Users Guide
Table Of Contents
Authentication
ThinOS supports the following configuration options for users or processes to authenticate to the product subsystems.
● Account privilege levels
● VDI broker agent authentication
● Active domain authentication
● Multifactor, token, and certificate-based authentication
● Authentication application support
● Unauthenticated authentication support
●
Wyse Management Suite server authentication
For more information about the authentication types, see Authentication types and setup.
Login security settings
● Login banner configuration—ThinOS enables you to configure the banner or logo for the login window. Use the local
Admin Policy Tool or Wyse Management Suite to upload your preferred login banner or logo image.
1. On the ThinOS client, open Admin Policy Tool, or go to the ThinOS 9.x policy settings on Wyse Management Suite.
The Configuration Control | ThinOS page is displayed.
2. On the Advanced tab, expand Login Experience, and click Login Settings.
3. In the Login Experience section, browse and select a logo that is to be displayed in the login window.
4. Click Save & Publish.
● Legal notice configuration—ThinOS enables you to configure a legal notification file to be displayed in the login window.
Use the local Admin Policy Tool or Wyse Management Suite to configure the legal notification file.
1. On the ThinOS client, open Admin Policy Tool, or go to the ThinOS 9.x policy settings on Wyse Management Suite.
The Configuration Control | ThinOS page is displayed.
2. On the Advanced tab, expand Login Experience, and click Login Settings.
3. In the Login Experience section, browse and select a legal notification file to be displayed during sign-on. User must
accept the legal notification to continue the sign-on process.
4. In the Notice File Title field, enter the title for the notification dialog box.
5. In the Notice File Title Button Caption field, specify the name for the button that is displayed in the notification dialog
box.
6. Click Save & Publish.
● End User License Agreement (EULA) acceptance—When you start the ThinOS client for the first time or perform a
factory reset, the End-User License Agreement (EULA) screen is displayed. EULAs must be read and accepted to continue
using ThinOS. By default, the Dell EULA and HID EULA are displayed. The third-party EULAs are displayed on the EULA
screen depending on the ThinOS application packages that you install on the thin client.
● Failed Login behavior and user account lockout—ThinOS reloads the login UI when you enter incorrect login credentials.
You can log in to ThinOS only if the authentication is successful. However, you can configure the user account lockout for
remote broker agent or domain controller using the AD group policies.
Authentication types and setup
● Local UI privilege level and Administrator mode—Local UI privilege level can be set to None, Customized, or High. You
can enable or disable the local UI Administrator mode using either the local Admin Policy Tool or Wyse Management Suite.
For more information about account privileges and administrator mode, see Security profiles.
● Networks and VPN authentication—ThinOS supports authentication to both wired and WiFi network connections.
Supported authentication types include Open, WPA/WPA2 Personal, WPA/WPA2 Enterprise, and 802.1x authentication.
You can configure the authentication settings using either the local Admin Policy Tool or Wyse Management Suite. If your
privilege level allows you to access the local UI, you can configure the authentication settings from the local ThinOS client.
ThinOS uses the OpenConnect client that is based on the SSL protocol for connecting to a VPN. Use a valid username and
password to establish a VPN connection. You can configure the VPN settings using either the local Admin Policy Tool or
Wyse Management Suite. If your privilege level allows you to access the local UI, you can configure the VPN settings from
the local ThinOS client.
10
Product and subsystem security