- This topic has 9 replies, 2 voices, and was last updated 4 years, 9 months ago by
.
-
Posts
-
Hello all,
So I’m kind of new to the Wyse environment but have been asked to check if it is possible to disable the CTRL+ESC functionality at boot (ThinOS) or if it is possible to password protect it.The reason why is that it is possible to enter into Admin Mode without having to enter the credentials.
Hope some of you out there can help me.
Some data :
– Wyse 5010
– ThinOS 8.6_019How do you configure your clients?
Disabling isn’t possible. However, preventing users from getting access to the system can be done.CG
Thank you for the very fast reply.
Not sure what you mean with your question.
We use a combination of WMS policies and $MAC.ini to configure them.OK, then go to the local client, open System Tools – wms.ini and post it here along with your mac.ini
CG
Hello,
Thank you and sorry for the delay.
Below you can find the wms.ini , I didn’t post the mac.ini, because we don’t really use that one except for specific network or video configurations (special resolutions, etc…).
Hope you’ll be able to help.
============================================================
FileServer=”URLtoWMS”
RootPath=rootpathwyse/
DefaultUser=”” DefaultDomain=Domain
TimeZone=”GMT + 01:00″ ManualOverride=Yes TimeZoneName=”Romance” daylight=No
Signon=Yes SaveLastDomainUser=no LastUserName=No
TimeServer=NTP_IP DateFormat=dd/mm/yyyy TimeFormat=”24-hour format”
DisableDomain=Yes
EnableGKey=Yes
PlatformConfig=All EncryptFS=Yes
WDMService=No QuickMode=No
ThinPrintEnable=No
MaxVNCD=No
FastDisconnect=No
AdminMode=Yes Admin-Username=Encrypted_User Admin-Password=Encrypted_Pwd ShowAdmin=Yes
Privilege=low EnableTrace=Yes LockDown=No ShowDisplaySettings=Yes EnableKeyboardMouseSettings=Yes DisableChangeDateTime=Yes
SignOn=Yes ExpireTime=0 RequireSmartCard=Yes SCRemovalBehavior=1 DisableGuest=Yes
MaxVNCD=0 VNCD_8bits=No VNCD_Zlib=No
SecurityPolicy=warning SecuredNetworkProtocol=No DNSFileServerDiscover=Yes
DesktopColorDepth=32
Screen=1 Resolution=DDC Rotate=None refresh=60
Dualhead=Yes Mainscreen=1 Align=Bottom Swap=No Taskbar=mainScreen Orientation=hort MonitorAutoDetect=Yes
ScreenSaver=15 Type=2 Image=logo_EN_small.jpg PictureTimer=6 PictureOrder=Default PictureCheck=always PictureLayout=stretch
Screen=2 Resolution=ddc refresh=60 rotate=none
AutoSignoff=yes Shutdown=no Reboot=no
ShutdownCounter=10
desktop=”wallpaper.jpg” layout=Stretch
FormURL=logo_small.jpg
SysMode=VDI Toolbardisablemouse=no Toolbardelay=0 toolbarautoquit=Yes Toolbar_no_conmgr=No Toolbardisablehotkey=No Toolbarenableonesession=No toolbarstay=1 toolbarclick=No ToolBarAutoQuit=No EnableLogonMainMenu=No
PNliteServer=https://storefront_URL/citrix/store StoreFront=no CustomStoreName=”” DefaultSettings=”” ReconnectFromButton=0 AutoConnectList=”Default Desktop” RequestIconDataCount=10 ReconnectAtLogon=0PasswordServer=”” AccountSelfService=yes
SessionConfig=ica \
ondesktop=all PasswordExpireNotify=yes AudioQuality=high DiskMapTo=”” DesktopMode=fullscreen SessionReliability=no USBRedirection=hdx HDXFlashUseFlashRemoting=Always HDXFlashEnableServerSideContentFetching=Enabled EnableRTME=yes FlipByTimer=0MultiFarm=no MultiDomain=no
MultiLogon=no SequentialDomain=no
DefaultUser=”” DefaultDomain=””
Password=””
SessionConfig=all \
unmapprinters=no unmapserials=no disablesound=no mapdisks=yes disksreadonly=no unmapusb=no VUSB_DISKS=yes VUSB_AUDIO=yes VUSB_PRINTER=yes VUSB_VIDEO=yes MultiMonitor=yes FullScreen=yesReconnect=0
NoReducer=no
LowBand=no
FastDisconnect=no
Seamless=yes fullscreenreserved=yes
EnableRAVE=yes
Alternate=no
Device=vusb \
ForceRedirect=”” ForceLocal=”” Type=HDX InterfaceRedirect=noAutoPower=yes
Locale=us load=no
MirrorFileServer=yes
TerminalName=$tn reboot=no
Inactive=0 NoSessionTimer=0
Open your WMS policy and go to Security. You should see that your Privilege level is set to “Low”.
Enable the next checkbox “Allow lockdown”.
This should fix your issue.CG
Thank you.
Is this checkbox only available in 1.4 or maybe only in Pro-license ? Because I don’t see it in mine ?
Could be 1.4.
If you are not willing to update to 1.4 you can also add
Privilege=low Lockdown=yes
to the Advanced section.CG
Thank you, Thomas.
This does indeed seem to do the trick. We’re looking into upgrading to 1.4, but have to test it first.
PS: I tried to log in to the website several times yesterday (throughout the day) but got an 503-error, server unavailable.
- You must be logged in to reply to this topic.