Dell Wyse ThinOS Lite (Xenith) User Manual

Dell Wyse ThinOS Lite Release 2.5
Administrator’s Guide
Notes, cautions, and warnings
NOTE: A NOTE indicates important information that helps you make better use of your product.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
© 2017 - 2018 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners.
2018 - 02
Rev. A01
Contents
1 Introduction....................................................................................................................................................6
About this Guide.................................................................................................................................................................6
Technical Support........................................................................................................................................................ 6
What is new in this release................................................................................................................................................6
2 Getting started.............................................................................................................................................. 8
Conguring ThinOS Lite using First Boot Wizard.......................................................................................................... 8
Connecting to a remote server.......................................................................................................................................15
Connecting a remote server manually......................................................................................................................15
Using your desktop...........................................................................................................................................................15
Conguring zero client settings and connection settings............................................................................................16
Connecting to a printer....................................................................................................................................................16
Connecting to a monitor..................................................................................................................................................16
Locking the zero client.....................................................................................................................................................16
Signing o and shutting down........................................................................................................................................ 16
Additional getting started details.................................................................................................................................... 17
Zero desktop features................................................................................................................................................ 17
Login dialog box features...........................................................................................................................................19
Using the system setup menu..................................................................................................................................20
Accessing system information..................................................................................................................................20
3 Global connection settings...........................................................................................................................22
4 Conguring the connectivity........................................................................................................................24
Conguring the network settings.................................................................................................................................. 24
Conguring the general settings..............................................................................................................................24
Conguring the DHCP options settings..................................................................................................................26
Conguring the ENET settings.................................................................................................................................27
Conguring the WLAN settings...............................................................................................................................30
Conguring the proxy settings.................................................................................................................................32
Conguring the remote connections.............................................................................................................................34
Conguring the Citrix broker setup......................................................................................................................... 34
Conguring the visual settings.................................................................................................................................35
Conguring the general options...............................................................................................................................36
Conguring the authentication settings..................................................................................................................38
Conguring the central congurations..........................................................................................................................59
Conguring the general central congurations .....................................................................................................60
Conguring the Wyse Device Agent settings......................................................................................................... 61
Conguring the VPN manager.......................................................................................................................................63
5 Conguring the connection broker.............................................................................................................. 66
Conguring Citrix.............................................................................................................................................................66
Conguring the Citrix broker setup.........................................................................................................................66
Contents
3
Citrix HDX RealTime Multimedia Engine—RTME................................................................................................. 67
Citrix Icon refresh.......................................................................................................................................................73
Using multiple audio in Citrix session.......................................................................................................................75
Using Citrix NetScaler with CensorNet MFA authentication............................................................................... 75
Conguring ICA connections.................................................................................................................................... 77
ICA Self Service Password Reset—SSPR..............................................................................................................82
QUMU or ICA Multimedia URL Redirection........................................................................................................... 90
HTML5 Video Redirection........................................................................................................................................ 90
ICA SuperCodec........................................................................................................................................................ 90
Anonymous logon.......................................................................................................................................................94
Conguring the Citrix UPD Printer..........................................................................................................................94
Introduction to Flash Redirection.............................................................................................................................95
6 Conguring Zero Client Settings..................................................................................................................111
Local Settings Menu........................................................................................................................................................111
Conguring the System Preferences...................................................................................................................... 111
Conguring the Display Settings.............................................................................................................................114
Conguring the Peripherals Settings......................................................................................................................119
Conguring the Printer Settings.............................................................................................................................128
Reset Features................................................................................................................................................................133
Resetting to Factory Defaults Using G-Key Reset...............................................................................................133
Resetting to Factory Defaults Using Shutdown Reset........................................................................................133
Resetting Display Settings Using V-Key Reset.....................................................................................................133
7 Performing Diagnostics.............................................................................................................................. 134
System Tools................................................................................................................................................................... 134
Simplied Certicate Enrollment Protocol—SCEP..............................................................................................142
About Default Certicates.......................................................................................................................................144
Using the Troubleshooting Options...............................................................................................................................151
8 BIOS Management..................................................................................................................................... 157
CMOS Central Management—Extracting CMOS Settings to the File Server for Distribution........................... 158
CMOS Local Management—Extracting CMOS Settings to a USB Key for Distribution......................................158
Accessing Zero Client BIOS Settings...........................................................................................................................159
9 Security Changes.......................................................................................................................................160
Security Enhancements—Firmware Signature..........................................................................................................163
Transport Layer Security—TLS.................................................................................................................................... 164
Smart cards and smart card readers............................................................................................................................164
A Central Conguration—Automating Updates and Congurations.............................................................. 165
How to Set Up Automatic Updates and Congurations............................................................................................165
Using DHCP Options..................................................................................................................................................... 165
B Creating and Using xen.ini Files..................................................................................................................169
Downloading and Using Sample INI Files.....................................................................................................................169
Rules and Recommendations for Constructing a xen.ini File....................................................................................169
Parameters for a xen.ini File.......................................................................................................................................... 170
TimeZone Parameter—Values..................................................................................................................................... 220
Contents
4
TimeZone Parameter—Values................................................................................................................................ 221
C Examples of Common Printing Congurations...........................................................................................226
Local USB for Printing...................................................................................................................................................226
Using the Printer Setup Dialog Box for Local USB Printers............................................................................... 226
Using INI Parameters for Local USB Printers....................................................................................................... 227
Printing to Non-Windows Network Printers—LPD...................................................................................................227
Using the Printer Setup Dialog Box for Non-Windows Network Printers—LPD............................................ 227
Using INI Parameters for Non-Windows Network Printers—LPD....................................................................228
Windows Network Printers for Printing—SMB.........................................................................................................228
Using the Printer Setup Dialog Box for Windows Network Printers—SMB....................................................228
Using INI Parameters for Windows Network Printers—SMB........................................................................... 229
Using Your Zero Client as a Print Server—LPD.........................................................................................................230
Using the Printer Setup Dialog Box for Conguring LPD Services................................................................... 230
Setting Up Windows 2003 or 2008 Servers........................................................................................................ 230
Using INI Parameters for Conguring LPD Services...........................................................................................230
Conguring ThinPrint.....................................................................................................................................................231
D Important Notes........................................................................................................................................232
E Troubleshooting......................................................................................................................................... 233
F Firmware upgrade...................................................................................................................................... 234
Firmware upgrade using FTP server........................................................................................................................... 234
Firmware upgrade using HTTP or HTTPS..................................................................................................................235
Firmware upgrade using Wyse Management Suite version 1.1................................................................................. 236
Contents
5
1

Introduction

The Dell Wyse ThinOS Lite family of products are zero clients built for Citrix XenApp and XenDesktop environments. These products represent an entirely new approach in delivering virtual desktops. ThinOS Lite zero clients deliver a Citrix HDX experience with zero delays, zero management, zero security risks, and almost zero energy use. Users will benet from an instant-on, plug-n-play, high performance zero client while administrators can have following privileges such as virus resistant, hands-o, self-updating zero client deployed.

About this Guide

This guide is intended for administrators of thin clients running ThinOS Lite. It provides information and detailed system congurations to help you design and manage a ThinOS Lite environment.
Supported Products
This guide is intended for the following Dell Wyse ThinOS Lite products:
Wyse 5010 zero client for Citrix (D00DX) (ThinOS Lite Pro 2)
Wyse 3010 zero client for Citrix (T00X) (ThinOS Lite 2)
Wyse 3020 zero client for Citrix (T00DX) (ThinOS Lite 3)
R00LX (ThinOS Lite Pro)
C00X (ThinOS Lite)
Finding the Information You Need in this Guide
You can use either the Search window or Find toolbar to locate a word, series of words, or partial word in an active PDF document. For detailed information on using these features, refer to the Help in your PDF reader.

Technical Support

To access technical resources self-service portal, knowledge base, software downloads, registration, warranty extensions/ RMAs, reference manuals, and so on, visit www.dell.com/wyse/support . For Customer Support, visit www.dell.com/support/contents/us/en/19/article/
Contact-Information/International-Support-Services/international-contact-center?ref=contactus , and phone numbers for Basic and Pro
Support are available at www.dell.com/supportcontacts.
: Before proceeding, verify if your product has a Dell service tag. For Dell service tagged products, go to www.dell.com/
NOTE
support/contents/us/en/19/article/Product-Support/Dell-Subsidiaries/wyse.

What is new in this release

The following are the updates or new features in this release:
ThinOS Lite package updates—Updated ThinOS Lite packages to a newer version. See, Dell Wyse ThinOS v2.5 Release Notes BIOS updates—Added new parameters for BIOS management. See, Creating and Using xen.ini Files
ThinOS UI-based updates:
Added a rst boot wizard (Out-of-Box-Experience—OOBE) for a new or factory reset thin client. See, First Boot Wizard.
6 Introduction
Added a desktop wallpaper. Dell Wyse ThinOS v8.5 Release Notes.
Added the About tab in System Information. See, Accessing system information.
Added option to capture, and export screenshots. See, Using the troubleshooting options.
Added option to export the INI le. See, Using the troubleshooting options.
Citrix-based updates:
Added support for multiple audio in a Citrix session. See, Using multiple audio in Citrix session.
Added support for SMS PASSCODE authentication on a Citrix NetScaler Gateway. See, Using Citrix NetScaler with CensorNet MFA
authentication.
Added support for Wyse Management Suite version 1.1. See, Conguring the WDA settings.
Introduction 7

Getting started

Use the following information to quickly learn the basics and get started using your zero client:
Connecting to a Remote Server
Using Your Desktop
Conguring Zero Client Settings and Connection Settings
Connecting to a Monitor
Connecting to a Printer
Locking the Zero Client
Signing O and Shutting Down
Additional Getting Started Details
NOTE: ThinOS Lite is centrally managed and congured using INI les to automatically push updates and any desired default
conguration to all supported zero clients in your environment. For more information, see Central Conguration: Automating
Updates and Congurations.
If no INI les are detected, you can use local dialog boxes on each zero client to make available congurations. ThinOS Lite will save many of these locally congured settings such as resolution, mouse, and keyboard to persist after reboot. However, once INI les are detected, rebooting causes ThinOS Lite to become stateless while ignoring locally congured settings after a reboot and then the settings contained in the INI le will be used.
2
Conguring ThinOS Lite using First Boot Wizard
First Boot Wizard, also called First Boot Wizard, runs the rst time you start a new thin client that runs on ThinOS Lite v2.5. The thin client launches the out-of-box experience application before you enter the ThinOS Lite desktop, and allows you to perform a set of tasks, such as, conguring system preferences, setting up the internet connectivity, loading USB congurations, conguring management software, and conguring broker connections. The thin client congures settings that are applied during the rst-boot experience, and processes before your log into ThinOS Lite.If you are an existing thin client user, and you have upgraded to ThinOS Lite v2.5, then you can reset your thin client to factory default settings to enter First Boot Wizard.
The following owcharts represent the First Boot Wizard workow:
8 Getting started
Figure 1. First Boot Wizard_Success
Getting started
9
Figure 2. First Boot Wizard _Failure
Getting started
10
1 Connect a new zero client or existing zero client to the Ethernet using a wired connection. The existing zero client must be reset to
factory default settings to enter First Boot Wizard.
2 Turn on your zero client.
The zero client checks for a wired network connection. If the network connection is successful, a welcome screen with the model name of your zero client is displayed.
The zero client validates the IP address from DHCP. If the DHCP contains the le server or Wyse Device Manager or Wyse Management Suite congurations, then the ThinOS Lite system desktop is loaded without entering First Boot Wizard. If the DHCP validation fails or if you have not connected to Ethernet, then follow the next step.
NOTE: To exit First Boot Wizard during the network connection status check on the welcome screen, press the Ctrl + Esc
key.
3 On the Would you like to load a ThinOS Lite conguration le from USB? screen, do either of the following:
Figure 3. USB conguration
To load a ThinOS Lite conguration le from the USB drive, ensure that you create a xen.ini le and add the le to the /xen directory on the USB drive. Plug the USB drive to zero client, and click Yes.
NOTE
:
Only FAT, FAT32, and ExFAT le systems on the USB disk are supported. NTFS le system is not supported.
The zero client validates the conguration le in the USB drive.
– If the ThinOS Lite conguration le in the USB drive is correct, the Read conguration success message is displayed. Click
OK to exit First Boot Wizard, and log in to ThinOS Lite system desktop.
– If the ThinOS Lite conguration le in the USB drive is corrupted or the required le is not available, then the Can not nd
conguration les, or read conguration failure message is displayed. Upload the correct le on the USB drive, plug the USB drive again, and then click Retry. If the le is correct, the Read conguration success message is displayed. Click OK to exit First Boot Wizard, and log in to ThinOS Lite system desktop.
If you do not want to use the Retry option to load the ThinOS Lite conguration le, then click Abort to enter the System
Preferences conguration setup.
: To exit the Can not nd conguration les, or read conguration failure message screen, and load the
NOTE
ThinOS Lite system desktop, click Exit.
To enter the System Preferences conguration setup, click No.
4 On the System Preferences Conguration screen, congure the following options:
Getting started
11
Figure 4. System preferences conguration
Locale—Select a language to start ThinOS Lite in the regional specic language.
Keyboard Layout—Select a keyboard layout to set the keyboard layout in the regional specic language. Time Zone—Select a time zone to set the time zone for your zero client.
Time Server—Displays the IP addresses or host names with optional port number of time servers.
Advanced—Click Advanced to congure settings, such as daylight saving, time format, date format, and time servers.
NOTE
: To exit the System Preferences Conguration screen, and load the ThinOS Lite system desktop, click
Exit.
If you are not connected to Ethernet, you cannot continue with the setup, and the Attach the Ethernet cable screen is displayed. Do either of the following:
Connect the Ethernet cable to the zero client.
Click Dene a wireless connection. From the list, select a wireless network, and click Connect.
12
Getting started
NOTE:
– The option to dene a wireless connection is not available on zero clients without a WLAN module. – To exit the Attach the Ethernet cable screen, and load the ThinOS Lite system desktop, click Exit.
Figure 5. Ethernet cable
After the connection is established, the zero client validates the IP address from DHCP. If the DHCP contains the le server or Wyse Device Manager or Wyse Management Suite congurations, then the ThinOS Lite system desktop is loaded. If the DHCP validation fails, or the network connection fails, then the Management Conguration screen is displayed. Follow the steps 6-9.
5 Click Next to enter the Management Conguration setup. 6 On the Management Conguration screen, congure the following:
Getting started
13
Figure 6. Management conguration
File Server—Enter the le server details to apply congurations including INI les from a le server.
WMS—Enter the group registration key and the Wyse Management Suite server URL to register the zero client to the Wyse Management Suite.
WDM—Enter the IP addresses or host names.
Disable SSL warning—Select this check box to disable the SSL (Secure Sockets Layer) connection warnings.
Certicates Manager—Click Certicates Manager to import or request a certicate.
NOTE
: To exit the Management Conguration screen, and load the ThinOS Lite system desktop, click
Exit.
7 Click Done to exit First Boot Wizard or click Next to enter the Connection Broker Conguration setup. 8 On the Connection Broker Conguration screen, congure the Citrix broker connection. The broker allows you to connect to full
desktops using XenDesktop or individual applications using XenApp from a centralized host through Citrix Receiver Client.
Server Address—Enter the host name or IP address of the broker connection.
Enable theme: ThinOS Lite—Select this check box to boot the zero client in ThinOS Lite mode.
StoreFront style—Select this check box to enable the Citrix StoreFront based layout of published applications and desktops on the zero client.
Certicates Manager—Click Certicates Manager to import or request a certicate.
Disable SSL warning—Select this check box to disable the warnings for your SSL (Secure Sockets Layer) connection.
9 Click Done.
: To congure the Management Conguration setup again, click Back, and follow the steps 6 and
NOTE
7.
The device exists from First Boot Wizard mode, and the ThinOS Lite desktop is displayed.
Getting started
14

Connecting to a remote server

On your initial connection to central conguration, we recommended that you connect using a wired connection plug in the network- connected Ethernet cable to your zero client before starting the zero client to obtain the congurations desired by the administrator. This wired connection will also provide any wireless congurations provided by the administrator through INI les.
If you must initially connect to central conguration through wireless, use the Wireless tab in the Network Setup dialog box to enter the SSID and encryption congurations required or set up by the network administrator.
Central Conguration — If you are congured for automatic detection using INI les — see the Parameters for a xen.ini File in this guide, your zero client will automatically detect and connect to the congured remote services during the boot-up process. Press the power button to turn on your zero client to see the Login dialog box. Enter your User name, Password, and Domain, and then click Login. After authentication is successful, your available connections are presented.
Manual Connection — If you are not yet set up for central conguration, you will see the Zero Toolbar, where you can congure the initial server connection you want using the Remote Connections dialog box before you can log in. For more information, see Connecting to a
Remote Server manually.
You only need to complete this manual conguration once or after reboot to factory defaults. After the zero client knows the location of your server, it automatically connects to the server for login when you start the zero client in the future. After you conrm that your environment is ready for deployment, you can create INI les for central conguration.

Connecting a remote server manually

To connect a Remote Server manually, complete the following tasks:
1 From the oating bar menu, click the System Setup , and then click Remote Connections. The Remote Connections dialog box is
displayed.
2 Click the Broker Setup tab of the Remote Connections dialog box to congure one of the following connections:
A specic Citrix broker server connection — Enter the IP Address of the server in the Broker Server box.
NOTE
: For more details, see Conguring the Remote
Connections.
3 Click OK, and then restart the zero client.
Click the Shutdown icon on the Zero Toolbar to open, and use the Shutdown dialog box to restart the zero client.
NOTE
:
If a Specic Broker Server Connection is congured— After zero client restart, the Login dialog box appears for your server. Enter the User name, Password, and Domain and click Login. After authentication is successful, your Zero Toolbar is presented with your assigned connections dened by the broker server.

Using your desktop

What you view after logging on to the server depends on the administrator congurations.
Users with a zero desktop - will see the zero desktop with the zero toolbar showing the assigned list of connections from which to select. This option is recommended for VDI and any full-screen only connections. For more information on using the zero desktop, see
Zero Desktop Features.
Getting started
15
Conguring zero client settings and connection settings
While the use of INI les is recommended to congure zero client settings and connection settings available to users . For more information, refer How to Set Up Automatic Updates and Congurations. You can use the dialog box on a zero client to:
Set up your zero client hardware, look and feel, and system settings, see Conguring Zero Client Settings Locally.
Congure connection settings, see Conguring Zero Client Settings Locally.

Connecting to a printer

To connect a local printer to your zero client, be sure you obtain and use the correct adapter cables which are not included. Before use, you may need to install the driver for the printer by following the printer driver installation instructions.

Connecting to a monitor

Depending on your zero client model, connections to monitors can be made using either a VGA (analog) monitor port, a DVI (digital) monitor port, or a DisplayPort (digital) and the proper Dell monitor cables/splitters/adapters.
NOTE:
For dual-monitor supported zero clients— when using a DVI to DVI/VGA splitter, ensure that the DVI monitor will be the primary
monitor; when using a DisplayPort, ensure that the DisplayPort monitor will be the primary monitor.

Locking the zero client

To help ensure that no one else can access your private information without permission, ThinOS Lite allows you to lock your zero client so that credentials are required to unlock and use the zero client after you do one of the following:
Unplug a signed-on smart card — If an administrator has set SCRemovalBehavior=1 for the Signing parameter in the INI les and you unplug the smart card that you used to sign on to the zero client, then the zero client will lock. To unlock the zero client for use, you must use the same smart card and your correct PIN. Note that removing a signed-on smart card can also cause the zero client to log- o, if an administrator has set the INI les to do so in this case you must sign-on as usual to use the zero client.
Use LockTerminal from the Shortcut Menu and Shutdown dialog box — On the Zero Desktop, use the Shutdown dialog box, for more information, see Signing O and Shutting Down. To open the zero client for use, you must use your correct credentials.
Use the screen saver — If an administrator has set LockTerminal=2 for the ScreenSaver parameter, and when the screen saver is activated, then the thin client is locked. To unlock the thin client, enter the login password in the unlock dialog box. However, you cannot see the wallpaper while using the unlock dialog box.
Signing o and shutting down
Use the Shutdown dialog box to select the available option you want:
Zero Desktop — Click the Shutdown icon on the Zero Toolbar.
NOTE
: You can also congure automatic behavior after all desktop sessions are closed by using the Remote Connections dialog
box, see Central Conguration: Automating Updates and Congurations.
16 Getting started

Additional getting started details

This section includes additional details, such as Zero desktop features, Login dialog box features, System setting menu, and System information.

Zero desktop features

This section includes information on:
Zero Interactive Desktop Guidelines
Zero Toolbar
List of Connections
Zero interactive desktop guidelines
The Zero Desktop has a default background with the Zero Toolbar at the left of the screen.
The following table lists the available Zero Desktop shortcuts:
Table 1. Zero Desktop shortcuts
Action Press
Display the Zero Toolbar Ctrl+Alt+UpArrow
Open a selection box for toggling between the desktop and currently­active connections
Lock the zero client Ctrl+Alt+LeftArrow
Keyboard shortcuts to menu commands Left-Alt+UnderlinedLetter
Capture the full desktop to the clipboard Print Screen
Capture the active window to the clipboard Alt+PrintScreen
NOTE:
You can copy and paste between application sessions and between sessions and the desktop, however, this function depends on session server congurations.
In addition to the standard two-button mouse, the zero client supports a Microsoft Wheel Mouse used for scrolling. Other similar types of a wheel mouse may or may not work.
Ctrl+Alt+DownArrow
or
Ctrl+Alt+RightArrow
or
Right-Alt+UnderlinedLetter
To switch the left and right buttons, use the Peripherals dialog box, see Conguring the Peripherals Settings.
Getting started
17
Zero toolbar
The Zero Toolbar usually appears at the left corner of the Zero Desktop. However, depending on administrator congurations, the toolbar can be removed or hidden. It is shown only when a user moves the mouse pointer over the left edge of the desktop screen.
Table 2. Toolbar icons
Icon What It Does
Home Opens the list of available connections, see List of Connections.
System Information Displays zero client system information, see Accessing System
Information.
System Settings Opens the System Settings menu to congure zero client system
settings and perform diagnostics, see Conguring Zero Client
Settings.
Shutdown Terminal Click the Shutdown Terminal icon to use the Shutdown options
available on the zero client, see Signing O and Shutting Down. Note that the Shutdown Terminal icon does not display on the toolbar when using the Admin Mode button to congure system settings.
NOTE:
If congured to display by an administrator, the current date and time are shown on the Zero Toolbar. The zero client is capable of synchronizing its clock to time provided by a Simple Network Time Protocol (SNTP) server.
List of connections
On the Zero Toolbar, you can click the Home icon to open your list of assigned connections. In some cases, the list may contain only default connections.
Use the following guidelines depending on user privilege level, some options may not be available for use:
Table 3. Connection Options
Option What It Does
Name of the connection Opens the connection you want
to use.
NOTE: All open
connections display a blue icon to the left of the connection name in the list.
Reset icon Resets the connection.
18 Getting started
NOTE: It is useful when
a connection is not functioning properly or you need to reboot the connection.
Close icon Closes the connection.
NOTE: The Close icon is
grayed out for connections that are not open.
Edit icon Opens the Connection Settings
dialog box, see Advanced Details
on Conguring ICA Connections
to change the connection options.
NOTE: Depending on
user privilege level, editing options may not be available for use.
Conguring Global Connection Settings
If you do not use INI les to provide global connection settings, you can click Global Connection Settings to open and use the Global Connection Settings dialog box to congure settings that aect all of the connection in the list.

Login dialog box features

While the Login dialog box allows you to log on to the server, it also allows you to:
Obtain system information.
Access Admin Mode to congure zero client settings.
Change or reset your own password and unlock your account.
Open the Shutdown dialog box by using CTRL+ALT+DELETE.
In the Login dialog Box, use the following guidelines:
System Information — Click the Sys Info button to open the System Information dialog box. You can view the zero client system information such as System Version, IP Address, information on devices connected to your zero client, event logs and so on.
Admin Mode — Click the Admin Mode button to congure various settings locally on the zero client other than broker desktop congurations. For example, you can choose to manually congure the Citrix Xen Broker Server URL or override the URL that is centrally dened by le servers by using the Remote Connections dialog box as described in Remote Connections
Zero Desktop — Use the Leave Administrator Mode option in the Shutdown dialog box, or use the Leave Administrator Mode icon
(X) in the upper-right pane of the System Settings menu.
:
NOTE
– By default the Admin Mode button is not displayed on the log on dialog box. You can display it by selecting the Show local
admin button check box in the Shutdown dialog box, see Signing O and Shutting Down.
– By default there is no password needed for Admin Mode button use. You can password protect the Admin Mode button (to
require login credentials) by using the AdminMode parameter in a wnos.ini le, see the INI section in this Guide.
Getting started 19
Shutdown — Press CTRL+ALT+DELETE to open and use the Shutdown dialog box to sign o, shut down, restart, reset the system setting to factory defaults, and so on. For information, see Signing O and Shutting Down.
Account Self-Service — Click the Account Self-Service icon shown when congured using the AccountSelfService option of the PasswordServer INI parameter to open and use the Account Self-Service dialog box to change or reset your own password and unlock your account. For information on INI parameter, see the INI section in this Guide.
This process assumes that the security questions and answers have been pre-registered by the user inside of their Windows environment. Users must use HTTPS (not HTTP) for an account self-service server address such as https://IPAddress, in the Broker Setup tab.After answering the security questions, your new password will be set or your account will be unlocked.

Using the system setup menu

To access the system setup menu:
1 Click System Setup from Zero Toolbar.
The System Setup Menu is displayed.
2 On the system setup menu, you are able to view and use the following options:
a Network Setup — Allows selection of DHCP or manual entry of network settings, as well as entry of locations of servers
essential to zero client operation. This menu selection is disabled for Low-privileged users. See
Settings
b Remote Connections — Allows you to congure zero client network connections for Citrix Xen. For more information, see
Conguring the Remote Connections.
c Central Conguration — Allows you to congure zero client central connection settings such as le server and optional WDM
server settings. For more information, see Conguring the Central Congurations. d VPN Manager — Allows you to congure zero client VPN manager. For more information, see Conguring the VPN Manager. e System Preference — Allows user selection of zero client parameters that are matter of personal preference. For more
information, see Conguring the System Preferences. f Display — Allows you to congure the monitor resolution and refresh rate. For more information, see Conguring the Display
Settings.
g Peripherals — Allows you to select the peripherals settings such as keyboard, mouse, volume and touch screen settings. For
more information, see Conguring the Peripherals Settings. h Printer — Allows conguration of network printers and local printers that are connected to the zero client. For more
information, see Conguring the Printer Settings. i System Tools — Opens a submenu from which the xen.ini and user.ini windows can be opened to view the contents of the les.
See System Tools. j Trouble shooting Options — Displays Performance Monitor graphs that display client CPU, Memory and Networking
information and trace route response messages. For more information, see
Tools.
.
Using the Trouble Shooting Options and System
Conguring the Network

Accessing system information

Use the System Information dialog box to view system information:
Zero Desktop — Click the System Information icon on the Zero toolbar.
The System Information dialog box includes:
General tab — Displays general information such as System Version, Serial Number, Memory Size (Total and Free), CPU Speed, ROM Size, Monitor, Parallel ports, Terminal Name, Boot from, Memory speed, SSD size, Resolution and Serial ports.
Copyright/Patents tab — Displays the software copyright and patent notices.
Acknowledgements button is added under Copyrights tab in System Information. This button is related to third party software and is available only in following clients:
– Wyse 5010 Zero Client for Citrix — D00DX (ThinOS Lite Pro 2)
Getting started
20
Event Log tab — Displays the zero client start-up steps normally beginning from System Version to Checking Firmware or error Messages that are helpful for debugging problems. The details about the monitors connected to the zero client are also displayed.
Status tab — Displays status information about TCP performance related parameters, UDP performance related parameters, CPU Busy, System Up Time, CCM status, Free Memory, Active sessions, and WDM status.
IPv6 tab — Displays IPv6 information such as Link-local Address, IPv6 Address and IPv6 Default Gateway.
ENET tab — Displays information about wired network information.
WLAN tab — Displays information about wireless network information.
About tab—Displays information about ThinOS Lite operating system. The following attributes are listed:
– Platform name – Operating system type – Build name – Build version – BIOS name – BIOS version – Citrix Broker or Receiver version—This represents ICA revisions between the ThinOS Lite versions. – Dell vWorkspace version – Imprivata version – Caradigm version – SECUREMATRIX version – HealthCast version
: This tab is displayed when IPv6 is enabled in the General tab of the Network Setup dialog box, see Conguring the
NOTE
Network Settings.
Kernel mode—The components are implemented in Kernel according to the specication. The version is displayed as [max].[min], which is the base version of protocol or server or client of the component. For example, the Imprivata version is 5.2, and so on.
User mode—The components are from the source, or binaries from third party that are compiled or integrated into ThinOS Lite. The version is displayed as [max].[min].[svn_revision]. The [max] and [min] is the base version of the third component, and the [svn_revision] is the source control revision of ThinOS Lite. Using the ThinOS Lite specied version, you can identify the changes between dierent revisions. For example, the Citrix Receiver version is 14.0.44705. The components are matched to the installed packages. If the packages are removed, the eld remains empty in the About tab.
Getting started 21
3

Global connection settings

If you do not use INI les to provide central conguration (global connection settings) to users, you can use the Global Connection Settings dialog box to congure settings that aect all of the connections in your list of connections: To Congure the Global Connection Settings:
1 From the oating bar menu, click the Home icon, and then click Global Connection Settings.
The Global Connection Settings dialog box is displayed.
2 Click the Session tab to select the check boxes you want for the options that are available to all sessions.
The Smart Card check box species the default setting for connecting to a smart card reader at startup.
When using the Disks check box for automatic connection to connected USB sticks, use the following guidelines:
– More than one disk can be used at the same time, however, the maximum number of USB sticks including dierent subareas is
12.
– Be sure to save all data and sign o from the session mapping the USB stick before removing the USB stick.
IMPORTANT
22 Global connection settings
: The gure shown is an example for Zero Desktop.
NOTE:
ICA sessions always have automatic connection to attached smart card readers.
NOTE: USB devices redirection— By default, audio, video and printer devices will not use HDX USB for redirection. You can
make selections for USB device redirection on the Session tab of the Global Connection Settings dialog box.
Click ICA tab to select the check boxes you want for the options that are available to all ICA sessions. Select the audio quality
3
optimized for your connection.
NOTE:
Map to — When a drive is entered, maps a disk under the drive.
Global connection settings 23
Conguring the connectivity
This chapter helps you to understand various conguration settings for a secure connection. Connectivity menu includes:
Conguring the Network Settings.
Conguring the Remote Connections.
Conguring the Central Congurations.
Conguring the Caradigm Vault Server.
Conguring objects on Imprivata Server.
Conguring the VPN Manager.
Conguring the network settings
To congure the network settings use the following options:
Conguring the General Settings
Conguring the DHCP Options Settings
Conguring the ENET Settings
Conguring the WLAN Settings
4
Conguring the general settings
To congure the general network settings:
1 From the oating bar menu, click the System Setup , and then click Network setup.
The Network Setup dialog box is displayed.
24 Conguring the connectivity
Figure 7. Network setup
2 Click the General tab and use the following guidelines:
a To set the default gateway, select the type of network interface from the available options.
1 Single Network support— Either wireless or wired network is connected.
ENET — Click this option, if you want set up the Ethernet Wired Network Connection.
WLAN — Click this option, if you want set up the Wireless Network Connection.
If the user use wireless network after selecting ENET connection or wired network after selecting WLAN connection, then the system log "WLAN: set default gateway xx.xx.xx.xx" for rst case and "ENET: set default gateway xx.xx.xx.xx" for second case are printed to ensure that the UI setting reects the actual usage.
Use Static Name Servers— By default, this check box is not selected, and thin client fetches the server IP address from DHCP. Select this check box to manually assign static IP addresses. If name servers are changed using GUI, INI or link down/ up, then the details are displayed in Event Logs. In dynamic mode, the DNS/WINS can be merged from Ethernet and Wireless, if network is not working.
2 Dual Network support — Both wireless and wired networks are connected. The default gateway is determined by the UI
settings.
NOTE
: The UI will not be changed automatically.
b Enter the URL address of the DNS Domain in the DNS Domain box. c Enter the IP address of the DNS Server in the DNS Server box.
Use of DNS is optional. DNS allows you to specify remote systems by their host names rather than IP addresses. If a specic IP address (instead of a name) is entered for a connection, it is used to make the connection. Enter the DNS Domain and the network address of an available DNS Server. The function of the DNS Domain entry is to provide a default sux to be used in name resolution. The values for these two boxes may be supplied by a DHCP server. If the DHCP server supplies these values, they replace any locally congured values. If the DHCP server does not supply these values, the locally congured values will be used.
: You can enter upto 16 DNS Server addresses, separated by a semicolon, comma, or space. The rst address is
NOTE
for the primary DNS server and the rest are secondary DNS servers or backup DNS servers.
d Enter the IP address of the WINS Server in the WINS Server box.
Use of WINS is optional. Enter the network address of an available WINS name server. WINS allows you to specify remote systems by their host names rather than IP addresses. If a specic IP address (instead of a name) is entered for a connection, it
Conguring
the connectivity 25
is used to make the connection. These entries can be supplied through DHCP, if DHCP is used. DNS and WINS provide essentially the same function, name resolution. If both DNS and WINS are available, the zero client attempts to resolve the name using DNS rst and then WINS.
You can enter two WINS Server addresses (primary and secondary), separated by a semicolon, comma, or space.
e Enter the digit multiplier of 30 seconds in the TCP Timeout box to set the timeout value of a TCP connection. The value must
be 1 or 2 which means the connection timeout value is from 1x30= 30 seconds to 2x30= 60 seconds. If the data for connecting to the server is not acknowledged and the connection is time out, setting the timeout period retransmits the sent data and again tries to connect to the server till the connection is established.
3 Click OK to save the settings.
Conguring the DHCP options settings
To congure the Option settings :
1 From the oating bar menu, click the System Setup , and then click Network Setup.
The Network Setup dialog box is displayed.
2 Click the Options tab, and use the following guidelines:
Figure 8. Network Setup
a DHCP Option IDs — Enter the supported DHCP options; each value can only be used once and must be between 128 and
254). For information on DHCP options, see Using DHCP options
Conguring the connectivity
26
b Interpret DHCP Vendor-Specic Info — Select this check box for automatic interpretation of the vendor information. c DHCP Vendor ID — Shows the DHCP Vendor ID when the dynamically allocated over DHCP/ BOOTP option is selected. d DHCP UserClass ID — Shows the DHCP UserClass ID when the dynamically allocated over DHCP/BOOTP option is selected.
3 Click OK to save the settings.
Conguring the ENET settings
To congure the ENET settings:
1 From the oating bar menu, click System Setup, and then click Network Setup.
The Network Setup dialog box is displayed.
2 Click the ENET tab, and use the following guidelines:
Figure 9. ENET settings
a Ethernet Speed — Normally the default (Auto-Detect) should be selected, but another selection can be made if automatic
negotiation is not supported by your network equipment. Selections include Auto-Detect, 10 MB Half-Duplex, 10 MB Full- Duplex, 100 MB Half-Duplex, 100 MB Full-Duplex, and 1 GB Full-Duplex.
The 10 MB Full-Duplex option can be selected locally at the device, however, this mode may need to be negotiated through AutoDetect.
b The IPV4 check box is selected by default. Click Properties to set various options supported by IPV4.
Conguring
the connectivity 27
Dynamically allocated over DHCP/BOOTP — Selecting this option enables your thin client to automatically receive information from the DHCP server. The network administrator must congure the DHCP server using DHCP options to provide information. Any value provided by the DHCP server replaces any value entered locally on the Options tab, however, locally entered values are used if the DHCP server fails to provide replacement values.
Statically specied IP Address — Select this option to manual enter the IP Address, Subnet Mask and Default Gateway:
IP Address — Must be a valid network address in the server environment. The network administrator must provide this
information.
Subnet Mask — Enter the value of the subnet mask. A subnet mask is used to gain access to machines on other
subnets. The subnet mask is used to dierentiate the location of other IP addresses with two choices: same subnet or other subnet. If the location is other subnet, messages sent to that address must be sent through the Default Gateway, whether specied through local conguration or through DHCP. The network administrator must provide this value.
Default Gateway — Use of gateways is optional. Gateways are used to interconnect multiple networks (routing or
delivering IP packets between them). The default gateway is used for accessing the internet or an intranet with multiple subnets. If no gateway is specied, the thin client can only address other systems on the same subnet. Enter the address of the router that connects the thin client to the internet. The address must exist on the same subnet as the thin client as dened by the IP address and the subnet mask. If DHCP is used, the address can be supplied through DHCP.
c Select the IPV6 check box, and then click Advanced to select various IPV6 supported setting options from the available check
boxes. The following check boxes are displayed in the IPv6 Advanced Settings dialog box:
Allow IPv4 to be disabled when IPv6 is enabled
Prefer IPv4 over IPv6 when both are available
Disable Stateless Address Auto conguration (SLAAC)
Disable Duplicate Address Detection (DAD)
Disable ICMPv6 Echo Reply
Disable ICMPv6 Redirect Support
Use Standard DHCPv6 Timers
Click properties and use the following guidelines:
Wait DHCP — Selecting this option enables your thin client to wait for IPV6 DHCP before the sign-in, if not selected the system will only wait for IPV4 DHCP if enabled.
Dynamically allocated over DHCP/BOOTP — Selecting this option enables your thin client to automatically receive information from the DHCP server. The network administrator must congure the DHCP server (using DHCP options) to provide information. Any value provided by the DHCP server replaces any value entered locally on the Options tab, however, locally entered values are used if the DHCP server fails to provide replacement values.
Statically specied IP Address — Select this option to manually enter the IP Address, Subnet Mask and Default Gateway.
IP Address — Must be a valid network address in the server environment. The network administrator must provide this
information.
Subnet Mask — Enter the value of the subnet mask. For more information, see various options supported by IPV4 in
this section.
Default Gateway — Use of gateways is optional. For more information, see various options supported by IPV4 in this
section.
DNS Servers — Use of DNS is optional. DNS allows you to specify remote systems by their host names rather than IP addresses. If a specic IP address (instead of a name) is entered for a connection, it rather than DNS is used to make the connection. Enter the network address of an available DNS Server. The value for this box may be supplied by a DHCP server. If the DHCP server supplies this value, it replaces any locally congured value. If the DHCP server does not supply this value, the locally congured value is used.
d Select the check box to enable IEEE802.1x authentication.
Conguring the connectivity
28
EAP Type — If you have enabled the Enable IEEEE 802.1x authentication check box, select the EAP Type option you want (TLS, LEAP, PEAP or FAST).
TLS — If you select the TLS option, click Properties to open and congure the Authentication Properties dialog box.
– Select the Validate Server Certicate check box because it is mandatory to validate your server certicate.
NOTE:
The CA certicate must be installed on the thin client. Also note that the server certicate text eld supports a maximum of approximately 255 characters, and supports multiple server names.
– If you select the Connect to these servers check box, the box is enabled where you can enter the IP address of server.
– Click Browse to nd and select the Client Certicate le and Private Key le you want.
NOTE: Make sure you select PFX le only.
– From the Authenticate drop-down list, select either User Authentication or Machine Authentication based on your
choice.
The following kinds of server names are supported — all examples are based on Cert Common name
company.wyse.com
*.wyse.com
*wyse.com
*.com
NOTE
:
Using only the FQDN, that is company.wyse.com does not work. You must use one of the options (note that *.wyse.com is the most common option as multiple authentication servers may exist): servername.wyse.com
LEAP — If you select the LEAP option, click Properties to open and congure the Authentication Properties dialog box. Be sure to use the correct username and password for authentication. The maximum length for the username or the password is 31 characters.
PEAP — If you select the PEAP option, click Properties to open and congure the Authentication Properties dialog box. Be sure to select either EAP_GTC or EAP_MSCHAPv2, and then use the correct username, password and domain. Validate Server Certicate is optional.
FAST—If you select the FAST option, click Properties to open and congure the Authentication Properties dialog box. Be sure to select either EAP_GTC or EAP_MSCHAPv2, and then use the correct username, password and domain. Validate Server Certicate is optional.
From ThinOS Lite 2.3, EAP-FAST authentication is supported. During the initial connection, when there is a request for a Tunnel PAC from the authenticator, the PAC is used to complete the authentication. Therefore, the rst time connection always fails and the following connections succeed. Only automatic PAC provisioning is supported. The user/machine PAC provisioning generated with Cisco EAP-FAST utility is not supported.
Conguring EAP-GTC and EAP-MSCHAPV2
To congure EAP-GTC, enter the username only. The password or PIN is required when authenticating.
To congure EAP-MSCHAPv2, enter the username, password and domain.
IMPORTANT
blank.
: The domain\username in the username box is supported, but you must leave the domain box
The CA certicate must be installed on the thin client and the server certicate is forced to be validated. When EAP­MSCCHAPV2 is selected as EAP type in the Authentication Properties dialog box for PEAP or FAST authentication, an option to hide the domain is available for selection. Username and Password boxes are available for use, but the Domain text box is disabled.
Conguring
the connectivity 29
When EAP-MSCHAPV2 is selected as EAP type in the Authentication Properties dialog box for PEAP or FAST authentication, a check box to enable Single Sign-On feature is available for selection.
3 Click OK to save the settings.
Conguring the WLAN settings
1 From the oating bar menu, click System Setup, and then click Network Setup.
The Network Setup dialog box is displayed.
2 Click the WLAN tab, and use the following guidelines:
Figure 10. WLAN settings
a Add— Use this option to add and congure a new SSID connection.
You can congure the SSID connection from the available security type options.
Conguring the connectivity
30
Loading...
+ 206 hidden pages