Setup Guide
Table Of Contents
- Dell Wyse ThinOS Version 8.6 INI Reference Guide
- Introduction
- Getting Started: Learning INI File Basics
- Parameters for wnos INI files only
- Parameters for wnos INI, {username} INI, and $MAC INI files
- Connect Parameter: Options
- TimeZone Parameter: Values
- Best Practices: Troubleshooting and Deployment Examples
Table 6. Connection Settings: wnos.ini files only (continued)
Parameter Description
HTTPS server, ThinOS supports different security modes. The default follows
SecurityPolicy and may be one of the three modes. The option SecurityMode
specifies these security modes.
SecurityMode — Specifies the security level for the file server during client
verification of the server certificate. This option is only valid when connecting
to an https file server.
When configuring the https file server, the Username and Password options
of the FileServer parameter can be omitted. Use the following guidelines:
● Set SecurityMode=Full to have the client verify the server certificate in
highest security mode; if any error occurs during verification, the client
will not connect to the server and a pop-up message is displayed.
● Set SecurityMode=Warning to have the client provide a warning when the
client cannot verify the server certificate, but still allow the user to select
to continue client connection to the server.
● Set SecurityMode=Low to indicate that the client allows connection
without any certificate verification.
● Set SecurityMode=Default to indicate that the client follows
SecurityPolicy settings to check certificate.
● Default value of the setting is Default. If the settings are factory default or
if you are upgrading to ThinOS 8.3 for the first time, the value is
temporarily set to None. After loading any INI, it goes to default.
● If the security mode value in WNOS.INI is not the same as the one saved
in Client NVRAM, client shows a reboot dialog box.
NOTE:
Security process includes:
1. Verification that certificate has a valid date
2. Verification that Issuer is valid and correct
3. Certificate verification passes
4. CN and SAN on the certificate matches the DNS naming
For Example: FileServer=https://10.151.122.66:444 SecurityMode=warning.
Username-Enc specifies the AES encrypted username of the file server.
Password-Enc specifies the AES encrypted password of the file server.
Use Windows Password_Gen tool to generate the encrypted string.
FormURL=URL to a file
Specifies the URL to the name of a bitmap file (.ico, .bmp, .jpg, or .gif), to be
displayed in the sign-on window, residing under the thin client home directory.
The length of the path, including the home directory and the file, is limited to
128 characters. If auto dial-up is enabled, this statement is invalid.
HealthCastServer=vip list
[LogLevel={0, 1, 2 ,3}]
[SecurityMode={default, full, warning, low}]
[ClientCertificate=certificate file name]
Specifies a list of VIP addresses with optional TCP port number of HealthCast
servers.
LogLevel—The option LogLevel is for debug purpose; 0 means no log.
SecurityMode —Specifies the SSL certification validation policy. If set to
default, it will apply SecurityPolicy setting. If set to full, the SSL connection
needs to verify server certificate. If it is untrusted, then drop the connection.
If set to warning, the SSL connection needs to verify server certificate. If it is
untrusted, you may still continue or drop the connection. If set to low, the
server certificate will not be checked. The value will be persistent, and the
default value of the setting is default.
26 Parameters for wnos INI files only