Archive
Microsoft Intune May updates – #Intunes, #EMM, #MDM, #Mobility, #EnvokeIT
Thsi week Microsoft is going to roll out some new updates like Android Wrapping Tool and new features for iOS, Android and Windows Phone to Microsoft Intunes.
We are excited to share with you the next set of Intune features that will be released between May 19 and May 26. With our monthly release cadence, we continue to focus on providing you with best-in-class experiences that help keep your users productive while protecting your company’s sensitive data. You can expect to see the following new Intune standalone (cloud only) features in this release:
- Ability to extend application protection to your existing line-of-business apps using the Intune App Wrapping Tool for Android (Intune App Wrapping Tool for iOS made available in December 2014)
- Ability to assign help desk permissions to Intune admins, filtering their view of the Intune admin console to only provide access to perform remote tasks (e.g. passcode reset and remote lock)
- RSS feed notification option added for Intune admin to subscribe to be alerted when new Intune service notifications are available for their service instance
- Improved end user experience in the Intune Company Portal app for iOS with step-by-step guidance added on how to access corporate email by enrolling for management and validating device compliance
- Updated Intune Company Portal app for Windows Phone 8.1 to provide enhanced status notifications for app installations
- New custom policy template for managing new Windows 10 features using OMA-URI
- New per-platform mobile device security policy templates for Android, iOS, Windows, and Windows Phone, in addition to new Exchange ActiveSync policy template
- Ability to deploy Google Play store apps that are required/mandatory to install on Android devices
Also, as announced last week, several new hybrid features are now…
Contact us at EnvokeIT if you like assistance with Intunes or continue reading the blog post here.
//Richard
Deploying #SCCM 2012 Packages and Programs with the #Citrix Connector – #DaaS, #XenDesktop
This is a really good blog post by Christopher Fife, it touches on a couple of scenarios and explains the solution to how best you would accommodate the solution to them. Good work Christopher! 🙂
The Citrix Connector 7.5 for System Center 2012 Configuration Manager, also known simply as the Citrix Connector, integrates XenApp and XenDesktop 7 with Configuration Manager 2012 (CM). The Connector streamlines use of Configuration Manager deployment technology to automate Citrix server and desktop image management. The Connector leverages the new Application/Deployment Type (App/DT) feature of Configuration Manager 2012 to orchestrate deployment to the right images at the right time. Administrators can optionally use the App/DT model to deliver the actual application publications.
Many of our customers are still early in migrating to the App/DT model. They are still leveraging their extensive library of Packages and Programs developed with great care over many years. These Citrix customers want to know how to use all the goodness of the Connector with these Packages and Programs. So, if you are interested in using the Citrix Connector to deploy Packages and Programs to your Citrix servers and desktop, this post is for you.
In many cases deploying Packages and Programs with the Citrix Connector is a straight forward process familiar to any CM administrator. However there are two scenarios in which specific actions are required to avoid unintended consequences when deploying Packages and Programs with the Citrix Connector.
Scenario 1 – Deploying to Image Managed (MCS or PVS) Citrix hosts
The first scenario that requires special consideration is deploying Packages and Programs to VMs created with Citrix XenDesktop Machine Creation Services (MCS) or Citrix Provisioning Services (PVS). As an administrator, you want to deploy software on the master image of a Machine Catalog and rely on XenDesktop/XenApp to clone worker VMs. Deploying directly to VM clones wastes compute, storage, and network resources because each clone will discard the changes on reboot.
Thus, the Citrix Connector is optimized to only install applications on the master image of a Machine Catalog while entirely skipping application installation on the clones of the master image. The key enabler that allows us to selectively install applications is a CM client policy that puts a 3rd party agent like the Citrix Connector in charge of when to install application or updates.
Here’s the problem. CM client policy does not stop the installation of Packages and Programs or Task Sequences; it only applies to the App/DT model and Windows Updates. This means that the Citrix Connector cannot prevent the installation of Packages and Programs on MCS or PVS clones, leading to unnecessary resource utilization.
Solution
Create a device collection that contains just the update device and deploy Packages and Programs to this device collection instead of the device collection created by the Citrix Connector.
Scenario 2 – App Publishing from the CM Console
The second scenario comes into play when using the CM Console to publish the Package/Program as a XenApp-hosted application. The Citrix Connector uses CM application detection logic to ensure that the application is installed before publishing it to Citrix Receiver. This is to prevent an icon from appearing in Receiver before all the servers in a Delivery Group have the application installed.
Unfortunately Package/Program deployments do not have reliable, ongoing application detection logic. Consequently, this orchestration feature of the Citrix Connector cannot be supported when using the Citrix Application Publishing Wizard to publish apps from the Configuration Manager Console.
Solution 1
Use Citrix Studio to publish the application instead of the Citrix Application Publishing Wizard in the CM Console.
Solution 2
If you are using CM Application Catalog and want the Citrix hosted version of the installed program to appear there, you will need to create a new application with a Script deployment type and a Citrix deployment type. The Script DT supplies the application detection logic by looking for the application’s executable, while the Citrix DT creates the application publication in XenDesktop.
Solution Details
The remainder of this post is divided into two sections and will give specific examples of how to implement the solutions discussed above. The first focuses on image management and precisely targeting the program deployment at the update device for a Citrix device collection. The second section focuses on publishing the program installed by CM as a Citrix hosted app.
Solution for Image Management and Resource Utilization
As previously mentioned, the Citrix Connector cannot prevent the installation of Packages and Programs on pooled Citrix session hosts created with Machine Creation Service (MCS) or Provisioning Service (PVS). To prevent this potential inefficiency, a new device collection must be created that only contains the update device. There are 4 steps to accomplish this:
- create the new device collection,
- deploy the program to the new device collection,
- monitor for deployment success on the update device, and
- update the pooled Citrix session hosts with the updated image.
These steps are detailed below.
For background information about master image management with the Citrix Connector and the role of the update device, watch the Master Image Management video http://www.citrix.com/tv/#videos/11534 on CitrixTV.
Before you start, use the machine catalog properties to make sure there is a designated update device, the Update Method property value is “update device”, and the Update Device property value contain a machine name. This is a very important step. If an update device is not defined for a Citrix image managed device collection, the steps outlined below will result in a new device collection with zero members.
Step 1: Use the Configuration Manager Console to create a device collection
- In the Assets and Compliance section of the Configuration Manager Console, click the “Create device collection” action on toolbar ribbon.
- On the General Page of the Create Device Collection Wizard,
Multi-Factor Authentication for Office 365 – #Office365, #IAM
This is cool!
Paul Andrew is a technical product manager on the Office 365 team working on identity.
Today we’re adding Multi-Factor Authentication for Office 365 to Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This will allow organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.
Multi-factor authentication increases the security of user logins for cloud services above and beyond just a password. With Multi-Factor Authentication for Office 365, users are required to acknowledge a phone call, text message, or an app notification on their smartphone after correctly entering their password. Only after this second authentication factor has been satisfied can a user sign in.
Multi-factor authentication has been available for Office 365 administrative roles since June 2013, and today we’re extending this capability to any Office 365 user. We’re also enhancing the capabilities that have been available since June. We’re adding App Passwords for users so they can authenticate from Office desktop applications as these are not yet updated to enable multi-factor authentication. And we’re enabling users who are authenticated from a federated on-premises directory to be enabled for multi-factor authentication.
This addition of multi-factor authentication is part of our ongoing effort to enhance security for Office 365, and we’re already working on Office desktop application improvements to Multi-Factor Authentication for Office 365, which we’ll introduce later in this post. Office 365 offers many robust built-in security features for all customers and also optional controls that enable subscribers to customize their security preferences. More information about security in Office 365 is available inthe Office 365 Trust Center.
Let’s take a look at how Office 365 customers can take advantage of multi-factor authentication and configure it, including using App Passwords for Office desktop applications.
After entering your account password, you see a message like this while your phone is being called for acknowledgement.
Multi-Factor Authentication for Office 365
Office 365 administrators enroll users for multi-factor authentication through the Office 365 admin center.
Citrix Worx Apps announced! – part 2, #CitrixSynergy, #BYOD
Hi again,
Ok, yesterday I posted that Citrix announces the Worx apps which I think is a GREAT story and it looks as the killer apps!
Citrix Worx Apps announced! #CitrixSynergy, #BYOD
I got you excited I guess, but this is of course also not something that we’ll see released in May! The first release now in June will release the Worx Enroll and Worx Home apps, but Worx Home will only be the “store” for Mobile and Web apps. The XenDesktop/XenApp integration comes in the next release so until then the Receiver is still the client for that type of delivery.
I got to play around with Worx Home a bit yesterday and I really liked the way it displays the apps and how they easily can be sorted in a groups by type or folder structure. And then when you get XA/XD items in there and they are placed right next to all the other apps on your mobile device and you can launch Excel from you iPad directly instead of going through and opening the Worx Home or Receiver app the integration is really user friendly. But then again; don’t we still for the majority of the use cases think that XA/XD are “legacy” solutions? wouldn’t we rather strive to get into a complete SaaS model instead of adding these expensive hosted solutions? I know it won’t go away and there are great use cases for XA and XD but I would still say it’s legacy, park it and contain it and work on your strategy to change the model and become future ready! 😉
And for those that don’t go off and purchase the Mobile Solution Bundle in the future can continue to use the Receiver for their “legacy” XenApp/XenDesktop service delivery. The question is how this will be evolving though, I foresee a risk that to much of the focus in the future will be agains the Worx apps and that is something that may lead to longer release cycles of fixes and updates of the Receiver. That my of course not be an issue either though many companies today are struggling with that Citrix “goes to fast” and it’s hard to keep up (and Citrix has a hard time keeping up as well).
Stay tuned for a more complete update after Synergy!
//Richard
WOW! – MS readies ‘Mohoro’ Windows desktop as a service – #BYOD, #DaaS – via @brianmadden
What can you say!?!? It wouldn’t surprise me a bit!! Of course Microsoft would come out with an Azure based cloud offerings of Desktops as a Service! I will follow this progress for sure, interesting and NOT so nice for quite a number of partners out there…
Summary: Microsoft is believed to be building a Windows Azure-hosted desktop virtualization service that could be available on a pay-per-use basis.
In yet another example of its growing emphasis on remaking itself as a devices and services company, Microsoft looks to be developing a pay-per-use “Windows desktop as a service” that will run on Windows Azure.
The desktop virtualization service, codenamed Mohoro, is in a very early development phase, from what I’ve heard from sources. I don’t know the final launch target, but I wouldn’t be surprised if it isn’t until the second half of 2014.
Mohoro is a town located on the island of Grande Comore in the Comoros Islands in the Indian Ocean. Given that members of the Microsoft India Development Center may be playing a key role in Mohoro’s development, according to my sources, the codename choice seems appropriate.
Microsoft owns the Mohoro.com and Mohoro.Net domain names.
Mohoro, like another Windows service, Windows Intune, is a product of Microsoft’s Server and Tools unit, I hear. Windows Intune is still not yet hosted on Windows Azure (as far as I know), but supposedly the plan is to move it to Azure at some point. Windows Intune already does make use of Windows Azure Active Directory as its directory and authentication service.
The same way that Windows Intune is the cloud complement to System Center, Mohoro seems to be the cloud version of Remote Desktop/Remote App.
This is like “Remote App as a hosted service,” said one of my contacts. It could be for companies who want thin clients or to run legacy apps on new PCs. Right now, companies have to have their own servers in the equation to do this, but “with Mohoro, you click a few buttons, deploy your apps, use Intune to push out configuration to all of your company’s devices, and you’re done,” my contact added.
Microsoft currently offers multiple ways for users to access their Windows desktops remotely via different virtualization technologies and products.
The aforementioned Remote App/Remote Desktop allows Windows users to connect to a remote Windows PC and access resources from it. On the Windows RT front, given that operating system’s restrictions on use of almost any existing Win32 applications, Remote Desktop provides a way for users to continue to use apps they already have on new hardware like the Microsoft Surface RT. Licensing of Remote Desktop and Remote Desktop Services is complex, however, and requires access to server infrastructure on the back-end.
Currently, it is not possible under Microsoft’s licensing terms to run Windows client in virtual machines hosted on Windows Azure. (The new Azure VMs do allow…
Continue to read this great blog post by Mary Jo Foley here!
//Richard
Working with #XenMobile #AppController and Me@Work apps – #Citrix, #BYOD
I got to play around with @WorkWeb and @WorkMail apps a bit… and I must say that the process to get the Me@Work apps into AppController isn’t the simplest there is for someone that haven’t been doing iOS app development before.
But what I’m describing here is what’s now named XenMobile AppController and a part of the XenMobile bundle:
(Note: picture from Citrix)
So lets try to summarise the steps involved in getting these @WorkWeb and@WorkMail apps into your AppController and then published them to your users!
- Get your hands on a Macbook!
- Download the App Preparation Tool for iOS Applications and install it on the client
- Download and install Xcode (not 100% necessary but I recommend that you do that to simplify the creation/download of Distribution certificates and Distribution Profiles)
- Open XCode and open Preferences->Downloads,
Read more…
#Citrix #AppController 2.6 released as part of #MobileSolutions #Bundle #BYOD
As a part of the Mobile Solutions Bundle that now is available on MyCitrix you can find a new version of AppController.
AppController 2.6 supports the following new features:
- Certificate support. When you configure AppController for the first time in the web-based management console, you can add or create certificates on the Active Directory settings page.
- Microsoft Hyper-V support. You can install the AppController 2.6 virtual machine on Windows Server 2012 with Hyper-V enabled or on Microsoft Hyper-V Server 2012.
- Migration support to AppController 2.6. You can upgrade to AppController 2.6 from AppController 2.0 or from AppController 2.5.
- Mobile store support. You can upload mobile apps from the Apple App Store or Google Play to AppController. You can use the Citrix App Preparation Tool to wrap iOS and Android apps from the Apple App Store or Google Play. When you wrap the app, you can secure access and enforce policies. When you upload the app to AppController, you can configure the policies. You can also upload an app from the App Store or Google Play to AppController without using the App Preparation Tool.
- Secure connections to Active Directory. You can configure secure connections to Active Directory when you configure AppController 2.6 for the first time.
- ShareFile updates. In previous AppController versions, when you configured ShareFile, the domain sharefile.com was automatically appended to the domain name. In this release, the domain sharefile.com does not automatically append to the ShareFile domain name. You must enter the entire ShareFile domain name.
- Support for mobile links. You can configure mobile links to retrieve the name and description of apps automatically from the Apple App Store. For apps available through the Google Play Store, you enter the name, description and URL of the app. When you configure mobile links, links appear in Receiver with the Play Store or App Store name.
- Web proxy user name format. When you configure the web proxy, you can use either the SAMAccount format or the User Principal Name (UPN) as the user name.
Read more about it here!
//Richard
#XenMobile, #MobileSolutions – Is this what we’ve been waiting for? – #Citrix, #ZenPrise, #BYOD
Ok, so Citrix has now presented their new offering after merging Zenprise into their product portfolio. And is this what you have been waiting for?
My personal answer to that is probably yes, now you have all the capabilities (almost) out there to get your BYOx program/strategy and architecture in place or if you just want to add additional capabilities to your existing service offerings.
I must say though that the packaging is compelling and VERY interesting!
Citrix Mobile Solutions Bundle
The Citrix Mobile Solutions Bundle, which is comprised of XenMobile MDMand CloudGateway, offers a complete enterprise mobility management solution that enables IT to manage and secure devices, apps, and data.
XenMobile MDM Edition
XenMobile MDM Edition offers market leading mobile device management capabilities that deliver role-based management, configuration and security of corporate and employee-owned devices.
What I’d like to see is a roadmap where Citrix becomes an even more complete provider of technology in the Mobility segment. I still believe that Mobility is not only about smartphones and tablets and all the apps that you shall deliver to those devices and non-managed and non-corporate owned devices. There is still a need to provide device management of corporate assets that are not smartphones and tablets! And why should you have to implement another device management service/product for those.
So please Citrix = add Windows 7/8, OS X and Linux device capabilities as well in your almost complete Enterprise Mobile Management offering!
The offering is of course also today an early release where the former Zenprise product and CloudGateway is provided under the same marketing and price bundle but I’m waiting for when we have one (1) enterprise app store! And all capabilities from one technical architecture and product that you enable each capability on a need basis and are licensed accordingly.
But this is a great step for Citrix and I must say that I’m looking forward to see where this is going, I mean the feature set is pretty awesome!
Compare Features |
XenMobile MDM Edition |
Mobile Solutions Bundle |
| Enterprise MDM | ||
| Device management |  |
|
| Configure policies | |
|
| Security and compliance | |
|
| Scalability and high-availability | |
|
| Ease of administration | |
|
| Provisioning and self-service enrollment | |
|
| Enterprise integration | |
|
| Monitor and support | |
|
| Decommission devices | |
|
| Secure email, browser and data sharing apps | ||
| @WorkMail | |
|
| Email attachment encryption | |
|
| @WorkWeb | |
|
| ShareFile integration | |
|
| Microsoft SharePoint integration | |
|
| Mobile app containers | ||
| Mobile application management | |
|
| MDX Vault | |
|
| MDX Interapp | |
|
| MDX Access | |
|
| App wrapping | |
|
| Unified app store | ||
| Enterprise app store | |
|
| Follow-me apps | |
|
| Identity management, single sign-on and scenario-based access control | ||
| Active Directory integration | |
|
| Instant application and data provisioning | |
|
| Single sign-on to apps and data | |
|
| App requests | |
|
| Instant application and data de-provisioning | |
|
| Strong authentication | |
|
| Secure remote access | |
|
| Policy enforcement | |
|
More information about the technologies have also been added to eDocs!
Of course also made their competition table:
Compare the Mobile Solutions Bundle to other enterprise mobility solutions
These are exciting times and I’m looking forward to play around with the whole bundle!
Read more about XenMobile/Mobile Solutions here!
//Richard
#ShareFile app for #Windows 8 – #Citrix, #BYOD
Citrix leads the way with the new ShareFile app for Windows 8
Users are excited about tablets and the market is growing rapidly. With Windows 8, Microsoft is providing a great tablet OS as well as their own hardware in the Microsoft Surface RT and Surface Pro. This article from CIO indicates that a Forrester survey showed that 32% of users want their next work tablet to run Windows.
Citrix is bringing easy file sharing to the latest version of Windows. If you are one of those users looking to get a tablet running Windows 8 or if you have a laptop/desktop running Windows 8, we now have multiple ways to leverage ShareFile on Windows 8 with the introduction of the new ShareFile app in the Windows Store. This app provides a full-screen experience on Windows 8 for accessing ShareFile and integrates directly with the new Windows 8 charm bar for OS-level integration with the Search, Share, and Settings charms. Of course, we included support for the great device security features like remote wipe and users can login with their AD credentials. The app also supports these great features:
- Browse your account
- Download and view documents
- Request and send files via email
- Transfer big files
- Add users to folders on your ShareFile account
- Offline access to view downloaded files
- For Enterprise accounts, users will be able to access their data using their corporate credentials
- IT administrators will be able to control and audit access
Check out a video of the app in action on YouTube. More details…
Continue reading here!
//Richard
Native vs HTML5 – Which option is best?? – #Mobility via @appcelerator and @r0bsterry
This was a really good presentation from Appcelerator Inc!!
Check it out!!
The IT Melting Pot! 