GPO configuration policy enabled automatically. The Windows GPO configuration policy enables automatically if you provision a Citrix Workspace Environment Management site in the Citrix Cloud. For more information see Windows GPO Configuration device policy.
SSO http error code is now 404. If the enable.cloud.console.sso server property is enabled, attempts to access the Endpoint Management console directly on port 4443 now result in a 404 error.
Mobile Device Management (MDM) and Workspace Environment Management (WEM) managed devices merged in the console. If a device is both MDM managed and WEM managed, it now displays as one device in the Endpoint Management console. The device label in the console is MDM, WEM. Previously, the device would show as two different devices. You can also delete devices that are MDM and WEM managed now.
Fixed issues in Endpoint Management 19.9.0
After you deploy the App Access device policy, non-compliant devices don’t trigger the configured action. [CXM-69842]
You can’t configure G Suite admin credentials for Chrome OS devices. [CXM-71665]
Connectivity between Endpoint Management and Apple School Manager fails. [CXM-71844]
MAM devices wipe apps and app data because of a failure to get the user domain details. As a result, the device considers the user as deleted. [CXM-72093]
After enrolling a new device or re-enrolling an old device, an error message intermittently displays on the Manage tab. [CXM-72224]
Endpoint Management 19.8.0
For existing customers: Restricted port access to the Endpoint Management console and Self-Help Portal:
For customers who onboarded before Endpoint Management 19.8.0 (August 1, 2019):
You can require that administrators sign on to the Citrix Cloud console for SSO access to the Endpoint Management console. Citrix highly recommends all console access through Citrix Cloud.
Set the new server property
enable.cloud.console.ssoto True, which means you can’t directly access the Endpoint Management console. Attempts to directly access the Endpoint Management console on port 4443 result in a 500 error.
enable.cloud.console.ssois False, which provides direct access to the Endpoint Management console through port 4443. Access attempts through port 443 now result in an “Access Denied” message. Access attempts through other ports now result in 404 errors.
Access to the Self-Help Portal is available only through port 443. Access attempts through port 4443 now result in an “Access Denied” message.
For customers who onboard starting with Endpoint Management 19.8.0 (August 1, 2019):
New customers sign on to the Citrix Cloud console for SSO access to the Endpoint Management console.
Access to the Self-Help Portal requires a server property change. By default, new customers can’t access the Self-Help Portal.
The server property
shp.console.enabledefaults to False, which prevents access to the Self-Help Portal. Users who navigate to the Self-Help Portal on port 443 get a 404 error. And, users who navigate to the portal on port 4443 get an “Access Denied” message.
To give your users access to the Self-Help Portal, update
Fixed issues in Endpoint Management 19.8.0
When importing a CA certificate, the console doesn’t display an updated or new certificate under PKI entities. [CXM-68419]
When configuring the VPN device policy for iOS to use the Citrix SSO protocol: After you enable the Prompt for PIN when connecting setting and save the policy, that setting reverts to Off. [CXM-68523]
For customers who have migrated from previous versions, opening the Manage tab in the console displays an error if a device’s enrollment profile has been deleted. [CXM-69750]
Endpoint Management 19.7.1
Access all Google Play apps in the managed Google Play store. The Access all apps in the managed Google Play store server property makes all apps from the public Google Play store accessible from the managed Google Play store. Setting this property to true whitelists the public Google Play store apps for all Android Enterprise users. Administrators can then use the Restrictions device policy to control access to these apps.
Enable system apps on Android Enterprise devices. To allow users to run pre-installed system apps in the Android Enterprise work profile mode or fully managed mode, configure the Restrictions device policy. That configuration grants user access to default device apps, such as camera, gallery, and others. To restrict access to a particular app, set app permissions using the Android Enterprise permissions policy.
Fixed issues in Endpoint Management 19.7.1
When sending an enrollment link using SMTP/SMS, the link being sent doesn’t work. [CXM-67458]
When attempting to update a public iOS app using the Endpoint Management console, a configuration error displays. [CXM-69190]
Some third-party volume purchase apps fail to auto-update. This issue occurred due to blocked host names. For more information, see https://support.apple.com/en-us/HT201999. [CXM-69341]
When adding Microsoft Word or PowerPoint for iOS to the cloud app library, assigning the app to a user group fails. You must delete and re-add any Intune apps experiencing this issue. [CXM-69349]
Endpoint Management 19.6.1
- Location device policy now enables device tracking for Android. You can now enable device tracking to poll specific devices at a frequency you define. You might use this policy to track delivery personnel for more accurate delivery estimates, track lost or stolen devices, or enforce geographic boundaries. For more information, see Location device policy.
Fixed issues in Endpoint Management 19.6.1
On macOS, enterprise apps pushed from Endpoint Management remain in a pending state. This third-party issue is Apple bug #50311461 and is fixed in macOS 10.14.4. [CXM-65957]
App icons don’t show in the Endpoint Management console for apps that were automatically uploaded. [CXM-66444]
After the time period in the server property
bulk.enrollment.fetchRosterInfoDelay ends and an Apple School Manager device syncs with the server: The Apple School Manager user account is deleted from the server and the device moves into an anonymous state. [CXM-67913]
Users with special German characters, such as umlauts, in their display name can’t enroll. [CXM-68097]
The following error message displays when you attempt to configure a Public App by using the new app URL from the Apple Store. “Could not find the app you entered. Check the URL and try again.” [CXM-68537]
Endpoint Management 19.6.0
- Auto updates for Apple volume purchase apps. When you add a volume purchase account (Settings > iOS Settings), you can now enable auto updates for all iOS apps. See the App Auto Update setting in iOS Volume Purchase.
Fixed issues in Endpoint Management 19.6.0
The following error is displayed while adding a registry key to a Windows Embedded Compact policy if the length of the registry value exceeds 2048 characters:
Console error: could not execute statement; SQL [n/a]; nested exception is org.hibernate.exception.DataException: could not execute statement. [CXM-59446]
During profile installation on an iOS device, “Not Verified” appears in the profile information. [CXM-64486]
When an Azure AD user signs in to some Windows 10 Azure AD joined devices configured as kiosks, kiosk mode does not activate. This issue doesn’t occur if you enter the Azure AD user name in the format
azuread\user. For more information, see Kiosk device policy. [CXM-66123]
App icons don’t show in the Endpoint Management console for apps that were automatically uploaded. [CXM-66444]
When you add a volume purchase account (Settings > iOS Settings), the following message appears if the token exceeds 350 characters: “The entered company token is not valid, please enter a new one.” [CXM-68113]
Endpoint Management 19.5.0
iOS MDM enrollment workflow change. To improve platform security by reducing misleading profile installations, Apple released a new workflow for manually enrolling devices in MDM. This new workflow affects all MDM solutions, including Citrix Endpoint Management.
There is no change for MDM enrollment to servers assigned in Apple Business Manager or Apple School Manager. The workflow changes are only for manual enrollment in MDM.
Citrix has also simplified the enrollment. Previously, iOS device users receive two prompts during enrollment: A prompt for the root CA and a prompt for the MDM device certificate. Citrix installed the root CA for flexibility in using unsigned and signed certificates. Because all Citrix Cloud deployments use trusted certificates, the root CA is no longer needed.
iOS device users receive only the MDM device certificate prompt during enrollment. That prompt is labeled “XenMobile Profile Service”.
To support this change, Citrix changed the value of the server property,
false. A Safari window opens during MDM enrollment to simplify the profile installation for users. For more information, see Enroll iOS devices and the following YouTube video:
Changes for new Endpoint Management customers:
- Workspace experience deployment. You can create a separate delivery group, named Workspace, to begin to deploy the Workspace experience to new devices. By using the Workspace delivery group, you can deliver the Workspace experience to a small group without disrupting all users. See Integration with Citrix Workspace experience.
- Preconfigured policies and apps for new customers of as Endpoint Management 19.5.0. If you onboard starting with Endpoint Management 19.5.0 or later, we preconfigure a few device policies and mobile productivity apps. That configuration enables you to immediately deploy basic functionality to device users. See Default device policies and mobile productivity apps.
Knox Platform for Enterprise device policy for Android Enterprise. You can now enter the KPE Premium and Standard license keys for Android Enterprise devices running Knox version 3.0 or later. For information, see Knox Platform for Enterprise device policy.
Public session device policy for Chrome OS. You can now configure Chrome OS devices to support guest sessions. For information on configuring this policy, see Public session device policy.
- RBAC permission changes. The RBAC permission Add/Delete Local Users is now split into two permissions: Add Local Users and Delete Local Users.
Fixed issues in Endpoint Management 19.5.0
Enterprise apps don’t silently upgrade on supervised devices running iOS 11.4 or later. [CXM-66005]
When you edit a device policy, the following error message appears: “A configuration error occurred. Please try again”. [CXM-66370]
Endpoint Management 19.4.1
Through Workspace Environment Management (WEM) integration with Endpoint Management, you can manage all supported domain-joined Windows devices. This integration offers the following benefits and features:
With WEM alone, MDM deployments aren’t possible. With Endpoint Management alone, you’re limited to managing Windows 10 devices. By integrating the two, WEM has access to MDM features and you can manage a wider spectrum of Windows operating systems through Endpoint Management.
That management takes the form of configuring Windows GPOs. Currently, administrators import an ADMX file to Citrix Endpoint Management and push it to Windows 10 desktops and tablets to configure specific applications. Using the Windows GPO Configuration device policy, you can configure GPOs and push changes to the WEM service. The WEM Agent then applies the GPOs to devices and their apps.
MDM management isn’t a requirement for WEM integration. Any device that WEM supports can have GPO configurations pushed to it, even if Endpoint Management doesn’t support that device natively.
For a list of the devices supported, see Operating System requirements.
Devices which receive the Windows GPO Configuration device policy run in a new Endpoint Management mode called WEM. In the Manage > Devices list of enrolled devices, the Mode column for WEM-managed devices lists WEM.
For more information, see Windows GPO Configuration device policy.
CDN delivery of enterprise apps is now the default for new multi-tenancy customers of as Endpoint Management 19.4.1. If you are a new customer in the Asia Pacific region, contact your Citrix support representative to enable CDN delivery. In all regions, existing customers who want to deliver enterprise apps using CDN must reupload existing apps after enabling the feature. See How enterprise apps work.
Support for Web and SaaS apps and Web links for Android Enterprise. Endpoint Management now supports delivering links for Web or SaaS apps and Web links to Android Enterprise devices. Web and SaaS apps and Web links are added for Android Enterprise in the same way they are added for other platforms. See Add a Web or SaaS app and Add a Web link.
More restrictions for Chrome OS devices:
Display instructions on disabled devices. You can now add a custom message to display on disabled Chrome OS devices.
Allow users to install specific extensions, apps, and themes. Enter the list of URLs to permit downloading from those sources.
For more information, see Chrome OS settings.
Fixed issues in Endpoint Management 19.4.1
On Android Enterprise devices, the following app types might not appear in Secure Hub: Public app store apps configured in the Google Play platform and enterprise apps configured in the Android platform. [CXM-63638]
Android Enterprise apps don’t appear for devices until they are unenrolled and enrolled again. Apps also appear if you update them in their delivery groups. [CXM-64670]
Automated actions might not deploy to Android Enterprise devices. [CXM-64950]
The name and owner of your Android Enterprise enterprise might not display correctly in the Google Play store administrator console. [CXM-65647]
Endpoint Management 19.3.1
Fixed issues in Endpoint Management 19.3.1
If you deployed a Store device policy for Windows 10 Desktop and Tablet devices before release 19.3.1: When a user clicks the Windows store link in the Start menu, a message appears: “500 Internal Server Error” or “HTTP Status 404 - Either you have reached an old URL or this device is not registered”. To resolve this issue, you must recreate and deploy your Store device policy. [CXM-61785]
If an Active Directory user group is assigned to an RBAC role permission, you can’t delete the LDAP configuration containing that user group. As a workaround, if you unassign the corresponding Active Directory group from RBAC, you can delete the domain. [CXM-62737]
Endpoint Management 19.3.0
Support for Samsung Knox on Android Enterprise policy unification. For Android Enterprise devices running Samsung Knox 3.0 or later and Android 8.0 or later: Knox and Android Enterprise are combined into a unified device and profile management solution. Configure Knox settings on the Android Enterprise page of the following device policies:
OS Update device policy. Control Samsung Enterprise FOTA updates. See OS Update device policy.
Passcode device policy. See Passcode device policy.
Restrictions device policy. See Restrictions device policy.
Samsung MDM license key device policy. Configure the Knox license key. See Samsung MDM license key device policy.
App inventory device policy for Android Enterprise. You can now collect an inventory of the Android Enterprise apps on managed devices. For more information, see App inventory device policy.
Files device policy for Android Enterprise. You can now add script files to Endpoint Management to perform functions on Android Enterprise devices. See Files device policy.
Lock and reset password for Android Enterprise. Endpoint Management now supports the Lock and Reset password security action for Android Enterprise devices enrolled in work profile mode running Android 8.0 and greater. See Security actions.
Azure Active Directory support in a kiosk on Windows 10 Desktop and Tablet devices. You can now add domain joined Azure AD devices in Kiosk mode. See Kiosk device policy.
For Endpoint Management customers with the workspace experience enabled: Citrix Endpoint Management supports federated authentication through the Workspace app on iOS and Android. This feature does not support Azure Active Directory. For information, see Change authentication to workspaces.
Public REST API change. The Endpoint Management Public API for REST Services now includes an API to edit platform details inside the container for MDX apps. See “Section 126.96.36.199 Update platform details inside the container for MDX apps” in the PDF, Public API for REST Services.
Fixed issues in Endpoint Management 19.3.0
Locking fully managed Android Enterprise devices remotely using the Lock with passcode security action might fail without notifying you of the failure. To ensure a device is locked, set Lock with passcode twice. The device locks with the second passcode you set. [CXM-61095]
If the enterprise is deleted from Managed Google Play and updated on the Endpoint Management server, Android Enterprise devices can’t enroll sometimes. [CXM-62769]
For Citrix Endpoint Management integration with Microsoft Intune/EMS: Changes made to an Intune store app name or description don’t get saved. [CXM-62842]
After you edit an iOS Intune app, the app won’t install from the Microsoft Company Portal app. [CXM-62972]
If assigned permission as a Citrix Cloud custom administrator instead of a full administrator, you cannot click the Manage button to navigate resources. [CXM-63433]
Deprecation of TLS versions
To improve the security of the Citrix Endpoint Management service, Citrix now blocks any communication over Transport Layer Security (TLS) 1.0 and 1.1. As a result of its weakening security, the PCI Council is deprecating TLS 1.0.
How this change impacts you
If you use mobile application management through an on-premises Citrix Gateway (NetScaler Gateway), you must update your load balancer service to enable TLS 1.2.
Older versions of the following connectors support TLS 1.0 only:
- Endpoint Management connector for Exchange ActiveSync
- Citrix Gateway connector for Exchange ActiveSync
Upgrade your connector as follows:
If you use Endpoint Management connector for Exchange ActiveSync build 10.1.3 or lower, upgrade to build 10.1.4 or higher.
If you use Citrix Gateway connector for Exchange ActiveSync build 8.5.0 or lower, upgrade to build 188.8.131.52 or higher.
What to do
If you use an on-premises Citrix Gateway (NetScaler Gateway), enable TLS 1.2 on your load balancer service. For information, see https://support.citrix.com/article/CTX247095. Following is a video that shows how to enable TLS 1.2 on Citrix Gateway.
To download either connector for Exchange ActiveSync, go to the Server Components section under Endpoint Management Server on Citrix.com.
Endpoint Management 19.2.1
- Run multiple apps in a kiosk on Chrome devices. You can now add multiple apps to the Kiosk policy for Chrome OS. You can optionally automatically start apps when the user starts the device. See the Kiosk device policy.
Fixed issues in Endpoint Management 19.2.1
After an Android Enterprise is unenrolled and then re-enrolled, approved apps might not appear on devices enrolled in work profile mode. [CXM-59994]
When users first run Secure Mail on Intune MDM+MAM, the set up takes users through a workflow to select Intune MAM/XenMobile. [CXM-31272]
Endpoint Management 19.2.0
Deliver enterprise apps from a content delivery network (CDN). When a user isn’t located near an Endpoint Management server, enterprise app delivery can take a while. For significantly faster app downloads, you can instead have enterprise apps delivered from content delivery network (CDN) locations throughout the world. CDN support for enterprise apps is available for iOS apps (MDM or MAM enrollment) and Android apps (MDM or MAM enrollment). CDN support for enterprise apps isn’t available for Windows apps. To get started, see Deliver Enterprise apps from a CDN.
DEP device enrollment change for Citrix Workspace. If Endpoint Management is integrated with Citrix Workspace, the Workspace App is included in the DEP deployment package as a required app. This feature requires that you configure your DEP account settings for iOS with required credentials set to off. Secure Hub prompts users to enroll the device in Citrix Workspace before enrolling in Endpoint Management.
The server property ios.mdm.enrollment.installRootCaIfRequired is now set to false. Endpoint Management uses a publicly trusted certificate chain, thus it isn’t necessary to push a root CA to devices. As a result, iOS device users no longer receive a prompt to install a root CA during enrollment.
The WiFi and Credentials policies now support Apple TV OS. In addition, you can now configure the Airplay Security device policy to control which devices can connect to Apple TV devices. For more information, see the WiFi, Credentials and Airplay Security device policy articles.
Location device policy now available for Android Enterprise. You can define location settings for Android Enterprise devices that are managed or running in managed profile mode. See Location device policy.
Enhanced support for Alexa for Business. Endpoint Management now includes support for Alexa for Business conferencing, adding Alexa skills to your organizations, editing skill groups. See Alexa for Business.
Automated actions for Windows Agent policy. Using the Windows Agent policy, you can automate actions to run on Windows desktops and tablets based on registry values. For more information see the Windows Agent device policy and Automated Actions articles.
For Android Enterprise, the No Restrictions option for required characters in a passcode is now deprecated. Android Enterprise devices running Android 7 or higher no longer support a passcode created without character restrictions. If you previously set Required characters to No Restrictions, this update changes that value to Numbers only. This change doesn’t affect the current user signin experience. For more information, see Android Enterprise settings.
Fixed issues in Endpoint Management 19.2.0
When an app is deleted from the Intune library, and a user tries to delete it from the Citrix Cloud library, they can’t delete it. [CXM-61645]
After you upload a Google Play app in the Endpoint Manager console without adding an app icon image: If you later upload an image for the app, the image doesn’t appear in the apps list. [CXM-60965]
Endpoint Management 19.1.2
Files device policy now available for Android Enterprise. You can add script files to Endpoint Management to perform functions on Android Enterprise devices. See Files device policy.
Configure time zone settings for Chrome OS devices. You can now select a time zone for the Chrome device and specify how to detect the time zone. For more information, see Restrictions device policy.
The user information shown on the Users and Enrollment Invitations pages is now restricted by an RBAC administrator’s group permissions. Previously, the Endpoint Management console included information for all local users and domain users on the Manage > Users and Manage > Enrollment Invitations pages.
To specify which user groups an RBAC administrator has permission to view and manage, edit the administrator role and specify the user groups. For more information, see Configure roles with RBAC.
Launch third-party apps from the Workspace app. For customers with Citrix Workspace enabled: Before deploying new apps to users, you can add a comma-separated list of URLs to launch the apps from the Workspace app. For more information, see Add apps.
Fixed issues in Endpoint Management 19.1.2
You can’t upload Google Play services APK versions later than 11.5.09 in the Endpoint Management console. [CXM-59492]
Editing Windows Desktop and Tablet apps in Configure > Apps > Public App Store results in this message: “Application search failed”. Searching for those apps results in this message: “Error connecting to the windows desktop store url: Failed to retrieve public app details”. [CXM-61686]
What’s new history
In this article
- Endpoint Management 19.10.0
- Endpoint Management 19.9.1
- Endpoint Management 19.9.0
- Endpoint Management 19.8.0
- Endpoint Management 19.7.1
- Endpoint Management 19.6.1
- Endpoint Management 19.6.0
- Endpoint Management 19.5.0
- Endpoint Management 19.4.1
- Endpoint Management 19.3.1
- Endpoint Management 19.3.0
- Deprecation of TLS versions
- Endpoint Management 19.2.1
- Endpoint Management 19.2.0
- Endpoint Management 19.1.2