It’s one third Windows 10, one third Applications and one third .admx
It’s been a while since Matt and I wrote a blog post on modern management with Citrix Endpoint Management.
Wait: Citrix Endpoint Management? What happened to the XenMobile that we’ve come to know and love? For those tuning in to this blog series for the first time, Citrix has rebranded its product portfolio to make it easier for you to understand our solutions. For more detailed information, you can visit our webpage dedicated to the product rebranding here.
Back to the content of this post. What we would like to discuss and show you in this article is how, in the modern world of managing Windows 10 endpoints, you can use Citrix Endpoint Management to configure Windows 32 apps that have companion configuration options in the form of .admx templates.
Citrix Endpoint Management is one of the most comprehensive Unified Endpoint Management solutions in the industry — with a wide range of support for managing endpoints and delivering, managing, and securing applications and their symbiotic relation with data or files.
Most of you who are familiar with traditional management of Windows Endpoints joined into a domain. You know how the GPO, in combination with .admx files, works. For those who are new to Modern Management and come from an EMM background, let’s briefly review .admx.
What are .admx files?
.admx files contain group policy settings in an xml-based format. These can be used to configure the Windows Operating system (stored under %SystemRoot%\PolicyDefinitions) or applications such as Microsoft Office. The same is true of Citrix applications such as the Citrix Workspace App, Citrix Files etc. Additionally, any application developer can make an application work with .admx group policy-based files, (e.g., Google Chrome browser).
.admx files have two classes — the Machine class and the User class — and can be used to configure software settings, Windows settings or additional imported administrative templates.
Currently, third party application settings can be managed only through the App Configuration Policy in the Citrix Endpoint Management GUI. Additional Operating System Group Policies can be configured only with Citrix Endpoint Management through a custom XML policy also configured in the GUI. Be aware that Microsoft Windows 10 only supports a specific list of these Operating System Group Policies — the ones that can be managed through the Configuration Service Provider (CSP) interface (aka MDM). (They are also referred to as admx-backed policies.) The list of admx-backed policies can be found here.
Citrix Endpoint Management also provides an additional Windows 10 Agent that that is deployed to managed Windows 10 endpoints to execute PowerShell scripts. If you are a rock star with PowerShell, you can basically configure anything you like.
Where are the .admx settings stored on Windows 10?
The .admx files deployed through the Citrix Endpoint Management App Configuration Policy — or by a Custom XML Policy — will directly inject the configuration to the registry of the Windows 10 Operating System. You can find the configured values in the registry under “Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager.” Under the sub key “current,” you will find the applied device and user settings in their own subkey. The user is shown as a SID.
Where can I find .admx files?
Below you can find the links to some of the .admx files I used:
- Windows 10 1803 Administrative Templates
- Windows 10 1809 Security Baseline Administrative Templates (DRAFT)
- Administrative Template files (ADMX/ADML) and Office Customization Tool for Office 365 ProPlus, Office 2019, and Office 2016
Citrix Endpoint Management configuring Outlook Demo.
Citrix Endpoint Management configuring Workspace App Demo.
Thanks for tuning in to see how Citrix Endpoint Management continues to expand support for Windows 10 Modern Management. We appreciate your interest in how it provides comprehensive Unified Endpoint Management for iOS, Android, macOS, all Android Enterprise modes, Chrome Enterprise, tvOS and Citrix’s Workspace Hub platforms. It is the most comprehensive multi-container MAM solution in industry and provides a comprehensive suite of productivity apps!
We’d like to send special thanks to the Citrix Endpoint Management Development Team for assisting Matt and me on this Windows 10 blog journey. Please watch the Citrix Blogs and tune in again for our next deep dive of Windows 10 UEM/MEM features!
Add a comment below, tweet co-author Matt @tweetmattbrooks orme Jeroen @jjvlebon.
Citrix TechBytes – Created by Citrix Experts, made for Citrix Technologists! Learn from passionate Citrix Experts and gain technical insights into the latest Citrix Technologies.
Want specific TechBytes? Let us know! email@example.com