Citrix supports both enterprise distribution and public app store distribution for XenMobile productivity apps until December 31, 2017. For details, see the Citrix product matrix. You must move to the public app store apps before this date. After that, only public app store distribution is supported. The MDX Toolkit continues to support enterprise wrapping for app developers.
Moving from the enterprise versions of XenMobile Apps to the public app store versions on user devices requires new installations of the apps.
As of version 10.4.5, an in-app guide in some XenMobile Apps helps users export their app settings:
- Secure Mail, Secure Web, ShareFile, and QuickEdit include an in-app migration guide that you enable with policies in the MDX Toolkit.
- Secure Notes and Secure Tasks do not include an in-app migration guide.
The following sections describe the steps to get ready for app migration, including how to enable the in-app migration guide. For Secure Notes and Secure Tasks, the article shows how to migrate without the guide. The article also includes specific steps users take on their iOS or Android devices.
To get ready for app migration
- We recommend that you migrate your other apps, such as Secure Web, ShareFile, or QuickEdit, before you migrate Secure Mail. Doing so ensures that Secure Mail exports the app settings for your other apps successfully.
- For apps that include an in-app migration guide (Secure Mail, Secure Web, ShareFile, and QuickEdit):
- For iOS, set the Cut and Copy MDX policy to Unrestricted. Note that you only need to change this setting if users migrate Secure Mail for iOS first.
- Upload the MDX file to the XenMobile console. Doing so ensures that Secure Hub authorizes the apps to be downloaded and installed from the app stores.
- Set up automatic enrollment and a credential store in the public store version of Secure Mail. Set the configuration to configure the account automatically when users open the app, if the configuration does not include certificates. For details, see Configure single sign-on for Secure Mail.
- During the migration period, both the enterprise apps and public app store apps are available in Secure Hub. A best practice is to prepend the display name of the enterprise apps with a phrase like Do Not Install. Move the apps to a new folder named Deprecated - Do Not Install. When the migration period ends and the enterprise apps are wiped, you can push the public store apps as required.
To enable the in-app migration guide
To enable the guide, turn on the MDX policies for App Store migration (iOS) or Play Store Migration (Android) on the XenMobile console. The next time users open the enterprise versions, the migration guide appears.
You can control how long the guide appears by configuring the Migration grace period (hours) MDX policy. The default value is 72 hours. When the period ends, the enterprise app becomes inactive. At that time, users must move apps to the public app store version.
Other points to note about the in-app guide:
- Wait for the migration grace period to pass before removing the enterprise apps from your user groups.
- If you blocked app store access, the guide can't be enabled. In this case, users must move their apps to public store apps manually.
- Enabling the guide with shared devices isn't recommended. The shared device administrator should manage the move to public store apps.
Migrating Secure Notes and Secure Tasks without the in-app migration guide
Secure Notes and Secure Tasks do not include an in-app migration guide. To migrate Secure Notes and Secure Tasks from the enterprise app versions to the public app store apps, do the following.
- Deploy an App uninstall device policy to remove the enterprise versions when the app store version of Secure Mail is installed. This policy is not supported in MAM-only environments.
- Send Secure Hub notifications to install Secure Notes and Secure Tasks from the app store. The notifications appear to users when they install the app store version of Secure Mail or Secure Web.
- In environments without an MDM deployment, we recommend that you wipe the apps. Then, users reinstall that app when you send them an email migration template. For email templates, see the Citrix.com resource guide on XenMobile End User Adoption.
In-app migration guide on iOS devices
1. When users tap the enterprise version of Secure Mail or Secure Web, a screen instructs them to download the app from the App Store. The screen also notifies them when the enterprise app becomes inactive.
2. A pop-up message appears, telling users to look for an email with an attachment that contains their settings.
3. When users tap OK, a confirmation screen appears:
4. Users are taken to the App Store, where they download the app.
5. After installing the public app store version of the app, users must delete the old, enterprise versions from their devices.
If they don't, when they open the enterprise version, they see a message. The message instructs them to remove the old version.
In-app migration guide on Android devices
On iOS, both the enterprise and public app store versions can exist on the device. On Android, however, users must uninstall the enterprise version before installing the app store version.
On Android, it’s recommended that users migrate from the Secure Web enterprise version to the Secure Web app store version first and then migrate Secure Mail.
Android requires users to uninstall an older version of an app. In this case, users uninstall the enterprise version. Then, they install the Google Play version. To export app settings, users must have Secure Mail on the device.
If a user taps the enterprise version of Secure Mail, the following sequence of screens appears:
After users migrate their apps
After users migrate their apps, do the following as appropriate for your scenario:
- When using the migration guide for iOS devices, users have the enterprise apps and public store apps installed on their devices simultaneously. To remove the enterprise app upon install of the public store version, use the App Uninstall device policy. The policy is available in XenMobile Server 10.6 and later. This policy is not supported in MAM-only environments.
- We also recommended that you use the App Uninstall policy to trigger the removal of Secure Notes and Secure Tasks.
In the following figure, in Managed app bundle ID, type the bundle ID of the app you want users to uninstall. In the Deployment Rules, for Installed App Name is equal to, type the bundle ID of the app from the public app store that you want users to install.
To use automated actions to trigger a Secure Hub notification, see Automated actions. You set the trigger based on the Installed app name.