Setup Guide
Table Of Contents
- Dell Wyse ThinOS Version 8.6 INI Reference Guide
- Introduction
- Getting Started: Learning INI File Basics
- Parameters for wnos INI files only
- Parameters for wnos INI, {username} INI, and $MAC INI files
- Connect Parameter: Options
- TimeZone Parameter: Values
- Best Practices: Troubleshooting and Deployment Examples
Table 6. Connection Settings: wnos.ini files only (continued)
Parameter Description
[WordWrap=[yes, no]]—When the value is set to WordWrap=yes, this
parameter enables the notification file to wrap the text so that it is displayed
correctly.
The default values is no.
OneSignServer=onesign_server
[DisableBeep={yes,no}]
[KioskMode=yes,no}]
[TapToLock={0,1,2}]
[EnableWindowAuthentication={yes,no}]
[AutoAccess={VMW,XD,XA,LOCAL,RDSHD,
RDSHA, RDSHPC}]
[NetBIOSDomainName={yes,no}]
[SuspendAction={0, 1}]
[DisableHotKey={yes,no}]
Loglevel=0/1/2/3
[DisablePromptToEnroll={
yes,no}]
[SecurityMode={default, full, warning, low}]
[OneSignTimeout={0 to 30}]
A list of host names or IP addresses with optional TCP port number or URLs
of Imprivata OneSign servers. It should use https protocol. If
OneSignServer="" is defined, then only imprivata virtual channel can work.If
DisableBeep is set to yes, then Rfideas reader can be set to mute when a card
is tapped. Default is no.
If KioskMode is set to yes, then different OneSign user can unlock the client
desktop. Default is no. Optional keyword TaptoLock is only active when
KioskMode=yes.
● If TapToLock=0, then tap a card to lock terminal is disabled.
● If TapToLock=1(Tap to lock), then use the proximity card to lock the
terminal.
● If TapToLock=2(Tap over), then lock the terminal and log in as a different
user. Default is 2.
If EnableWindowAuthentication is set to yes and OneSign signon fails, then
continue to sign-on with windows credential to pre-define broker. Default is
yes.
If AutoAccess is defined, then auto launch the corresponding type of
broker. Otherwise, get the broker type from the Imprivata Server setting of
computer and user policy. If none of them is defined, then launch the first
available broker server from the Imprivata server.
If AutoAccess=LOCAL is set, then launch the broker from the ThinClient
setting; the broker getting from the Imprivata Server is ignored.
NOTE:
AutoAccess can be set in [username].ini and wnos.ini. The
wnos.ini has priority over [username].ini.
If NetBIOSDomainName is set to yes, then Imprivata domain list will show
NetBIOS domain name and card user will authenticate to the broker server
using NetBIOS domain name. Default is no.
If SuspendAction is set to 0, then lock the terminal when you tap the card or
press the hotkey. If set to 1, then signoff the terminal. If ‘no’ is defined, then
lock the terminal in KioskMode and sign-off the terminal in none KioskMode.
If DisableHotKey is set to yes, then no action when you press the hotkey
defined in Imprivata Server. Only WebAPI 4 and later versions support the
hotkey function.
Loglevel—While configuring the Imprivata server, user can view the OneSign
logs on ThinOS by enabling the Agent Logging feature. An ini configuration is
needed correspondingly. Default value is 0. If set to 0, logs are not displayed.
If DisablePromptToEnroll is set to yes, then ThinOS does not prompt you to
enroll their security answers after OneSign sign-on. Default value is yes.
SecurityMode specifies the SSL certification validation policy. If set to
default, it applies SecurityPolicy setting. If set to full, the SSL connection
needs to verify server certificate. If it is untrusted, drop the connection. If set
to warning, the SSL connection needs to verify server certificate. If it is
untrusted, it is up to you to continue or drop the connection. If set to low, the
server certificate is not checked. The value is persistent, and the default
value of the setting is default.
From ThinOS version 8.3_109, ThinOS supports OneSign 5.2 RDSH broker.
Parameters for wnos INI files only
29