- Notes, cautions, and warnings
- Introduction
- Getting started
- Accessible Applications
- Browsing the internet with Internet Explorer 11
- Using the Dell Thin Client Application
- Configuring Citrix receiver session services
- Configuring remote desktop connection session services
- Using VMware Horizon Client to connect to virtual desktop
- Configuring vWorkspace connection
- Using Ericom Connect and WebConnect client
- Using Ericom PowerTerm Terminal Emulation
- C-A-D tool
- Wyse Device Agent
- Citrix HDX RealTime Media Engine
- Microsoft Lync VDI 2013 plug-in
- Adobe Flash Player
- Windows Media Player
- Windows Defender Advanced Threat Protection
- Admin specific features
- Using Administrative tools
- Using TPM and BitLocker
- Configuring Bluetooth connections
- Configuring wireless local area network settings
- Using custom fields
- Configuring the RAMDisk Size
- Enabling auto logon
- System shortcuts
- Viewing and configuring SCCM components
- Devices and printers
- Configuring dual monitor display
- Managing audio and audio devices
- Setting region
- Managing user accounts
- Using Windows Defender
- Additional administrator utility and settings information
- Automatically launched utilities
- Utilities affected by log off, restart, and shut down
- Unified Write Filter
- Running Unified Write Filter command–line options
- Enabling and disabling the Write Filter using the desktop icons
- Setting Write Filter controls
- NetXClean utility
- Saving files and using local drives
- Mapping network drives
- Participating in domains
- Using the Net and Tracert utilities
- Managing Users and Groups with User Accounts
- Changing the computer name of a thin client
- System Administration
- Accessing thin client BIOS settings
- Accessing thin client boot menu
- Restoring BIOS default settings
- Unified Extensible Firmware Interface (UEFI) and secure boot
- WDM software for remote administration
- Configuring and using peripherals
- TightVNC—server and viewer
- TightVNC—Pre-requisites
- Using TightVNC to shadow a thin client
- Configuring TightVNC server properties on the thin client
- Network architecture and server environment
Bienvenue
Bienvenue dans l’univers Dell
Mon compte
- Passer des commandes rapidement et facilement
- Afficher les commandes et suivre l’état de votre expédition
- Créez et accédez à une liste de vos produits
- Gérer vos sites, vos produits et vos contacts au niveau des produits Dell EMC à l’aide de la rubrique Gestion des informations de l’entreprise.
Dell Wyse Windows 10 IoT Enterprise for Wyse 5060 Thin Client Administrator’s Guide
Using TPM and BitLocker
A TPM is a microchip designed to provide basic security-related functions, primarily involving encryption keys. BitLocker Drive Encryption (BDE) is a full disk encryption feature which is designed to protect data by providing encryption for entire volumes. By default, it uses the AES encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional disk encryption-specific security not provided by AES.
Windows 10 IoT Enterprise does not support sysprep on a BitLocker encrypted device. Due to this limitation, you cannot encrypt the device, perform a sysprep, and pull the image. To overcome this issue, you must add or modify the TPM related script that handles TPM. The device must not be encrypted before sysprep (pull). The device encryption is handled by the post push script that uses the TPM_enable.ps1 script located at C:\Windows\setup\tools\. This script must be included before enabling the UWF and after sysprep scripts. The PIN used to encrypt the client must be passed to the script as an argument.
To use TPM
and BitLocker, do the following:
- Enable TPM from the BIOS menu.
- Modify the TPM related part of the script, based on the imaging solution.
- Uncomment the below lines and update the pin
for TPM encryption in the Custom FICore imaging method in C:\Windows\Setup\CustomSysprep\Modules\Post_CustomSysprep.psm1
- #cd C:\windows\setup\Tools\TPM\
- #.\TPM_enable.ps1 -pin 1234
- Uncomment the below lines and update the pin
for TPM encryption for SCCM push in C:\Windows\Setup\ConfigMgrSysprep\Modules\Admin_ConfigMgrSysprep.psm1
- #cd C:\windows\setup\Tools\TPM\
- #.\TPM_enable.ps1 -pin 1234
- Uncomment the below lines and update the pin
for TPM encryption in Non-Factory environment (WDM,WSI, USB Imaging
solution) in Post_CustomSysprep.psm1
- #cd C:\windows\setup\Tools\TPM\
- #.\TPM_enable.ps1 -pin 1234
If the client is encrypted previously, then do the following to clear
the TPM:
Enter the BIOS mode.
In the TPM configuration, set Change TPM Status to Clear, and then apply the settings.
Reboot the device, and enter the BIOS mode again.
Set Change TPM Status to Enable and Activate.
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez indiquer si l’article a été utile ou non.
Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\