Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureWyse 3010 Thin Clients/T10/T50/T00X

191

192

193

194

195

196

197

198

199

200

Parameter Description

The option SecurityMode species these security modes. It is only valid

when connected to https leserver, the details of which are shown below:

• Client checks the server certicate in the following phases except in

Low mode:

– Certicate has to have a Valid Date.

– Issuer is valid and correct.

– Certicate verication should pass.

– CN and SAN on cert match DNS naming.

• Set SecurityMode=Full to indicate that the client veries the server’s

certicate in highest security mode. If any error is detected, client

prompts a pop-up box.

• Set SecurityMode=Warning to indicate that the client allows

continuation if any error is detected. follows SecurityPolicy setting to

check the certicate.

• Set SecurityMode=Low to indicate that the client allows connection

without any certicate verication.

• Set SecurityMode=Default to indicate that the client follows

SecurityPolicy setting to check certicate.

• Default value of the setting is Default. If the settings are factory

default or if you are upgrading to ThinOS Lite 2.3 for the rst time, the

value is temporarily set to None. After loading any INI, it goes to

default.

• If the security mode value in xen.INI is not the same as the one saved

in Client NVRAM, client shows a reboot dialog box.

Example: FileServer=https://10.151.122.66:444 SecurityMode=warning

NOTE

• The sub parameter SecurityMode of FileServer is only validated

when the FileServer is set to https:// as its prex.

• When you congure the https le server, the sub parameters

Username and Password of FileServer can be omitted.

The option Username-Enc species AES encrypted username of the le

server.

The option Password-Enc species AES encrypted password of the le

server.

Hosts=<hosts

le name>

Species the le name of the hosts. This le is a simple text le that

associates IP addresses with hostnames, one line per IP address. The

length of the le name is limited to 63 characters.

The le must be placed in le server and can be cached if set

MirrorFileServer=yes in the xen.ini. When resolving a host name, the

system will initially look in the le and if not found, will search DNS, WINS,

and so on. The following is an example of format in the hosts le:

10.151.122.1 gateway.ctx.com

10.151.122.123 myvm.ctx.com

IEEE8021X={yes, no}

network={wired, wireless}

[Prole=ssid]

[access={WPA-PSK, WPA2-PSK, WPA-ENT, WPA2-ENT}]

If IEEE8021X is set to no, then all parameters following it is ignored.

If network is not congured, the conguration is ignored.

The key left of equal is case sensitive, and the value right of equal case is

not case sensitive except for credential information; for example

username, password or certicate lename.

192 Creating and Using xen.ini Files