Jump to content
Welcome to our new Citrix community!
  • 0

Add Android Enterprise MDX app


Chris Tyson1709156276

Question

We are in the process of setting up Android Enterprise and are trying to add an MDX wrapped app.

According to https://docs.citrix.com/en-us/xenmobile/server/apps.html#add-an-mdx-app  we should get a prompt "App is not approved" with the option to go to Google Play Store and approve it.

Instead we are getting the prompt "Error - App is not a managed Google Play Store app. Try another file." - Which is true as it's a locally MDX wrapped app.

 

Have I missed a step somewhere?

Link to comment

8 answers to this question

Recommended Posts

  • 0

Hi,

we had the same issue at our site.

For me the follwing steps were needed:

1. Wrap the application via command line

java -jar /Applications/Citrix/MDXToolkit/ManagedAppUtility.jar wrap -in /Users/xxx/Downloads/xxx.apk -out /Users/xxx/Downloads/xxx_wrapped.mdx -keystore /Users/xxx/Downloads/Keystore\ Android/dsa.keystore -storepass dsa.keystore -keyalias wrapkey -keypass dsa.keystore -apptype General

2. Upload the app via XMS under "Add Application" "Enterprise". The app gets now uploaded to Google Work Store. (If app is already avaliable in Public Store you need to change bundle name via apktool)

3. Wait until upload is complete and avaliable and check if idenfifier matches: https://play.google.com/work/apps/details?id=###yourappid###

4. Add Url to MDX

java -jar /Applications/Citrix/MDXToolkit/ManagedAppUtility.jar setinfo -in /Users/xxx/Downloads/xxx_wrapped.mdx -out /Users/xxx/Downloads/xxx_wrapped_withstoreurl.mdx -storeURL "https://play.google.com/store/apps/details?id=###yourappid###"

5. Upload MDX file as Android enterprise MDX.

This will let me download the App from AFW App Store.

The problem for me now is, that if the app starts it asks me if this ist personal or company app. If I choose company, it loads policies from MDX file. Then the app needs to be restarted and comes then with the error that the encryption policy has changed and the app needs to be reinstalled.

Wrapping with -apptype Premium will not work for me also with the issue "Failed to find required assets/mdx/premium_mdx_policies.xml".  @Chris Tyson1709156276: Wrapping via MDX Service is not supported for Android Enterprise (https://docs.citrix.com/en-us/citrix-endpoint-management/apps.html?&_ga=2.153764792.1469195250.1594047235-705138465.1592841597#add-private-android-enterprise-apps-as-mdx-wrapped-enterprise-apps)

Anyone facing the same issue ?

Thanks
Fabian

 

Link to comment
  • 0

Hi,

so my issue with the app got resolved now and I am able to wrap the application for Android Enterprise with the following command.

It seems to be important to add the -MinPlatform 5.0 parameter and the premium_mdx_policies.xml and -apptype Premium. The Content of the premium_mdx_policies.xml is attached. This will create two files one app_wrapped.mdx and one app_wrapped.apk file. The .apk file needs to be uploaded to Google via XMS and the .mdx file needs to be uploaded directly to XMS Server. 

Cheers

Fabian

 

 

java -jar /Applications/Citrix/MDXToolkit/ManagedAppUtility.jar wrap -in /Users/xxx/Downloads/app.apk -out /Users/xxx/Downloads/app_wrapped.mdx -keystore /Users/xxx/Downloads/Keystore\ Android/dsa.keystore -storepass xxx -keyalias wrapkey -keypass xxx -apptype Premium -premiumMdxPolicies /Users/xxx/Downloads/premium_mdx_policies.xml -MinPlatform 5.0  -storeURL "https://play.google.com/store/apps/details?id=xxx"

 

 

premium_mdx_policies.xml

 

<?xml version="1.0" encoding="UTF-8"?>
<MobileAppPolicies>
    <PolicySchemaVersion>
        1.0
    </PolicySchemaVersion>
    <Policies>
        <DevicePasscode>false</DevicePasscode>
        <AppPasscode>false</AppPasscode>
        <MaxOfflinePeriod>72</MaxOfflinePeriod>
        <StepupAuthAddress/>
        <RequireUserEntropy>false</RequireUserEntropy>
        <BlockRootedDevices>true</BlockRootedDevices>
        <BlockDebuggerAccess>false</BlockDebuggerAccess>
        <RequireDeviceLock>false</RequireDeviceLock>
        <RequireDeviceEncryption>false</RequireDeviceEncryption>
        <WifiOnly>false</WifiOnly>
        <RequireInternalNetwork>false</RequireInternalNetwork>
        <InternalWifiNetworks/>
        <AllowedWifiNetworks/>
        <UpgradeGracePeriod>168</UpgradeGracePeriod>
        <WipeDataOnAppLock>false</WipeDataOnAppLock>
        <ActivePollPeriod>60</ActivePollPeriod>
        <EncryptionKeys>Offline</EncryptionKeys>
        <PrivateFileEncryptionEnum>Disabled</PrivateFileEncryptionEnum>
        <PrivateFileEncryptionExcludeList/>
        <PublicFileAccessLimitsList/>
        <PublicFileEncryptionEnum>Disabled</PublicFileEncryptionEnum>
        <PublicFileEncryptionExcludeList/>
        <PublicFileEncryptionMigrationEnum>Disabled</PublicFileEncryptionMigrationEnum>
        <CutAndCopy>Unrestricted</CutAndCopy>
        <Paste>Unrestricted</Paste>
        <DocumentExchange>Unrestricted</DocumentExchange>
        <OpenInExclusionList/>
        <InboundDocumentExchange>Unrestricted</InboundDocumentExchange>
        <InboundDocumentExchangeWhitelist/>
        <connectionSecurityLevel>TLS</connectionSecurityLevel>
        <DisableCamera>false</DisableCamera>
        <DisableGallery>false</DisableGallery>
        <DisableMicrophone>false</DisableMicrophone>
        <DisableLocation>false</DisableLocation>
        <DisableSms>false</DisableSms>
        <DisableScreenCapture>false</DisableScreenCapture>
        <DisableSensor>false</DisableSensor>
        <DisableNFC>false</DisableNFC>
        <BlockLogs>false</BlockLogs>
        <DisablePrinting>false</DisablePrinting>
        <EnableSharefile>true</EnableSharefile>
           <MvpnNetworkAccess>MvpnNetworkAccessUnrestricted</MvpnNetworkAccess>
        <MvpnSessionRequired>False</MvpnSessionRequired>
        <NetworkAccess>NetworkAccessUnrestricted</NetworkAccess>
        <DisableLocalhostConnections>false</DisableLocalhostConnections>
        <CertificateLabel/>
        <DefaultLoggerOutput>file</DefaultLoggerOutput>
        <DefaultLoggerLevel>15</DefaultLoggerLevel>
        <MaxLogFiles>2</MaxLogFiles>
        <MaxLogFileSize>2</MaxLogFileSize>
        <RedirectSystemLogs>false</RedirectSystemLogs>
        <EncryptLogs>false</EncryptLogs>
        <GeofenceLongitude>0</GeofenceLongitude>
        <GeofenceLatitude>0</GeofenceLatitude>
        <GeofenceRadius>0</GeofenceRadius>
        <EnableGoogleAnalytics>false</EnableGoogleAnalytics>
        <AcceptAllSSLCerts>true</AcceptAllSSLCerts>
        <UseSecureConnection>true</UseSecureConnection>
        <LockScreenNotifications>Allow</LockScreenNotifications>
        <Authentication>OfflineAccessOnly</Authentication>
        <ReauthenticationPeriod>480</ReauthenticationPeriod>
        <AuthFailuresBeforeLock>5</AuthFailuresBeforeLock>
        <EncryptionVersionEnum>2</EncryptionVersionEnum>
        <AnalyticsDetail>AnalyticsDetailComplete</AnalyticsDetail>
    </Policies>
</MobileAppPolicies>
 

 

 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...