Dell Wyse Management Suite Version 1.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2018 - 2019 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents 1 Introduction................................................................................................................................. 5 2 Getting started with Wyse Management Suite................................................................................ 6 Logging in to Wyse Management Suite on public cloud...................................................................................................6 Prerequisites to deploy Wyse Management Suite on the private cloud............
H Registering Windows Embedded Standard device manually........................................................... 60 I Registering Linux device manually................................................................................................. 61 J Terms and definitions.................................................................................................................
1 Introduction Wyse Management Suite is the next generation management solution that lets you centrally configure, monitor, manage, and optimize your Dell Wyse thin clients. The new Suite makes it easier to deploy and manage thin clients with high functionality and performance, and ease of use. It also offers advanced feature options such as cloud versus on-premises deployment, manage-from-anywhere using a mobile application, enhanced security such as BIOS configuration and port lockdown.
2 Getting started with Wyse Management Suite This section provides information about the general features to help you get started as an administrator and manage thin clients from the Wyse Management Suite software. Topics: • • Logging in to Wyse Management Suite on public cloud Prerequisites to deploy Wyse Management Suite on the private cloud Logging in to Wyse Management Suite on public cloud To log in to the Wyse Management Suite console, you must have a supported web browser installed on your system.
Prerequisites to deploy Wyse Management Suite on the private cloud Table 1.
3 Installing Wyse Management Suite on private cloud A simple installation of Wyse Management Suite consists of the following: • • • Wyse Management Suite server (includes repository for application and operating system images) Optional—Additional Wyse Management Suite repository servers (repositories for additional images, applications, and AD authentication) Optional—HTTPS certificate from a Certificate Authority such as www.geotrust.com/.
Figure 1. Welcome screen 3. On the Setup Type page, select the components that you want to install, and click Next. The available options are: • Wyse Management Suite—There are two setup types available for Wyse Management Suite components. • • • Typical—Requires minimum user interaction and installs embedded databases. Custom—Requires maximum user interactions and is recommended for advanced users. For more information, see Custom installation.
Figure 2. Setup type screen If EM SDK is installed on the server along with Wyse Management Suite from a previous installation, the Teradici EM SDK components are updated automatically. 4. Select Typical as the Setup Type. Enter the new Database Credentials for the embedded databases. Also, enter the new Administrator Credentials and click Next. NOTE: The administrator credentials are required to log in to the Wyse Management Suite web console after the installation.
Figure 3. Credentials 5. On the Configuration page, configure the shared folder and access rights for the CIFS user. The available options are: • • Use an Existing user—Select this option to validate credentials for the existing user. Create a New user—Select this option and enter the credentials to create a new user.
Figure 4. Configure CIFS User Credentials NOTE: If the Teradici EM SDK option is enabled on the Setup Type page, you can configure the port for the Teradici server on the Configuration page.
Figure 5. CIFS user credentials 6. Select a path to install the software, and the path to install the local tenant file repository, and then click Next. The default path of the destination folder to install the software is C:\Program Files\DELL\WMS.
Figure 6. Destination 7. Click Next.
Figure 7. Summary The Pre-Installation Summary page is displayed. 8. Click Next to install the software. The installer takes approximately 4–5 minutes to complete the installation. However, it may take longer if dependent components such as VC-runtime are not installed on the system. 9. Click Launch to open the Wyse Management Suite web console. 10. On the web console, click Get Started.
Figure 8. Welcome page 11. Select your preferred license. • • If you select the license type as Standard, and then click Next to proceed with the standard Wyse Management Suite installation. If you select the license type as Pro, you must import a valid Wyse Management Suite license. To import the Wyse Management Suite license, enter the requested information to import license if your server has internet connectivity.
Figure 10. License information To export a license key from the Wyse Management Suite cloud portal, do the following: a. Log in to the Wyse Management Suite cloud portal by using one of the following links: • US data center—us1.wysemanagementsuite.com/ccm-web • EU data center—eu1.wysemanagementsuite.com/ccm-web b. Go to Portal Administration > Subscription.
Figure 11. Portal administration c. Enter the number of thin client seats. d. Click Export. NOTE: To export the license, select WMS 1.2, WMS 1.1, or WMS 1.0 from the drop-down list. The summary page shows the details of the license after the license is successfully imported. 12. Enter your SMTP server information, and click Save. NOTE: You can skip this screen and make changes later in the console.
Figure 12. Email alert NOTE: You must enter valid SMTP server information to receive email notifications from the Wyse Management Suite. 13. Import your SSL certificate to secure communications with the Wyse Management Suite server. Enter the public, private, and apache certificate and click the Import button. Importing the certificate takes three minutes to configure and restart Tomcat services.
Figure 14. PKCS-12 14. Click Next. 15. Click Sign in to WMS. The Dell Management Portal login page is displayed. Figure 15.
Figure 16. Dell Management Portal NOTE: Licenses can be upgraded or extended at a later point from the Portal Administration page. Topics: • • • • • Logging in to Wyse Management Suite Functional areas of management console Configuring and managing thin clients Creating policy group and updating configuration Registering new thin client Logging in to Wyse Management Suite To log in to the management console, do the following: 1.
Functional areas of management console The Wyse Management Suite console is organized into the following functional areas: • • • • • • • • • The Dashboard page provides information about each functional area of the system. The Groups & Configs page employs a hierarchical group policy management for device configuration. Optionally, subgroups of the global group policy can be created to categorize devices according to corporate standards.
Deployment of application policies and operating system images to thin clients can be scheduled immediately or later based on the device time zone or any other specified time zone. Inventory of devices—This option can be located by clicking the Devices tab. By default, this option displays a paginated list of all the devices in the system.
• • Thin Linux—2.0.24 or later versions ThinOS—8.4 firmware or later versions • You can register a device with an older version agent using HTTP URL instead of HTTPS. After the agent or firmware is upgraded to the latest version, communication with the Wyse Management Suite will automatically switch to https. You can download the latest version WDA at downloads.dell.com/wyse/wda.
NOTE: If the key is not validated, verify the credentials which you have provided. Ensure that ports 443 and 1883 are not blocked by the network. 8. Click OK. The device is registered to the Wyse Management Suite console. For information on how to register the Windows Embedded Standard devices and the Linux devices, see Registering Windows Embedded Device manually and Registering Linux device manually. Registering ThinOS devices using INI files If you want to configure the ThinOS devices using wnos.
Option Tag Description Code—165 your devices in Wyse Management Suite in public cloud, see Getting started with Wyse Management Suite on public cloud. NOTE: Do not use https:// in the server URL, or the thin client will not register under Wyse Management Suite. Description—WMS Server FQDN Name—MQTT Data Type—String Code—166 Description—MQTT Server This tag directs the device to the Wyse Management Suite Push Notification server (PNS).
URL/Tag Description NOTE: Do not use https:// in the server URL, or the thin client will not register under Wyse Management Suite. Record Name—_WMS_MQTT Record FQDN—_WMS_MQTT._tcp. Record Type—SRV This record directs the device to the Wyse Management Suite Push Notification server (PNS). For a private cloud installation, the device gets directed to the MQTT service on the Wyse Management Suite server. For example, wmsservername.domain.com:1883.
4 Deploying applications to thin clients The standard application policy allows you to install a single application package and requires reboot before and after installing each application. Using the advanced application policy, you can install multiple application packages with only two reboots. The advanced application policy also supports execution of pre and post installation scripts that may be needed to install a particular application. For more information, see Appendix B.
6. To allow a delay in execution of the policy, select the Allow delay of policy execution check box. If this option is selected, the following drop-down menus are enabled: • From the Max Hours per Delay drop-down menu, select the maximum hours (1–24 hours) you can delay execution of the policy. • From the Max delays drop-down menu, select the number of times (1–3) you can delay the execution of the policy. 7.
5 Uninstalling Wyse Management Suite To uninstall Wyse Management Suite, do the following: 1. Double-click the WMS icon. The uninstaller wizard is initiated, and the Wyse Management Suite uninstaller screen is displayed. 2. Click Next. By default, the Remove radio button is selected that uninstalls all the Wyse Management Suite installer components.
6 Troubleshooting Wyse Management Suite This section provides troubleshooting information for Wyse Management Suite. Problems with accessing Wyse Management Suite web console • Problem: When you attempt to connect to the Wyse Management Suite console, authentication GUI is not displayed and an HTTP Status 404 page is displayed. Workaround: Stop and start the services in the following order: • 1. Dell WMS: MariaDB 2. Dell WMS: memcached 3. Dell WMS: MongoDB 4. Dell WMS: MQTT broker service 5.
NOTE: By default Wyse Management Suite installs self-signed certificates. CA validation must be disabled for devices to communicate with the Wyse Management Suite server. Error while sending commands to the device Problem: Not able to send commands such as package update, reboot to device and so on. Workaround: • • • 32 Ensure that the Dell WMS: MQTT broker service is running on the Wyse Management Suite server. Check if port 1883 is open.
7 Wyse Device Agent The Wyse Device Agent (WDA) is a unified agent for all thin client management solutions. If you install WDA, you can manage thin clients using Wyse Management Suite. The following three types of customer security environments are supported by the Wyse Device Agent: • Highly secured environments—To mitigate the risk against rouge DHCP or DNS server for new device discovery, administrators must log in to each device individually and configure the Wyse Management Suite server URL.
8 Additional resources For video tutorials about: • • 34 Installing Wyse management suite, see Installation of Wyse Management Suite. Automatic configuration of ThinOS clients using Wyse Management Suite On-Premise with DHCP option tags, see Configuring ThinOS devices using Wyse Management Suite.
A Remote database A remote or cloud database (DB) is a database that is built for a virtualized environment, such as hybrid cloud, public cloud, or private cloud. In Wyse Management Suite, you can configure either the Mongo database (MongoDB) or the Maria database (MariaDB) or both databases based on your requirement. Topics: • • Configure Mongo database Configure Maria database Configure Mongo database Mongo database (MongoDB) operates on the Transmission Control Protocol (TCP) port number 27017.
{role:"dbOwner",db:"stratus"}] } ) 12. To switch to the stratus database, run the following command: use stratus; 13. To stop the MongoDB services, run the following command: net stop mongoDB 14. Add an authentication permission to the admin DB. Modify the mongod.cfg file to the following: systemLog: destination:file path:c:\data\log\mongod.log storage: dbPath:c:\data\db security: authorization:enabled 15.
B Custom installation In custom installation, you can select a database to set up Wyse Management Suite, and you must know the basic technical working knowledge of Wyse Management Suite. Dell recommends custom installation only for advanced users. 1. Select the Setup Type as Custom, and click Next. Figure 18. Setup type The Mongo Database Server page is displayed. 2. Select either Embedded MongoDB or External MongoDB as the Mongo database server.
• Figure 19. Embedded Mongo Database Server If External MongoDB is selected, then provide user name, password, database server details, and the port details, and click Next. NOTE: The port field populates the default port which can be changed.
Figure 20. External MongoDB The MariaDB Database Server page is displayed. 3. Select either Embedded MariaDB or External MariaDB as the MariaDB database server. • If Embedded MariaDB is selected, provide user name and password, and click Next.
• Figure 21. Embedded MariaDB If External MariaDB is selected, provide user name, password, database server details and the port details, and click Next. The port field populates the default port which can be changed.
Figure 22. External MariaDB 4. The Port page is displayed which allows you to customize the ports for the following databases: • • • • • Apache Tomcat MySQL database Mongo database MQTT v3.
Figure 23. Port selection NOTE: Wyse Management Suite uses the Maria database and Mongo database for the following: Maria database—Relational database for data that requires well-defined structure and normalization Mongo database—No-SQL database for performance and scalability To complete the installation, follow the steps in the section Installing WMS on-premise and initial setup.
C Wyse Management Suite feature matrix The following table provides information about the features supported for each subscription type: Table 4.
Features Wyse Management Suite Standard Wyse Management Suite Pro-private cloud Wyse Management Suite Procloud edition Two-factor authentication Supported Supported Supported Active directory authentication for role based administration.
D Accessing file repository File repositories are places where files are stored and organized. Wyse Management Suite has two types of repositories: • • Local Repository—During the Wyse Management Suite private cloud installation, provide the local repository path in the Wyse Management Suite installer. After the installation, go to Portal Admin > File Repository and select the local repository. Click the Edit option to view and edit the repository settings.
E Create and configure DHCP option tags NOTE: For information on customer security environment, see Wyse Device Agent. To create a DHCP option tag, do the following: 1. Open the Server Manager. 2. Go to Tools, and click DHCP option. 3. Go to FQDN > IPv4 and right-click IPv4. Figure 24. DHCP 4. Click Set Predefined Options. The Predefined Options and Values window is displayed. 5. From the Option class drop-down list, select the DHCP Standard Option value.
Figure 25. Predefined Options and Values 6. Click Add. The Option Type window is displayed. Figure 26. Option Type The options must be either added to the server options of the DHCP server or scope options of the DHCP scope. Configuring the DHCP option tags • To create the 165 Wyse Management Suite server URL option tag, do the following: 1. Enter the following values, and click OK. • Name—WMS • Data type—String • Code—165 • Description—WMS_Server 2. Enter the following value, and then click OK.
• Figure 27. 165 Wyse Management Suite server URL option tag To create the 166 MQTT server URL option tag, do the following: 1. Enter the following values, and click OK. • Name—MQTT • Data type—String • Code—166 • Description—MQTT Server 2. Enter the following value, and click OK. String—MQTT FQDN For example, WMSServerName.YourDomain.
• Figure 28. 166 Wyse Management Suite server URL option tag To create the 167 Wyse Management Suite CA Validation server URL option tag, do the following: 1. Enter the following values, and click OK. • Name—CA Validation • Data type—String • Code—167 • Description—CA Validation 2. Enter the following values, and click OK.
Figure 29. 167 Wyse Management Suite server URL option tag • To create the 199 Wyse Management Suite Group Token server URL option tag, do the following: 1. Enter the following values, and click OK. • Name—Group Token • Data type—String • Code—199 • Description—Group Token 2. Enter the following values, and click OK.
Figure 30.
F Create and configure DNS SRV records NOTE: For information on customer security environment, see Wyse Device Agent. To create a DNS SRV record, do the following: 1. Open the Server Manager. 2. Go to Tools, and click DNS option. 3. Go to DNS > DNS Server Host Name > Forward Lookup Zones > Domain > _tcp and right-click the _tcp option. Figure 31. DNS manager 4. Click Other New Records. The Resource Record Type window is displayed. 5.
Figure 32. Resource Record Type a) To create Wyse Management Suite server record, enter the following details and click OK.
Figure 33. _WMS_MGMT service b) To create MQTT server record, enter the following values, and then click ÓK.
Figure 34. _WMS_MQTT service 6. Go to DNS > DNS Server Host Name > Forward Lookup Zones > Domain and right-click the domain. 7. Click Other New Records. 8.
Figure 35. Resource Record Type a) To create Wyse Management Suite Group Token record, enter the following values, and click OK.
Figure 36. _WMS_GROUPTOKEN record name b) To create Wyse Management Suite CA validation record, enter the following values, and then click OK.
Figure 37.
G Creating and deploying advanced application policy to thin clients To deploy an advanced application policy to thin clients, do the following: 1. Copy the application and the pre/post install scripts (if necessary) to deploy to the thin clients in the thinClientApps folder in the local repository or the Wyse Management Suite repository. 2. Go to Apps&Data > AppInventory and select Thin Client to verify if the application is registered. 3. Click Thin Client under App Policies. 4. Click Add Advanced Policy.
H Registering Windows Embedded Standard device manually Windows Embedded Standard devices can be registered manually by launching the WDA UI icon on the taskbar. 1. Select Wyse Management Suite-WMS as the management server. 2. Enter an appropriate tenant and group name. If this field is left blank, devices are registered to an unmanaged group. (Optional) 3. Click Register. Figure 38.
I Registering Linux device manually Linux devices can be registered manually by launching the WDA UI icon from System Settings. 1. Enter the WMS Server details. 2. Enter an appropriate tenant and group name. If this field is left blank, devices are registered to an unmanaged group. (Optional) 3. Click Register. The device is registered to the Wyse Management Suite console. Figure 39.
J Terms and definitions The following table lists the terms used in this document and their definitions: Table 5. Terms and definitions Terminology Definition Private cloud Wyse Management Suite server installed on the cloud that is private to your organization’s datacenter. WDA Wyse Device Agent which resides in the device and acts as an agent for communication between server and client.