HP t628 Administrator Guide 1 - Page 51
Active Directory integration, Login screen, Single sign-on, Desktop
View all HP t628 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 51 highlights
6 Active Directory integration By using Active Directory integration, you can force users to log in to the thin client using domain credentials. Optionally, those credentials can be encrypted and stored and then later supplied to remote connections as they start, which is a process known as single sign-on. NOTE: Enabling authentication requires no special domain permissions. There are two modes in which Active Directory integration can operate. By simply enabling authentication against the domain, domain credentials can be used for the following operations: ● Logging in to the thin client ● Starting a connection using Single Sign-On ● Switching to administrator mode using administrative credentials ● Unlocking a locked screen using the login credentials ● Overriding a locked screen using administrative credentials The thin client can also be formally joined to the domain. This adds the thin client to the domain's database and might enable dynamic DNS, where the thin client informs the DNS server of changes in its IP address or hostname association. Unlike domain authentication, a formal join requires credentials of a domain user authorized to add clients to the domain. Joining to the domain is optional. All domain functions except dynamic DNS are available without joining. Login screen When domain authentication is enabled, ThinPro displays a domain login screen upon startup. The login screen also includes options that might be necessary to configure before logging in. The background desktop layout, login dialog style, login dialog text, and which buttons are available can all be adjusted via registry settings and/or configuration file settings. For more information, see the HP ThinPro white paper Login Screen Customization (available in English only). If the system detects that the user tried to log in with expired credentials, they are prompted to update their credentials. Single sign-on After a domain user has logged in, the credentials that were used can also be presented at startup to any connection configured to use them. This allows a user to sign in to the thin client and start Citrix, VMware Horizon View, and RDP sessions without having to enter their credentials again, for as long as they are logged in to the thin client. Desktop Once the user has successfully logged in using domain credentials, an Active Directory icon is available on the taskbar. The user can select the icon to perform the following functions: Login screen 39