Home » HP Manuals » Desktops » HP mt20 » Manual Viewer

HP mt20 Administrator Guide 1 - Page 62

Configuring HP Velocity, Security settings, Local Accounts, HP Velocity

Add to My Manuals
Save this manual to your list of manuals

Page 62 highlights

Note the following about creating a VPN using Cisco: ● The Gateway is the gateway's IP address or hostname. ● The Group name and Group password are the IPSec ID and IPSec password. ● The Domain setting is optional. ● The User name and User password are the user credentials that have rights to create a VPN connection on the server side. ● The Security Type should be set the same as it is on the server side. ● The NAT Traversal option should be set according to your VPN environment. ● The IKE DH Group option sets the Diffie-Hellman group to use for VPN. ● The PFS Type option sets the Diffie-Hellman group to use for Perfect Forward Secrecy. Note the following about creating a VPN using PPTP: ● The Gateway is the gateway's IP address or hostname. ● The NT Domain setting is optional. ● The User name and User password are the user credentials that have rights to create a VPN connection on the server side. Configuring HP Velocity Use the HP Velocity tab to configure HP Velocity settings. Go to http://www.hp.com/go/velocity for more information about the HP Velocity modes. Security settings Security settings can be configured using the Security Manager. To open the Security Manager, select Setup > Security in Control Panel. See the following sections for more information about the different tabs in the Security Manager. ● Local Accounts on page 50 ● Encryption on page 51 ● Options on page 51 Local Accounts The Local Accounts tab can be used to change the local root and user account passwords or to disable authentication using those accounts. CAUTION: Disabling the root and/or user accounts might leave your system in an unusable state unless Active Directory authentication is enabled. For example, if the root account is disabled, you will only be able to change to administrator mode using domain credentials of an administrator. However, disabling the local accounts might improve security when Active Directory authentication is enabled because you no longer have to maintain and update a shared secret such as the thin client's root password. If Active Directory authentication has been used and there is any cached data for domain users on the thin client, you can also delete the user's cached data from this tab. NOTE: If the user logged in using a domain account, they cannot delete their own account's data because it would leave the system in an indeterminate state. 50 Chapter 7 Control Panel

Section	Page
Getting started	13
Finding more information	13
Choosing an OS configuration	14
Choosing a remote management service	15
Starting the thin client for the first time	15
Switching between administrator mode and user mode	15
GUI overview	16
Desktop	16
Taskbar	17
Connection Manager (ThinPro only)	18
Connection configuration	19
Advanced connection settings	19
Kiosk mode	20
Connection types	21
Citrix	21
Citrix general settings	21
Options	21
Local Resources	22
Window	22
Firewall	23
Keyboard Shortcuts	23
Session	24
Citrix per-connection settings	24
Connection	24
Configuration	25
Advanced	26
RDP	26
RDP general settings	26
RDP per-connection settings	26
Network	26
Service	27
Window	28
Options	28
Local Resources	29
Experience	29
Diagnostics	30
Advanced	31
RemoteFX	31
RDP multi-monitor sessions	31
RDP multimedia redirection	31
RDP device redirection	32
RDP USB redirection	32
RDP mass storage redirection	32
RDP printer redirection	33
RDP audio redirection	33
RDP smart card redirection	34
VMware Horizon View	34
VMware Horizon View per-connection settings	34
Network	34
General	35
Security	35
RDP Options	36
RDP Experience	37
Advanced	38
VMware Horizon View multi-monitor sessions	38
VMware Horizon View keyboard shortcuts	38
VMware Horizon View multimedia redirection	38
VMware Horizon View device redirection	39
VMware Horizon View USB redirection	39
VMware Horizon View mass storage redirection	39
VMware Horizon View printer redirection	39
VMware Horizon View audio redirection	39
VMware Horizon View smart card redirection	40
VMware Horizon View webcam redirection	40
Changing the VMware Horizon View protocol	40
VMware Horizon View HTTPS and certificate management requirements	41
Web Browser	42
Web Browser general settings	42
Web Browser per-connection settings	42
Configuration	42
Advanced	42
Additional connection types (ThinPro only)	43
TeemTalk	43
Configuration	43
TeemTalk Session Wizard	43
Advanced	44
XDMCP	44
Configuration	45
Advanced	45
SSH	45
Configuration	45
Advanced	46
Telnet	46
Configuration	46
Advanced	46
Custom	46
Configuration	46
Advanced	47
HP True Graphics	48
Server-side requirements	48
Client-side requirements	48
Client-side configuration	48
Compression settings	48
Window settings	49
Monitor layout and hardware limitations	49
Enabling HP True Graphics for multiple monitors on the HP t420	49
Tips & best practices	50
Active Directory integration	51
Login screen	51
Single sign-on	51
Desktop	51
Screen lock	52
Administrator mode	52
Settings and the domain user	52
Control Panel	53
Peripherals	53
Client aggregation	54
Configuring client aggregation	55
Configuring the aggregation clients	55
Configuring the aggregation server	56
Display preferences	56
Configuring printers	56
Redirecting USB devices	57
Setup	57
Network settings	58
Wired network settings	58
Wireless network settings	59
DNS settings	61
IPSec rules	61
Configuring VPN settings	61
Configuring HP Velocity	62
Security settings	62
Local Accounts	62
Encryption	63
Options	63
Customization Center	63
Management	64
Component Manager	65
Removing components	65
Undoing a change	65
Applying the changes permanently	66
Active Directory configuration	66
Status tab	66
Options tab	66
HP ThinState	67
Managing an HP ThinPro image	67
Capturing an HP ThinPro image to an FTP server	67
Deploying an HP ThinPro image using FTP or HTTP	67
Capturing an HP ThinPro image to a USB flash drive	68
Deploying an HP ThinPro image with a USB flash drive	68
Managing a client profile	69
Saving a client profile to an FTP server	69
Restoring a client profile using FTP or HTTP	69
Saving a client profile to a USB flash drive	69
Restoring a client profile from a USB flash drive	70
VNC Shadowing	70
Advanced	71
Certificates	71
Certificate Manager	71
SCEP Manager	71
DHCP options	72
System information	73
HP Smart Client Services	74
Supported operating systems	74
Prerequisites for HP Smart Client Services	74
Obtaining HP Smart Client Services	74
Viewing the Automatic Update website	74
Creating an Automatic Update profile	75
MAC-address-specific profiles	75
Updating thin clients	76
Using the broadcast update method	76
Using the DHCP tag update method	76
Example of performing DHCP tagging	76
Using the DNS alias update method	76
Using the manual update method	77
Performing a manual update	77
Profile Editor	78
Opening Profile Editor	78
Loading a client profile	78
Client profile customization	78
Selecting the platform for a client profile	78
Configuring a default connection for a client profile	79
Modifying the registry settings of a client profile	79
Adding files to a client profile	79
Adding a configuration file to a client profile	79
Adding certificates to a client profile	80
Adding a symbolic link to a client profile	80
Saving the client profile	80
Serial or parallel printer configuration	81
Obtaining the printer settings	81
Setting up printer ports	81
Installing printers on the server	81
Troubleshooting	83
Troubleshooting network connectivity	83
Troubleshooting Citrix password expiration	83
Using system diagnostics to troubleshoot	83
Saving system diagnostic data	84
Uncompressing the system diagnostic files	84
Uncompressing the system diagnostic files on Windows-based systems	84
Uncompressing the system diagnostic files in Linux- or Unix-based systems	84
Viewing the system diagnostic files	84
Viewing files in the Commands folder	84
Viewing files in the /var/log folder	85
Viewing files in the /etc folder	85
USB updates	86
HP ThinUpdate	86
BIOS tools (desktop thin clients only)	87
BIOS settings tool	87
BIOS flashing tool	87
Resizing the flash drive partition	88
Registry keys	89
Audio	89
CertMgr	90
ComponentMgr	90
ConnectionManager	90
ConnectionType	91
custom	91
firefox	94
freerdp	98
ssh	107
teemtalk	111
telnet	114
view	117
xdmcp	125
xen	129
DHCP	140
Dashboard	140
Display	141
Domain	143
Network	144
Power	154
SCIM	155
ScepMgr	155
Search	156
Serial	157
SystemInfo	157
TaskMgr	158
USB	158
auto-update	159
background	160
config-wizard	161
desktop	162
entries	162
keyboard	163
logging	164
login	164
mouse	164
restore-points	165
screensaver	165
security	166
shutdown	167
sshd	167
time	168
touchscreen	169
translation	170
usb-update	170
users	170
vncserver	173

Match case Limit results 1 per page

Note the following about creating a VPN using Cisco:

●

The

Gateway

is the gateway’s IP address or hostname.

●

The

Group name

and

Group password

are the IPSec ID and IPSec password.

●

The

Domain

setting is optional.

●

The

User name

and

User password

are the user credentials that have rights to create a VPN connection

on the server side.

●

The

Security Type

should be set the same as it is on the server side.

●

The

NAT Traversal

option should be set according to your VPN environment.

●

The

IKE DH Group

option sets the

Diﬀie-Hellman

group to use for VPN.

●

The

PFS Type

option sets the

Diﬀie-Hellman

group to use for Perfect Forward Secrecy.

Note the following about creating a VPN using PPTP:

●

The

Gateway

is the gateway’s IP address or hostname.

●

The

NT Domain

setting is optional.

●

The

User name

and

User password

are the user credentials that have rights to create a VPN connection

on the server side.

Conﬁguring

HP Velocity

Use the

HP Velocity

tab to

conﬁgure

HP Velocity settings. Go to

http://www.hp.com/

go/velocity

for more

information about the HP Velocity modes.

Security settings

Security settings can be

conﬁgured

using the Security Manager. To open the Security Manager, select

Setup >

Security

in Control Panel.

See the following sections for more information about the

diﬀerent

tabs in the Security Manager.

●

Local Accounts

on page

●

Encryption

on page

●

Options

on page

Local Accounts

The Local Accounts tab can be used to change the local root and user account passwords or to disable

authentication using those accounts.

CAUTION:

Disabling the root and/or user accounts might leave your system in an unusable state unless

Active Directory authentication is enabled. For example, if the root account is disabled, you will only be able to

change to administrator mode using domain credentials of an administrator. However, disabling the local

accounts might improve security when Active Directory authentication is enabled because you no longer have

to maintain and update a shared secret such as the thin client’s root password.

If Active Directory authentication has been used and there is any cached data for domain users on the thin

client, you can also delete the user’s cached data from this tab.

NOTE:

If the user logged in using a domain account, they cannot delete their own account’s data because it

would leave the system in an indeterminate state.

Chapter 7

Control Panel