Administrator Guide
Table Of Contents
- Windows 10 Enterprise 2019 LTSC for Dell Wyse Thin Clients Administrator’s Guide
- Contents
- Introduction
- Getting started
- Accessible applications
- Browsing with Internet Explorer
- Using the Dell Thin Client Application
- Using VMware Horizon Client to connect to virtual desktop
- Citrix Workspace app
- Configuring remote desktop connection session services
- Using Ericom Connect and WebConnect client
- Using Ericom PowerTerm Terminal Emulation
- Windows Media Player
- Wyse Easy Setup
- Overlay Optimizer
- Cisco Jabber Softphone for VDI
- Administrative features
- Using Administrative tools
- Using TPM and BitLocker
- Configuring Bluetooth connections
- Configuring wireless local area network settings
- Using custom fields
- Configuring RAM disk size
- Enabling auto logon
- System shortcuts
- Viewing and configuring SCCM components
- Devices and printers
- Configuring multi-monitor display
- Managing audio and audio devices
- Additional language support
- Setting region
- Managing user accounts
- Using Windows Defender
- Windows Defender Advanced Threat Protection
- Threat Defense
- Endpoint Security Suite Enterprise
- C-A-D tool
- Wyse Device Agent
- Citrix HDX RealTime Media Engine
- Viewing and exporting operating system image manifest files
- Additional administrator utility and settings information
- Automatically launched utilities
- Utilities affected by log off, restart, and shut down
- Unified Write Filter
- Application Launch Manager
- xData Cleanup Manager
- Capturing logfiles
- Saving files and using local drives
- Mapping network drives
- Participating in domains
- Using the Net and Tracert utilities
- Managing Users and Groups with User Accounts
- Changing the computer name of a thin client
- Removing language and feature on demand packages
- Language codes
- Adding languages to LTSC 2019 (RS5)
- Windows 10 IoT enterprise language packages
- Imaging using Dell Application Control Center
- System administration
- Network architecture and server environment
- Installing firmware using USB Imaging Tool
- Frequently asked questions
- How to install Skype for Business
- How to set up a smart card reader
- How to use USB Redirection
- How to prepare a Windows 10 IoT Enterprise operating system image for capture
- Using Wyse Management Suite
- How to capture and push Windows 10 IoT Enterprise operating system image
- How to update Windows 10 IoT Enterprise 2016 LTSB to Windows 10 IoT Enterprise 2019 LTSC
- Troubleshooting
- Keyboard customization issues
- Resolving memory issues
- CADMAP tool interfering with published application shortcut keys
- WiFi settings configured from Wyse Management Suite are not persistent across multiple Wyse 5070 thin clients
- Wyse Management Suite registration information is not cleared after the Sysprep process
6. Go to C:\Windows\Setup.
7. Run Build_master.
8. Run Custom Sysprep if you are using Wyse Management Suite or USB Imaging tool or ConfigMgr Sysprep if you are
using System Center Configuration Manager.
The thin client automatically turns off.
9. Turn on the thin client and pull the image from the thin client.
10. After the image pull is complete, push the image to the target client. Wait for the execution of first boot scripts and
BitLocker encryption to complete.
When the Sysprep is completed the target thin client reboots and the TPM is enabled.
11. Enter the BitLocker password and verify the new alphanumeric password.
12. Log in to the administrator account and verify the encryption of the C drive.
NOTE: To update the BIOS in BitLocker encryption do the following:
a. Copy the BIOS executable file to the USB drive.
b. Connect the USB to the respective thin client.
c. Right-click the BIOS executable and select Run as administrator.
d. Select the Suspend BitLocker Drive Encryption checkbox and then click Update. Thin client reboots and the
BIOS is updated. Also the BitLocker is suspended for one reboot.
e. Reboot the thin client to ensure that the BitLocker is active.
Initialize TPM and enable BitLocker manually
Steps
1. Log in to the administrator account.
2. Disable Unified Write Filter.
The thin client restarts.
3. Log in to the administrator account again.
4. Open tpm.msc using the run command menu.
5. Verify the TPM status in Trusted Platform Module Management on the thin client.
The status should be displayed as The TPM is ready for use.
6. Click Close in Trusted Platform Module Management on the thin client.
7. Open gpedit.msc using the run command menu.
8. Go to Local Group Policy > Computer Configuration > Administrative Templates > Windows Components >
BitLocker Drive Encryption > Operating System Drives > Require additional authentication.
9. In the Require additional authentication at startup window select the Enabled option.
The Allow BitLocker without a compatible TPM check box is selected by default.
10. Clear the Allow BitLocker without a compatible TPM check box.
11. Click Apply and then click OK.
12. Go to Local Group Policy > Computer Configuration > Administrative Templates > Windows Components >
BitLocker Drive Encryption > Operating System Drives > Allow enhanced PINs for startup.
13. In the Allow enhanced PINs for startup window select the Enabled radio button and click Apply.
14. Click OK.
15. Go to Local Group Policy > Computer Configuration > Administrative Templates > Windows Components >
BitLocker Drive Encryption > Operating System Drives > Configure TPM platform validation profile for native
UEFI firmware Configurations.
16. In the Configure TPM platform validation profile for native UEFI firmware Configurations window select the
Enabled radio button and click Apply.
17. Click OK.
18. Open gpupdate /force using the run command.
You can also restart the thin client to apply the group policies.
19. Go to Control Panel and click BitLocker Drive Encryption.
20. Click Turn on BitLocker in the Operating system drive section.
21. Select Enter a PIN (recommended) in the BitLocker Drive Encryption (C:) window.
Administrative features
19