- This topic is empty.
-
AuthorPosts
-
November 20, 2007 at 2:53 pm #752
Hi,
Just getting started with Wyse clients.
We’re running XP desktops in VMWare with RDP. So I need each client to connect to its own RDP address. So far I’ve been doing this on the client and it works well. But now I need to begin locking things down with ini files.
My question is, if I leave session information out of the ini, will each client still connect with the local information I’ve provided? I’m afraid we don’t have a connection broker. It’s not in the budget right now.
In fact, would that apply to any option I leave of of the ini? All I really need the ini for is to lock down the desktop in case someone decides to log out of their session.
This is on new V10L clients.
Thanks.
November 21, 2007 at 6:43 pm #10830Hi longtime,
when you remove the connection from your wnos.ini file the connection on the client will be deleted.
If you cannot install a Connection Broker consider the following:
-create the XP pro session with a unique name (should be that way always)
– rename each WTOS device to match exactly one XP pro session name
– replace your connection string in the wnos.ini with this one
connect=rdp
host=$TN
description=default
reconnect=yes
autoconnect=1
fullscreen=1
icon=defaultThis way a general RDP session will be generated for each client and it is connecting to a RDP session that has the terminal name.
A second option would be to enable NTLM logon on the WTOS unit by using
signon=NTLM EnableOK=yesChange your connection string then to
connect=rdp
host=$UN
description=default
reconnect=yes
autoconnect=1
fullscreen=1
icon=defaultNow the user is forced to login to the WTOS device using his AD credentials and the RDP session is launched trying to connect to a XP pro session named like the username.
HTH
ConfGenNovember 21, 2007 at 8:58 pm #10832Thanks, ConfGen.
I like your first suggestion. I didn’t know you could set the host to a session name. Does that just work or does it need to be in DNS?
And to make the unit secure in the event someone manages to log out (these are in a public setting), is it better to set privilege to low or none? Is lockdown a good idea or will that keep me out too?
I assume I also need to setup a separate ini with privilege set to high so I can get in. Is that the way it works?
November 22, 2007 at 11:26 am #10834Hi,
of course the session name must be resolvable via DNS.
In a public area I would always recommend
Privilege=none lockdown=yes
This will lock down the client even if the FTP server is not available.
I would add the admin mode to the wnos.ini instead of using a username.ini to get administrative access to the client.ConfGen
November 23, 2007 at 2:36 pm #10844I got around the DNS issue by using the session address as the terminal name. It seems to be working.
What’s the best way to get admin access when it’s set to reconnect in five seconds? That’s a problem I didn’t foresee. Can you cancel reconnect at lower privilege levels?
Thanks.
November 23, 2007 at 11:49 pm #10852Hi,
One tip, if you use the Host=$TN and you have Dynamic DNS setup this can cause a problem as the terminal will try and register itself in DNS and try to connect to its self.
To get around this add extra to the host= like this:
Host=”wysetc-“$TN
Then set up the appropriate DNS record or CNAME,
Cheers,
-TTNovember 26, 2007 at 3:15 pm #10869Thanks for the tip, thinkthin. Good to know.
-
AuthorPosts
- You must be logged in to reply to this topic.