Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureLatitude 5280 mobile thin client
11121314151617181920
Conguring component services
To access and congure the component services, event viewer, and local services use the Component Services console.
For more information, see Administrative Tools in Windows 10 at support.microsoft.com.
Viewing the events
To view monitoring and troubleshooting messages from Windows and other programs, use the Event Viewer window.
In the Component Services console, click the Event Viewer icon from the Console Root tree. The summary of all the logs of the events
that have occurred on your computer is displayed. For more information, see Event Viewerat support.microsoft.com.
Managing the services
To view and manage the services installed on the thin client device, use the Services window. To open the Services window, go to Start >
Control Panel > Administrative Tool Services.
1 In the Component Services console, click the Services icon from the console tree.
The list of services is displayed.
2 Right-click the service of your choice. You can perform Start, Stop, Pause, Resume, and Restart operations.
You can select the Startup type from the drop-down list:
Automatic (Delayed Start)
Automatic
Manual
Disabled
For more information, see Component Services Administration at support.microsoft.com.
NOTE
: Ensure that the Write Filter is disabled while managing the services.
Using TPM and BitLocker
Trusted Platform Module (TPM)—A TPM is a microchip that provides basic security-related functions, that primarily involve encryption
keys.
BitLocker Drive Encryption (BDE)—A BDE is a full disk encryption feature that protects data by providing encryption for entire volumes. By
default, it uses the AES encryption algorithm in Cipher Block Chaining (CBC) mode with a 128-bit key. This algorithm is combined with the
Elephant diuser for extra disk encryption-specic security.
Windows 10 IoT Enterprise does not support sysprep on a BitLocker encrypted device. Due to this limitation, you cannot encrypt the
device, perform a sysprep, and pull the image. To overcome this issue, you must add or modify the TPM script. The device must not be
encrypted before sysprep (pull). The device encryption is handled by the post push script that uses the TPM_enable.ps1 script that is
at
C:\Windows\setup\tools\. The post push script must be included before enabling the UWF and after sysprep scripts. The PIN used to
encrypt the client must be passed to the script as an argument.
Encrypt the ash memory using TPM and BitLocker
Prerequisites
If the ash memory is encrypted previously, then do the following to clear the TPM:
18
Administrative features