XenMobile installation and configuration is covered here . Customization and User experience is most important thing when it comes to real implementation. This post will cover the user experience part.
Enable Face ID and Touch ID
iPhone X and other android devices having face ID feature, We can configure xenMobile to work with the same with below property settings. edit the value to true if property already available if not create new key as below.
Settings – Client – Client Properties
- key: ENABLE_TOUCH_ID_AUTH
- Value : true
Ref : https://support.citrix.com/article/CTX228146
XenMobile Enable Auto Discovery
With autodiscovery in place user no need to remember the mdm url, User need to enter the email account for enrolling, based on email domain MDM or MAM url will be fetched by the secure hub.
- Login to XenMobiletools.Citrix.com
- Select Request auto discovery
- Click ADD – provide email domain name like company.com – a code will be generated.
- Copy the code and create a TXT file in the public DNS where company.com DNS is hosted in general with ISP.
- Wait for 15-20 Mins and check the DNS record status from xenmobiletools login , Status should be claimed.
- Right Click on Domain and Select add ADS
- Provide the MDM and MAM url, rest leave defaults unless default settings or ports are changed while installing xenmobile.
- review the ADS settings and SAVE.
- User can now enroll devices by providing email without mdm url.
Ref : https://docs.citrix.com/en-us/xenmobile/server/provision-devices/autodiscovery.htm
XenMobile eMail SSO
XenMobile autodiscovery needs to be configured for eMail SSO to work.
1)Create a new server property in the XenMobile console. ( Setting – Server Property – ADD)
2)Create a new client property in the XenMobile console. ( Setting – Client Property – ADD)
3)Create a new client property in the XenMobile console. ( Setting – Client Property – ADD)
4)Configure the following Secure Mail app settings:
Initial authentication mechanism – Select User email address.
Initial authentication credentials – Select userPrincipalName or sAMAccountName (this is based on XenMobile enrollment config sAMAccountName or userPrincipalName)
Secure Mail Exchange Server field – leave empty
Secure Mail user domain field – empty ( if not working put the domain name given in xenmobile ldap setting)