Administrator Guide
Table Of Contents
- Dell Wyse ThinOS Lite Release 2.6 Administrator’s Guide
- Introduction
- Before working on ThinOS Lite
- Getting started
- Global connection settings
- Configuring the connectivity
- Configuring the network settings
- Configuring the remote connections
- Configuring the Citrix broker setup
- Configuring the visual settings
- Configuring the general options
- Configuring the authentication settings
- Configuring the central configurations
- Configuring the VPN manager
- Configuring the connection broker
- Configuring Citrix
- Configuring the Citrix broker setup
- Citrix HDX RealTime Multimedia Engine—RTME
- Citrix Icon refresh
- Using multiple audio in Citrix session
- Using Citrix NetScaler with CensorNet MFA authentication
- Okta Integration through Citrix NetScaler
- Configuring ICA connections
- ICA Self Service Password Reset—SSPR
- QUMU or ICA Multimedia URL Redirection
- HTML5 Video Redirection
- ICA SuperCodec
- Anonymous logon
- Configuring the Citrix UPD Printer
- Introduction to Flash Redirection
- Configuring Citrix
- Configuring Zero Client Settings
- Performing Diagnostics
- BIOS Management
- Security Changes
- Creating and Using xen.ini Files
- Examples of Common Printing Configurations
- Important Notes
- Troubleshooting
Table 22. Parameters for a xen.ini File (continued)
Parameter Description
belongs to group domain user and group tc_grp1_ad, the option
is configured as AdGroupPrefix=tc_grp1. If the configuration file
adgroup/tc_grp1_ad.ini exists, it will be loaded.
RequireSmartCard is used for authentication of smartcard.
If optional RequireSmartCard=yes or force, only smartcard
authentication is allowed.
If optional RequireSmartCard=no, smartcard authentication is
disabled.
If optional RequireSmartCard=optional, smartcard authentication is
optional. The default value is optional.
The optional keyword CitrixSignonStyle specifies the sign
on window style for ThinOS Lite build. By default,
CitrixSignonStyle=default, the citrix receiver store front style sign
on window is used if StoreFront Style is checked in Xen Broker GUI,
otherwise, the legacy ThinOS Lite sign on window style is used. If
you set CitrixSignonStyle=thinos, the ThinOS Lite sign on window
style is used. If set CitrixSignonStyle=Xenith, the legacy ThinOS Lite
sign on window style is used.
CitrixSignonStyle specifies the signon window style for ThinOS Lite
build. By default, CitrixSignonStyle=default, the citrix receiver store
front style signon window is used. If StoreFront Style is checked
in Xen Broker GUI, otherwise, the legacy Xenith signon window
style is used. If you set CitrixSignonStyle=thinos, the ThinOS signon
window style is used. If set CitrixSignonStyle=Xenith, the legacy
ThinOS Lite signon window style is used.
ScepAutoEnroll = { yes |
no }
AutoRew = { yes | no }
InstallCACert = {yes | no }
[CountryName = county]
[State = state]
[Locality= locality]
[Organization = organization_name]
[OrganizationUnit = organization_unit]
[CommonName = common_name]
[Email = email_address]
KeyUsage = kay_usage
KeyLength = {1024, 2048, 4096 }
[subAltName = subject_alt_name_list]
RequestURL = scep_request_url
CACertHashType = { MD5, SHA1, SHA256 }
CACertHash = CA_HASH_VALUE
[EnrollPwd = enrollment_password]
[EnrollPwdEnc = encrypted_enrollment_password]
[ScepAdminUrl = scep_administrator_page_url]
[ScepUser = scep_enrollment_user]
[ScepUserDomain = scep_enrollment_user_domain]
This option is to allow client automatically get certificates and
renew certificates using SCEP protocol.
ScepAutoEnroll—Set this keyword to yes to enable client's
functionality to automatically obtain certificate.
Set AutoRenew—Set this keyword to yes to enable certificate
auto renew. Client only tries to renew certificates requested either
manually or automatically through SCEP from this client, and the
renewal is performed only after a certificate's 1/2 valid period has
passed.
Set InstallCACert—Set this keyword to yes to install the root CA's
certificate as trusted certificate after successfully getting a client
certificate.
CountryName, State, Locality, Organization,
OrganizationUnit, CommonName, Email—These keywords
together compose the subject identity of the requested client
certificate. Country Name should be two letter in uppercase, other
fields are printable strings with a length shorter than 64 bytes, and
email_address should have a '@' in it. At least one of the above
fields must be configured correctly to form the client certificate's
subject identity.
KeyUsage —This option is to specify key usage of the
client certificate and should be set to a digitalSignature,
keyEncipherment or both using a ';' concatenating these two as
digitalSignature;keyEncipherment.
KeyLength—This option is to specify the key length of the client
certificate in bits, must one of the value in the list.
subAltName—This option is to specify the client certificate's
subject alternative names. It is a sequenced list of name elements,
Creating and Using xen.ini Files
211