Tagged: Admin mode, ctrl+esc, thinOS
- This topic has 9 replies, 2 voices, and was last updated 4 years, 9 months ago by Photoclix.
-
AuthorPosts
-
July 10, 2019 at 1:04 pm #50254
Hello all,
So I’m kind of new to the Wyse environment but have been asked to check if it is possible to disable the CTRL+ESC functionality at boot (ThinOS) or if it is possible to password protect it.The reason why is that it is possible to enter into Admin Mode without having to enter the credentials.
Hope some of you out there can help me.
Some data :
– Wyse 5010
– ThinOS 8.6_019July 10, 2019 at 1:22 pm #50255How do you configure your clients?
Disabling isn’t possible. However, preventing users from getting access to the system can be done.CG
July 10, 2019 at 1:25 pm #50256Thank you for the very fast reply.
Not sure what you mean with your question.
We use a combination of WMS policies and $MAC.ini to configure them.July 11, 2019 at 10:24 am #50289OK, then go to the local client, open System Tools – wms.ini and post it here along with your mac.ini
CG
July 15, 2019 at 8:53 am #50305Hello,
Thank you and sorry for the delay.
Below you can find the wms.ini , I didn’t post the mac.ini, because we don’t really use that one except for specific network or video configurations (special resolutions, etc…).
Hope you’ll be able to help.
============================================================
FileServer=”URLtoWMS”
RootPath=rootpathwyse/
DefaultUser=”” DefaultDomain=Domain
TimeZone=”GMT + 01:00″ ManualOverride=Yes TimeZoneName=”Romance” daylight=No
Signon=Yes SaveLastDomainUser=no LastUserName=No
TimeServer=NTP_IP DateFormat=dd/mm/yyyy TimeFormat=”24-hour format”
DisableDomain=Yes
EnableGKey=Yes
PlatformConfig=All EncryptFS=Yes
WDMService=No QuickMode=No
ThinPrintEnable=No
MaxVNCD=No
FastDisconnect=No
AdminMode=Yes Admin-Username=Encrypted_User Admin-Password=Encrypted_Pwd ShowAdmin=Yes
Privilege=low EnableTrace=Yes LockDown=No ShowDisplaySettings=Yes EnableKeyboardMouseSettings=Yes DisableChangeDateTime=Yes
SignOn=Yes ExpireTime=0 RequireSmartCard=Yes SCRemovalBehavior=1 DisableGuest=Yes
MaxVNCD=0 VNCD_8bits=No VNCD_Zlib=No
SecurityPolicy=warning SecuredNetworkProtocol=No DNSFileServerDiscover=Yes
DesktopColorDepth=32
Screen=1 Resolution=DDC Rotate=None refresh=60
Dualhead=Yes Mainscreen=1 Align=Bottom Swap=No Taskbar=mainScreen Orientation=hort MonitorAutoDetect=Yes
ScreenSaver=15 Type=2 Image=logo_EN_small.jpg PictureTimer=6 PictureOrder=Default PictureCheck=always PictureLayout=stretch
Screen=2 Resolution=ddc refresh=60 rotate=none
AutoSignoff=yes Shutdown=no Reboot=no
ShutdownCounter=10
desktop=”wallpaper.jpg” layout=Stretch
FormURL=logo_small.jpg
SysMode=VDI Toolbardisablemouse=no Toolbardelay=0 toolbarautoquit=Yes Toolbar_no_conmgr=No Toolbardisablehotkey=No Toolbarenableonesession=No toolbarstay=1 toolbarclick=No ToolBarAutoQuit=No EnableLogonMainMenu=No
PNliteServer=https://storefront_URL/citrix/store StoreFront=no CustomStoreName=”” DefaultSettings=”” ReconnectFromButton=0 AutoConnectList=”Default Desktop” RequestIconDataCount=10 ReconnectAtLogon=0PasswordServer=”” AccountSelfService=yes
SessionConfig=ica \
ondesktop=all PasswordExpireNotify=yes AudioQuality=high DiskMapTo=”” DesktopMode=fullscreen SessionReliability=no USBRedirection=hdx HDXFlashUseFlashRemoting=Always HDXFlashEnableServerSideContentFetching=Enabled EnableRTME=yes FlipByTimer=0MultiFarm=no MultiDomain=no
MultiLogon=no SequentialDomain=no
DefaultUser=”” DefaultDomain=””
Password=””
SessionConfig=all \
unmapprinters=no unmapserials=no disablesound=no mapdisks=yes disksreadonly=no unmapusb=no VUSB_DISKS=yes VUSB_AUDIO=yes VUSB_PRINTER=yes VUSB_VIDEO=yes MultiMonitor=yes FullScreen=yesReconnect=0
NoReducer=no
LowBand=no
FastDisconnect=no
Seamless=yes fullscreenreserved=yes
EnableRAVE=yes
Alternate=no
Device=vusb \
ForceRedirect=”” ForceLocal=”” Type=HDX InterfaceRedirect=noAutoPower=yes
Locale=us load=no
MirrorFileServer=yes
TerminalName=$tn reboot=no
Inactive=0 NoSessionTimer=0
July 15, 2019 at 11:49 am #50309Open your WMS policy and go to Security. You should see that your Privilege level is set to “Low”.
Enable the next checkbox “Allow lockdown”.
This should fix your issue.CG
July 15, 2019 at 12:10 pm #50313Thank you.
Is this checkbox only available in 1.4 or maybe only in Pro-license ? Because I don’t see it in mine ?
July 16, 2019 at 12:07 pm #50325Could be 1.4.
If you are not willing to update to 1.4 you can also add
Privilege=low Lockdown=yes
to the Advanced section.CG
July 17, 2019 at 6:54 am #50344Thank you, Thomas.
This does indeed seem to do the trick. We’re looking into upgrading to 1.4, but have to test it first.
PS: I tried to log in to the website several times yesterday (throughout the day) but got an 503-error, server unavailable.
July 17, 2019 at 8:08 am #50345In the mean time, I can confirm that the lockdown checkbox is only available in WMS v1.4 , not in v1.3.
Thank you.
-
AuthorPosts
- You must be logged in to reply to this topic.