Setup Guide
Table Of Contents
- Dell Wyse ThinOS Version 8.5 INI Reference Guide
- Introduction
- Getting Started: Learning INI File Basics
- Parameters for wnos INI files only
- Parameters for wnos INI, {username} INI, and $MAC INI files
- Connect Parameter: Options
- TimeZone Parameter: Values
- Best Practices: Troubleshooting and Deployment Examples
Table 6. Connection Settings: wnos.ini files only (continued)
The optional keyword Username and Password specify the
username/password of the file server. When the client
fetches the WNOS.INI file from a HTTPS server, ThinOS
supports different security modes. The default follows
SecurityPolicy and may be one of the three modes. The option
SecurityMode specifies these security modes.
SecurityMode — Specifies the security level for the file
server during client verification of the server certificate. This
option is only valid when connecting to an https file server.
When configuring the https file server, the Username and
Password options of the FileServer parameter can be omitted.
Use the following guidelines:
● Set SecurityMode=Full to have the client verify the server
certificate in highest security mode; if any error occurs
during verification, the client will not connect to the server
and a pop-up message is displayed.
● Set SecurityMode=Warning to have the client provide
a warning when the client cannot verify the server
certificate, but still allow the user to select to continue
client connection to the server.
● Set SecurityMode=Low to indicate that the client allows
connection without any certificate verification.
● Set SecurityMode=Default to indicate that the client
follows SecurityPolicy settings to check certificate.
● Default value of the setting is Default. If the settings are
factory default or if you are upgrading to ThinOS 8.3 for
the first time, the value is temporarily set to None. After
loading any INI, it goes to default.
● If the security mode value in WNOS.INI is not the same
as the one saved in Client NVRAM, client shows a reboot
dialog box.
NOTE:
Security process includes:
1. Verification that certificate has a valid date
2. Verification that Issuer is valid and correct
3. Certificate verification passes
4. CN and SAN on the certificate matches the DNS
naming
For Example: FileServer=https://10.151.122.66:444
SecurityMode=warning.
FormURL=URL to a file
Specifies the URL to the name of a bitmap file
(.ico, .bmp, .jpg, or .gif), to be displayed in the sign-on
window, residing under the thin client home directory. The
length of the path, including the home directory and the file,
is limited to 128 characters. If auto dial-up is enabled, this
statement is invalid.
HealthCastServer=vip list
[LogLevel={0, 1, 2 ,3}]
[SecurityMode={default, full, warning, low}]
[ClientCertificate=certificate file name]
Specifies a list of VIP addresses with optional TCP port
number of HealthCast servers.
LogLevel—The option LogLevel is for debug purpose; 0
means no log.
SecurityMode —Specifies the SSL certification validation
policy. If set to default, it will apply SecurityPolicy setting.
26 Parameters for wnos INI files only