In order to get your users' devices under management, users need to enroll their devices into Device Manager. To get started, you install Device Manager in your network. Next, you connect to Active Directory to import users by using the LDAP wizard. Then, you configure the following settings in Device Manager:
When you finish configuring Device Manager, you can send enrollment invitations to your users. The invitation contains a link that allows users to download Worx Enroll, which then allows users to enroll their devices in Device Manager. When users log on, Device Manager authenticates the user's identity and enrolls the device.
Citrix recommends that you deploy NetScaler or NetScaler Gateway for security. You deploy NetScaler or NetScaler Gateway in the DMZ with Device Manager, as shown in the following figure. When you deploy NetScaler or NetScaler Gateway, you can use the XenMobile NetScaler Connector (XNC) to control access to email, calendar, and contacts from mobile devices. In this deployment, after enrollment, user devices connect to NetScaler or NetScaler Gateway to access resources.
If users enroll their iOS devices, the devices and Device Manager must communicate with the Apple Push Notification service (APNs).
The preceding figure also shows the ports you need to open to enable the connections. You must open all of the ports behind the firewall for each identified service. For details about the ports, see XenMobile Port Requirements. For details about the APNs server, also shown in the preceding figure, see Requesting an APNs Certificate in the Device Manager documentation.