Active Directory Integration HP ThinPro - Technical white paper
2
Summary
HP ThinPro 6.2 adds support for authentication using Active Directory credentials. Optionally, these credentials can be
encrypted and stored and then later supplied to remote connections as they start, a process known as single sign-on. In
addition, administrators can use their domain credentials to escalate to a local administrator, users can change their domain
passwords, and more.
The built-in Active Directory software allows an administrator to enable or disable authentication against a domain, to
require the thin client to formally join the domain, and to configure other domain parameters, such as the name of the
administrator group.
HP ThinPro includes new registry keys used with Active Directory integration. This document introduces how to set up Active
Directory functions by configuring these registry settings via a variety of management methods, including the Active
Directory Configuration window, HP Device Manager, and Smart Zero profiles.
Configuring Active Directory
You can use the Active Directory software to manage the Active Directory status of the HP ThinPro-based thin client.
To configure Active Directory:
1. In administrator mode, select the wrench icon in the taskbar, and then select Management.
2. Select Active Directory.
3. In the Active Directory Configuration window, make your changes, and then select Apply.
In this program, an administrator can configure the thin client to require users to log in, join the domain, and more. For more
information, see the administrator guide for HP ThinPro.
Active Directory registry keys
HP ThinPro 6.2 adds the following keys to support Active Directory domains.
• root/domain/domain
– Default Value: Empty string
– Description: Sets the domain to which this thin client is joined or which this thin client authenticates against.
• root/domain/domainJoined
– Default Value: 0
– Description: If set to 1, the thin client has been formally added to the domain. If set to 0, you can enable authentication,
but functions that require joining the domain might not be possible (for example, automatically updating a name server
via DDNS).
• root/domain/workgroup
– Default Value: Empty string
– Description: Sets the workgroup, or short domain, associated with the thin client's domain membership. This is referred
to as the NetBIOS domain name during the creation of the Active Directory domain. This value is usually detected
automatically when domain authentication is established. The value can be retrieved from a domain controller.
• root/domain/OU
– Default Value: Computers
– Description: Sets the organizational unit associated with the thin client's domain membership.
• root/domain/domainControllers
– Default Value: Empty string
– Description: Specifies the domain controllers to use with this domain in a comma-separated list. HP recommends using
the default value to automatically identify the domain controllers via DNS.
• root/domain/ddns
– Default Value: 0
– Description: If set to 1, the thin client attempts to update the DNS server with its hostname and IP address every time
the DHCP client requests a lease renewal.