Product Documentation

Configuring Deployment Rules

Mar 25, 2015

You can set any number of parameters that will affect the deployment outcome of a package.

For example, your package deployment could be based on a specific operating system version, on a particular hardware platform, or some other combination. In this wizard, you will find both a Base and Advanced rule editor. The Advanced view is a free-form editor. The image below illustrates the Deployment Rules screen accessible when adding or editing an app:

Base Deployment Rules

Base deployment rules are comprised of predefined tests and resulting actions. When possible, the results are pre-built into the example tests. For example, when basing a package deployment on a hardware platform, all existing known platforms are populated into the resulting test, drastically reducing your rule creation time and limiting possible errors.

Click New rule to add a rule to the package.
Note: The rule builder includes further information, specific to each test.

To create a new rule, you select a rule template, select the condition type, and then customize the rule. Customizing the rule includes modifying the description. When you finish configuring settings, you add the rule to the package.

You can add as many rules as you want. The package is deployed when all of the rules match.

Advanced Deployment Rules

If you click on the Advanced tab, the Advanced Rule Editor appears.

In this mode, you can specify what relationship is set between the rules. The operators AND, OR, and NOT are available.

About Device Ownership in XenMobile

Device ownership includes corporate-owned devices and includes user-owned devices, also known as bring your own device (BYOD). You can control how BYOD devices connect to your network in two places in the XenMobile console: on the Deployment Rules page and through XenMobile server properties on the Settings tab.

By setting server properties, you can require all BYOD users to accept corporate management of their devices before they can access apps, or you can allow users access to corporate apps without also managing their devices.

  • When you set the server setting wsapi.mdm.required.flag to true, all BYOD devices are managed and any user who declines enrollment is denied access to apps. Setting wsapi.mdm.required.flag to true should be considered in environments in which enterprise IT teams need high security along with a positive user experience, which comes from enrolling user devices in XenMobile.
  • If you set wsapi.mdm.required.flag to false, which is the default setting, users can decline enrollment, but may still access apps on their devices through the Worx Store. Setting wsapi.mdm.required.flag to false should be considered in environments in which privacy, legal, or regulatory constraints require no device management, only enterprise app management.

For more information about setting the server properties, see Server Properties.

Users with devices that are not managed can install apps through the Worx Store. Instead of device-level controls, such as selective or full wipe, you control access to the apps through app policies. The policies, depending on the values you set, require the device to routinely check the Xenmobile server to confirm that the apps are still allowed to run.