Setup Guide
Table Of Contents
- Dell Wyse ThinOS Version 8.6 INI Reference Guide
- Introduction
- Getting Started: Learning INI File Basics
- Parameters for wnos INI files only
- Parameters for wnos INI, {username} INI, and $MAC INI files
- Connect Parameter: Options
- TimeZone Parameter: Values
- Best Practices: Troubleshooting and Deployment Examples
Table 9. Connection Settings: wnos.ini files, {username} INI, and $MAC INI files (continued)
Parameter
* Global overrides identically-named user profile
** After sign off, user profile returns to global value
Description
[tlsauthtype={user, machine}]
[tlsclntcert={client certificate filename for EAP-TLS}]
[tlsclntprikey={filename of certificate with private key for
EAP-TLS}]
[tlsclntprikeypwd={password for private key}]
[tlsclntprikeypwdEnc={password encrypted for private key}]
[peapeap={EAP-MSCHAPV2, EAP-GTC}]
[peapidentity={identity/username for PEAP}]
[peapmschapun={username for EAP-PEAP/ EAP-
MSCHAPV2}]
[peapmschappwd={password for EAP-PEAP/EAP-
MSCHAPV2}]
[peapmschappwdEnc={password encrypted for EAP-PEAP/
EAP-MSCHAPV2}]
[peapmschapdm={domain for EAP-PEAP/ EAP-MSCHAPV2}]
[peapmschaphidedm={yes,no}]
[peapsinglesignon={yes, no}]
[peapgtcun={username for EAP-PEAP/ EAP-GTC}]
[peapgtcpwd={password for EAP-PEAP/ EAP-GTC}]
[peapgtcpwdEnc={password for encrypted for EAP-PEAP/
EAP-GTC}]
[wpapskpwd={passphrase for WPA-PSK}]
[wpapskpwdEnc={passphrase encrypted for WPA-PSK}]
[wpa2pskpwd={passphrase for WPA2-PSK}]
[wpa2pskpwdEnc={passphrase encrypted for WPA2-PSK}]
[encryption={TKIP|CCMP}]
[fasteap={EAP-MSCHAPV2, EAP-GTC}]
[fastidentity={Identity for EAP_FAST}]
[fastmschapun={username for EAP-FAST/EAP-MSCHAPV2}]
[fastpmschappwd={password for EAP-FAST/EAP-
MSCHAPV2}]
[fastmschappwdEnc={password encrypted for EAP-FAST/
EAP-MSCHAPV2}]
[fastmschapdm={domain for EAP-FAST/EAP-MSCHAPV2}]
8. The wildcard server include three entries in INI file. If both
the servervalidate entry and servercheck entry are set to
yes, the servername entry is valid.
9. Server certificate validation is mandatory in EAP-TLS
authentication. If the eaptype entry is set to EAP-TLS, the
servercheck entry must be set to yes.
10. Server list must be included in double quotation
marks. For example IEEE8021X=yes Network=wireless
access=WPA2-ENT eap=yes servervalidate=yes
servercheck=yes servername=";test.com;wireless98;
test.com" eaptype=eap-peap peapeap=eap-mschapv2
peapmschapun=administrator peapmschappwd=password
.
11. Additional option timeoutretry specifies the retry times
when 8021x authentication times out, which means that
it is only validated when the optional network type is
wired. For example, timeoutretry=3 allows you to retry
thrice after 8021x authentication times out.
12. Additional option Profile specifies the type of ssid
authentication to be configured. When we support multiple
ssid wireless settings, the statement ieee8021x must be
after the statement device=wireless, and one additional
profile parameter is needed to identify the type of ssid
authentication which is configured. For example,
#ThinIsIn
Device=Wireless Mode=Infrastructure
SSID=ThinIsInIEEE8021X=yes network=wireless
profile=ThinIsIn access=WPA2-ENT eap=yes
eaptype=EAP-PEAP peapeap=EAP-MSCHAPV2
peapmschapdm=wyse
[fastmschaphidedm={yes,no}]
[fastsinglesignon={yes, no}]
[fastgtcun={username for EAP-FAST/EAP-GTC}]
[fastgtcpwd={password for EAP-FAST/EAP-GTC}]
[fastgtcpwdEnc={password for encrypted for EAP-FAST/
EAP-GTC}]
[wiredreset={yes, no}]
Continued from the previous table...
#wtos_95
Device=Wireless Mode=Infrastructure
SSID=wtos_95IEEE8021X=yes network=wireless
profile=wtos_95 access=WPA2-ENT eap=yes eaptype=EAP-
PEAP peapeap=EAP-MSCHAPV2
Parameters for wnos INI, {username} INI, and $MAC INI files 79