Manualshelf

HP Device Manager 4.6 - HP t5740 Windows XPe Support Guide

ManualsBrandsHP ManualsSoftwareHP Device Manager
12345678910
Overview
There is only limited support for Windows XP Embedded (XPe) for HP Device Manager (HPDM, but there have been many
requests for assistance from users who are attempting to use HPDM to manage their legacy HP t5740 thin clients running
XPe. The new HPDM features might not work with an HP t5740 thin client running XPe. The latest stable HPDM release that
has been fully tested with this configuration is HP Device Manager 4.4 (Installer version: 4.4.12440, built on 08/29/2011).
HP recommends using this earlier version be used to manage XPe thin clients. However, there might be situations, such as a
mixed environment with older models running XPe and newer HP thin client models running a different operating system
that require using the current version of HPDM.
The purpose of this white paper is to provide troubleshooting assistance for the management of HP t5740 thin clients
running XPe using HPDM 4.5 or higher. This document refers to HPDM 4.6 and XPe 5.1.810 Rev. A. This document also
provides details on the known limitations of using later versions of HPDM to manage XPe devices.
Updating the HPDM Agent
Updating the HPDM Agent on XPe thin clients will not work due to an issue with the firewall. Details and a workaround are
provided in the section Updating the HPDM Agent.
Symantec Endpoint Protection (SEP) Firewall
Out of the box, the HP t5740 thin client running XPe uses Symantec Endpoint Protection (SEP) for its firewall. Because the
port requirements for HPDM have changed, the advanced rules in SEP need to be modified to allow the traffic for some new
or updated features. This document provides detailed instructions on how to configure the advanced rules and how to
create a task template to deploy the advanced rules in the section Symantec Endpoint Protection (SEP) Firewall.
VNC Shadowing
The security protocol for VNC shadowing of WES thin clients has changed from SSH to SSL and now encrypts both forward
and reverse shadow sessions. Details are provided in the section VNC Shadowing.
Imaging
There are several issues that might prevent a successful image capture of an XPe thin client. This document provides details
and workarounds to help create an image and template to deploy in the section Imaging.
Other HPDM 4.5 features
This document describes some of the HPDM 4.5 features that have been put though basic testing in the section Other HPDM
4.5 features.
Prerequisites
The examples in this document show an HP t5740 thin client running the latest version of XPe (5.1.810), and HPDM 4.5 SP2.
The example Master Repository is configured for FTP protocol and tested to ensure that a dynamic port range (PASV), is
working and that the needed ports are accessible through the firewall on the server.
For more information on the installation and FTP configuration, see the Installing HP Device Manager 4.6 and FTP Server
Configuration white papers available from the help menu in HPDM.
Updating the HPDM Agent
Whenever upgrading HPDM the first thing that needs to be done after the updating the system is to update the Agent on the
devices. This can be an issue for HP XPe thin clients when using an IIS 7 or higher FTP because the SEP firewall blocks
outbound connections to the PASV port range configured on the server. Even if the PASV ports in SEP are configured on the
devices, tasks to deploy the updated firewall rules fail because the file deployment mechanisn in current HPDM versions has
changed and requires the updated HPDM Agent.
Fortunately, this can be overcome by using a template sequence that stops the SEP service on the device and then performs
the HPDM Agent update. If the device has a fresh 5.1.810 image (from USB deployment), as in this example, then the HPDM
Agent will be at 4.0.3660.5803, which is quite old and has not been validated for update via an HPDM _Update Agent task.
The following procedure was tested to update the Agent from 4.0.3660.5803 to a current version.
Creating a template to stop the SEP firewall
To create a task template to disable the SEP firewall on the thin client:
3