XenMobile – WorxChat
Citrix XenMobile introduces WorxChat a new application into the suite of Worx Applications, with which you can enable the end users with enterprise Instant messaging on a mobile device in a secure container and with a easy end user experience and under complete admin control. This will be a tech preview edition of release, where you will have a XenMobile WorxChat server and WorxChat Client apps.
We have two components here:
- WorxChat Server.
- WorxChat Mobile applications.
WorxChat Server is a broker server between the WorxChat mobile clients and the Lync server, WorxChat server will leverage Unified Communications Managed API (UCMA) 4.0 RunTime to talk to the Lync server. To start with the installation on WorxChat server we will need to have the below pre-requisites in place.
- You need to have Lync 2013 server installed and working in your enterprise domain.
- You need to have a domain joined windows server to install UMCA and WorxChat server.
- You can find the download link and pre-requisites to install UCMA 4.0 Runtime @ https://www.microsoft.com/en-us/download/details.aspx?id=34992
- Recommendation is to have Windows 2012 server.
- You need to have a MSSQL server running (recommendation is to have MSSQL 2012) on a domain joined computer (it should be part of same domain to which Lync server belongs).
- You need to pre-decide the FQDN’s of the Windows server where you install UCMA and WorxChat server, application pool FQDN that WorxChat server will create on Lync. You need to issue a SAN certificate with those two FQDN’s from the enterprise CA server and export the pfx from the CA and install it in the WorxChat server as a computer account.
Steps to Install WorxChat Server:
- Once the prerequisites for the UCMA 4.0 Runtime are in place, Install the downloaded UCMA 4.0 RunTime on the WorxChat Server.
- Make sure you Run the UCMA.exe file as an administrator.
- Once the UCMA 4.0 is installed, you will need to install PFX SAN certificate on this windows computer. You can find the steps to create a SAN Certificate here.
Steps to Install/import SAN Certificate on WorxChat Bootstrap server:
- Import the SAN (pfx) certificate on to the WorxChat server.
- Open MMC. From the MMC console, Click File > Add/Remove Snap-in…
- From the Add or Remove Snap-ins pop up, select Certificates from Available snap-ins and Click Add and then Click OK.
- From the Certificates snap-in, click the radio button Computer account and click Next.
- From the Select Computer pop up select the Local computer radio button and click Finish.
- From the Console Root pane, Under Certificates (Local Computer), expand Personal and click on Certificates. In the right hand side pane right click and click on All Tasks > Import.
- Browse the pfx certificate that you have created and saved on your local hard drive.
- Provide the password, make sure you check the check box to Mark this key as exportable and Include all extended properties and Click Next.
- Place the certificate in the personal folder and Click Next.
- Click Finish to complete the installation of certificate.
- You can confirm the same in Personal > Certificates folder
Steps to Install WorxChat Server
- Download the WorxChat server from the Citrix Downloads portal.
- Execute the installation file as an administrator. If you agree with the terms and conditions, check the check box and click Install.
- You can see the installation progressing. In this process it will install the required services.
- Once the services are installed, the wizard will install the WorxChat server. Click Next to continue the installation.
- In the process of installation, WorxChat will install its data base. You need to provide the FQDN of the Database server.
- In our lab, we have installed windows SQL server on the same computer where we are installing the WorxChat server.
- As part of pre-req, make sure your SQL server is part of same domain where you are installation the WorxChat server and where your Lync server resides.
- If you are planning to use a remote SQL server (on a domain joined member server), you need to make sure provide privileges so that Worx Chat computer has read and right privileges. You can find more here.
- Recommendation is to go with Integrated Windows Authentication.
- Provide the WorxChat Server pool name and click Next.
Note: The same app pool will be created in the Lync server.
- Select the SAN certificate that you have installed on this computer as a computer account and click Next.
Note: if you do not see the certificate in the drop down, then you might have installed the SAN certificate as a current user account instead of computer account.
- Provide an un-used port number and provide the app pool FQDN that you have decided and used in SAN certificate creation and click Next.
Note: The same app pool will be created in the Lync server.
- Click Install the start the installation of WorxChat server.
- You can notice the server configuring the DB, you will see the installation/Setup complete prompt.
Publishing the WorxChat app in XenMobile
Wrapping the WorxChat Application.
Once the installation is completed, download the WorxChat app from citrix downloads and wrap the application using the mdx toolkit. You can find the steps to wrap an application here.
Enabling Push Notification for WorxChat.
Once you wrap the WorxChat apps, you will need to enable push notification for WorxChat apps.
- In case of tech-preview, login to the XenMobile Tools portal with your MyCitrix credentials.
2. Post login, Click on Manage Push notification.
3. Select the the region you are from and click Next.
4. Confirm your region by clicking on Yes, I’m sure.
5. If you are enabling it for iOS platform, select iOS and click Next.
5.1. Provide the App Name, App ID(Which you have used while wrapping the iOS WorxChat app), browser the APNs certificate that you have created for WorxChat and Certificate Password (you can refer to section “2.2. Generate WorxMail APNs Certificate” here) and click upload.
5.2. Once the Certificate is successfully submitted, a unique Customer ID is generated. Make a note of this customer ID as we will have to enter this in the MDX Policies.
Managing MDX applications in XenMobile server.
You need to manage the wrapped WorxChat apps in XenMobile server, you can find the steps to upload an mdx app to XenMobile server here.
If you have the Network settings to tunnel to internal network then make sure you have the below mdx policies set while managing the WorxChat mdx application XenMobile.
On iOS WorxChat :
- Lync Chat Server Mappings :- <Citrix WorxChat Server FQDN>:<Lync pool FQDN>
- User domain :- <Lync Domain>
- Background network services :- <lyncdiscoverinternal.domain.com>:443,<lyncdiscover.domain.com>:443,<Citrix WorxChat Server FQDN>:443,<Lync server FQDN>:443,<Citrix WorxChat server FQDN>:8080,us-east-1.pushreg.xs.citrix.com:443
Example from my config:
- lyncdiscoverinternal.methyds.net and lyncdiscover.methyds.net are Lync discover FQDN’s resolving to Lync server
- met-wc-svr.methyds.net is FQDN of Citrix WorxChat Server
- lync.methyds.net is FQDN of Lync server.
- Background network service gateway :- <NetScaler FQDN>:443
- Push notifications customer ID : Customer ID that you have created in previous step(5.2.) for iOS
Important Note: Make sure NetScaler can resolve and reach the FQDN’s <lyncdiscoverinternal.domain.com>, <lyncdiscover.domain.com>, <Lync server FQDN>, <Citrix WorxChat server FQDN>, us-east-1.pushreg.xs.citrix.com(this can change as per your region).
End user Experience:
End user will enroll to the XenMobile environment and will install the WorxChat app from Worx Store and will need to configure it.
- Once the end user launches the installed WorxChat app he will asked to enter the email address, username, password and domain information. User should provide his details and click Log on.
2. End user will be shown an first time login page, Once he clicks on Get Started end user can start chatting.