You can configure MDX policies for mobile apps, including the WorxMail and WorxWeb apps. The policies you can configure depend on the mobile app and the mobile device. You configure the policies after you wrap the app with the MDX Toolkit and when you upload the app to AppController 2.5 or 2.6, or App Controller 2.8.
When you upload a mobile app to App Controller, the following app details appear on the Details page. When the app is wrapped, the person wrapping the app defines some settings. Citrix recommends that you do not change the fields that contain app information, such as the app name, description, and version.
On the Workflow page, you can either create a new workflow or select a workflow you configured by using the Workflows tab in the management console. If you use an existing workflow, when you click Next, you go to the Policies page where you configure the policies as described earlier in this topic If you are creating a new workflow, when you click Next, you go to the Manager Approvals page where you can configure the levels of approvers and any additional approvers.
Configuring MDX Policies for WorxMail
You can configure the following policies for WorxMail apps on both Android and iOS devices:
- WorxMail Exchange Server. The fully qualified domain name (FQDN) for Exchange Server. Default is empty.
- WorxMail user domain. The default Active Directory domain name for Exchange users. Default is empty.
- Background network services. The FQDN and of the ActiveSync server, such as servername:443. This might be an Exchange Server, either in your internal network or in another network that WorxMail connects to, such as mail.mycompany.com:4443. If you configure this policy, set the Network access policy to Tunneled to the internal network. This policy takes affect when you configure the network access policy. In addition, use this policy when the Exchange Server resides in your internal network, or if you want to use NetScaler Gateway to proxy the connection to the internal Exchange Server.
- Background ticket expiration. The time period that a background network service ticket remains valid. When WorxMail connects through NetScaler Gateway to an Exchange Server running ActiveSync, App Controller issues a token that WorxMail uses to connect to the internal Exchange Server. This property setting determines the duration that WorxMail can use the token without requiring a new token for authentication and the connection to the Exchange Server. When the time limit expires, users must log on again to Receiver to generate a new token. Default value is 168 hours (7 days).
- Background network services gateway. This is the NetScaler Gateway FQDN and port number with which WorxMail uses to connect to the internal Exchange Server. The format is "fqdn:port". In the NetScaler Gateway configuration utility, you must configure the Secure Ticket Authority (STA) and bind the policy to the virtual server. The default value is empty, implying that an alternate gateway does not exist. If you configure this policy, set the Network access policy to Tunneled to the internal network. This policy takes affect when you configure the network access policy. In addition, use this policy when the Exchange Server resides in your internal network or if you want to use NetScaler Gateway to proxy the connection to the internal Exchange Server.
For the complete list of MDX policies, see Configuring MDX Policies for Android Apps in App Controller and Configuring MDX Policies for iOS Apps in App Controller.