Microsoft Teams Optimization for Dell Wyse ThinOS 9

 

Microsoft Teams Optimization is now available for Dell Wyse ThinOS 9 with the launch of the latest Citrix WorkSpace app 2006 for Linux. Users of ThinOS 9 can now download this latest Citrix WorkSpace app and get the benefits of Microsoft Teams Optimizations in a Citrix environment.

Unified Communications have always been a challenge in virtual desktop environments and the continued innovations in this area are much needed.

Citrix does a nice job of outlining the details of how the optimization works along with a quick video in this blog post.

Here are some additional details:

  • Download this latest Citrix WorkSpace App 2006 for ThinOS 9 here
  • Check out ThinOS 9 release notes for additional details here

Supported Platforms and Management Software:

  • Wyse 5070 Thin Clients (ThinOS)
  • Wyse 5470 Mobile Thin Clients (ThinOS)
  • Wyse 5470 AIO Thin Clients (ThinOS)
  • Wyse 3040 Thin Clients (ThinOS)
  • Wyse Management Suite 2.1

Citrix resources for Microsoft Teams Optimization

ThinOS 9 Resources

Enjoy!

@chris_messier ~~> Subscribe to blog to get latest updates <~~

SSL Certificates & Wyse Management Suite

In a previous post, here, I covered how to resolve the SSL error message, “SSL Certificate Authority is Unknown” when using ThinOS.

In this post I will cover how to upload SSL certificates into Wyse Management Suite (WMS) and how to assign them to a specific group configuration/profile for ThinOS 8.x and 9.x.

The process is slightly different for ThinOS 8.x & ThinOS 9.x but I will cover both below. 

How to upload SSL certificates for use by ThinOS 8.x:

1. In WMS, browse to “Apps & Data”:

2. Scroll down to “File Repository”:

3. Click “Add File” to upload Certificate:

4. Browse out to the Certificates you exported. You will need to do for each Certificate you exported.

 

5. Once you click upload it should show up under the ‘Apps & Data – Inventory File Repository”:

 

How to upload SSL certificates for use by ThinOS 9.x:

    1. In your ThinOS 9 policy, browse to “Privacy & Security\Certificates”. Here you can turn on “Auto Install Certificates” and browse to the certificates you want to upload as shown below:

 

How to assign SSL Certificates to WMS configuration group/policy: 

Once your certificates are imported into WMS, you then need to assign them to your ThinOS profile you are using under, “Groups & Configs” select the group you want to edit following steps below;

  • ThinOS 8.x: in the policy, browse to “Device Configuration\Security\General Settings”. Select “Auto-install Certificates” and your Certificate should show up in the list to select. Once you are done, click “Save & Publish”. The next time the device reboots, it will pick up the new Certificate.

  • ThinOS 9.x: in your policy, browse to “Privacy & Security\Certificates”. Here you can turn on “Auto Install Certificates” and browse to the certificates you want to upload as shown below:

This completes the process of uploading your SSL certificates to WMS and assigning them to a ThinOS policy.

For more assistance, check out Dell Community Forums (formally Dell TechCenter):

@chris_messier ~~> Subscribe to blog to get latest updates <~~

 

Dell Wyse ThinOS – “SSL Certificate Authority is Unknown”

“SSL Certificate Authority is Unknown”

A common issue connecting to a VDI connection broker, i.e Citrix, VMware, etc.., from Dell Wyse ThinOS or any thin client, is an SSL certificate error. There are generally 2 reasons why.

  • the Root Certificate Authority certificate is not installed on the device
  • the Intermediate Certificate Authority certificate is also not installed on the device

Error: SSL Certificate Authority is Unknown

This is easily fixed by installing both the missing Root and likely the Intermediate certificate.

To do this, you can simply export from a browser, and then import on the device, generally through Wyse Management Suite (WMS) or even a USB key if you had to.

I will cover the 3 step process to fix this.

  1. Export the required certificates from a browser
  2. Upload into Wyse Management Suite
  3. Assign the certificates to the device profile

Steps to export certificate from browser:

  1. In this example, I used https://portal.vmware.com as an example to work with certificates but this would be your VMware Horizon server, Citrix Storefront site, Citrix Netscaler/ADC, Microsoft Azure MFA site, etc…
  2. Click on the SSL padlock on your browser as shown below to bring up below window. Click on ‘Certificate (Valid)’ field.

3. This will bring up the certificate information:

4. Click on “Certification Path” tab bring up the following:

5. Select the top level certificate, in this case, “Sectigo (formally Comodo CA)”

6. This will bring up the Root certificate as shown below, “Comodo RSA Certification Authority”. This is the first certificate we want to export.

7. Click on the “Details” tab and select, “Copy to File”:

8. Take defaults and follow the wizard to export the certificate:

9. Once you export the top level Root Certificate, follow the same steps to export the Intermediate certificate. This Intermediate is chained, or trusted, by this top level Root Certificate so we need both certificates in this chain.

10. In the browser, select the Intermediate Certificate, “COMODO RSA Domain Validation Secure Server CA” and select “View Certificate”:

11. Select “Details” and “Copy to File” to export the certificate:

12. Follow wizard again to export the Intermediate Certificate:

13. You now have successfully exported both the top level Root Certificate, “Comodo RSA Certification Authority”, and the Intermediate Certificate, “COMODO RSA Domain Validation Secure Server CA”.

Once exported you need to upload them into your WMS server. It’s a simple process and the steps to upload the certifications are outlined here. Once complete, resume to step 15 below to assign the certificate(s) to your group configuration/profile.

15. Once certificates are imported into WMS, you then need to assign them to your ThinOS profile you are using under, “Groups & Configs” select the group you want to edit following steps below;

  • ThinOS 8.x: in the policy, browse to “Device Configuration\Security\General Settings”. Select “Auto-install Certificates” and your Certificate should show up in the list to select. Once you are done, click “Save & Publish”. The next time the device reboots, it will pick up the new Certificate.

  • ThinOS 9.x: in your policy, browse to “Privacy & Security\Certificates”. Here you can turn on “Auto Install Certificates” and browse to the certificates you want to upload as shown below:

 

This completes the process of exporting the SSL certs, uploading to WMS, and assigning them to your profile. This should resolve the issue of “SSL Certificate Authority is Unknown”.

For more assistance, check out Dell Community Forums (formally Dell TechCenter):

@chris_messier ~~> Subscribe to blog to get latest updates <~~

New! Wyse 5470 Thin Client Laptop and 24″ All in One!

Dell has recently released 2 new models, the Dell Wyse 5470 Thin Client Laptop and a 24″ All in One thin client!

The big news here is it’s the first thin client laptop Dell has released that runs Wyse ThinOS. The thin laptop also comes in Windows 10 IoT along with the ThinLinux platform. We’ve had Windows and Linux based thin laptops in the past but we’ve always had demand for a ThinOS version so it’s finally here!

The other Dell Wyse first is a ThinOS based 24″ All in One which we seen lots of interest in the healthcare space and other verticals interested in AIO’s. This replaces the previous 21.5″ ThinOS and the 24″ Teradici based options we had.

See more below!

Product video of 5470 All in One here!

Product video of 5470 Thin Client Laptop here!

Enjoy!

@chris_messier ~~> Subscribe to blog to get latest updates <~~

New Updates! Cisco Jabber & Microsoft Skype for Business Enhancements for Wyse ThinOS

Cisco Jabber & Microsoft Skype for Business, and other unified communications solutions, are some of the solutions often requested in virtual desktop deployments. Citrix & VMware have both made some key advancements on the server side, i.e. Citrix HDX RealTime Optimization Pack (RTME) & VMware Horizon Virtualization Pack for Skype for Business.

Most of the client side solutions to ‘offload’ some of this processing has been focused on using Windows, or Windows Embedded, based endpoints. The request of many customers is to simplify & secure the endpoint as much as possible, which can lead to using a non-Windows based endpoint and running Windows 10/7 in the data center.

Dell Wyse just released Wyse ThinOS 8.6 which includes support for Cisco Jabber Softphone for VDI for Citrix and Skype for Business on VMware Horizon.

You can see more on these announcements here and some technical details in the Wyse ThinOS 8.6 release notes here.

Enjoy!

@chris_messier ~~> Subscribe to blog to get latest updates <~~

Using HTTP for StoreFront Server

In some recent lab testing I setup Citrix StoreFront to use HTTP as I was running some quick tests and didn’t need HTTPS for my test.

Unfortunately, by default, the Citrix Receiver only allows you to connect via HTTPS. If you enter an HTTP URL, it won’t allow you to save it and instead, get the following error:

“The specified server address is not secure”

StoreFront1

Once you click, “Add”, you will get the following:

“HTTP Store requires additional configuration before being added to the Citrix Receiver. Please contact your system administrator.”

StoreFront3

The fix for this is to edit/add the following Registry keys on the client your using the Citrix Receiver to connect from:

  1. Set HKLM\Software\[Wow6432Node\]Citrix\Dazzle\AllowAddStore to A to allow users to add non-secure stores.
  2. (Optional) Set HKLM\Software\[Wow6432Node\]Citrix\Dazzle\AllowSavePwd to A to allow users to save their passwords for non-secure stores.
  3. To enable the addition of a store that is configured in StoreFront with a TransportType of HTTP, add to HKLM\Software\[Wow6432Node\]Citrix\AuthManager the value ConnectionSecurityMode (REG_SZ type) and set it to Any.
  4. Exit and restart Citrix Receiver.

Source: Configure and install Receiver for Windows using command-line parameters

You should now be able to use an HTTP URL in your Citrix Receiver to connect to StoreFront successfully!

Hope this helps someone else down the road!

@chris_messer ~~> Subscribe to blog to get latest updates <~~

Wyse ThinOS Fails to Auto Create Printer when using Citrix Universal Print Driver

Issue:

Wyse ThinOS fails to auto-create local/USB printers using the Citrix Universal Print Driver when connecting to XenApp 7.8 on Windows Server 2008 or 2012 servers.

The issue occurs if the local Wyse ThinOS printer “identification” field is set to use the “PCL5” driver which ThinOS is set to use by default. On Windows Server 2008 R2 and 2012 servers running Citrix XenApp 7.8, and other versions, they do not have the specific PCL5 driver, “HP Color LaserJet 4500 PCL 5”, installed by default. This specific HP driver is the PCL5 driver that the Citrix Universal Print driver uses and is not installed by defaults so it needs to be manually installed.

Resolution:

The required Windows PCL5 driver that the Citrix UPD leverages, “HP Color LaserJet 4500 PCL 5”, needs to be manually installed on the Windows Server 2008 or 2012 servers. Citrix identifies this issue in the following CTX article:

CTX140208 – Non-Windows Clients may not Autocreate Printers on Windows Server 2012 using the Citrix UPD

“As non-windows clients do not support EMF or XPS drivers, they will attempt to use PS or PCL drivers. In Windows Server 2008 R2 or Windows Server 2012, PCL5c, PCL4, and PS drivers may not be installed by default. To install them, launch the Print Server Properties window and click Windows Driver Update.”

The default Citrix UPD drivers are the following and the PCL5c is the one generally missing:

PS driver HP Color LaserJet 2800 Series PS
PCL4 driver HP LaserJet Series II
PCL5c driver HP Color LaserJet 4500 PCL 5

Details:

By default, the server does not have the “HP Color LaserJet 4500 PCL 5” installed as shown under print server properties. As shown in the registry, the Citrix UPD uses this driver to map the PCL5c driver and since its missing, auto creation from ThinOS fails.


By default, Wyse ThinOS is set to use a PCL5 driver under “Printer Identification” field so when the printer is auto created it attempts to map to the PCL5 driver on the server which is missing so auto creation fails.


By default, the Citrix UPD is set to “Use universal printing only if requested driver is unavailable” and the UPD driver preference order is set to; EMF;XMS;PCL5c;PCL4;PS.

As noted above, “non-windows clients do not support EMF or XPS” so the first driver it attempts to use is PCL5c which is not installed by default so auto creation from Wyse ThinOS PCL5 fails. If Wyse ThinOS “Printer Identification” was set to use PCL4 or PS then auto creation would succeed as those 2 drivers are installed by default.


This issue and resolution is also documented in the following PDF Technote – Wyse ThinOS and Citrix UPD Fails to Autocreate Printers.

Citrix and Skype for Business on Wyse ThinOS

One of the great new features in the release of Skype for Business on Citrix XenDesktop is the ability to use a non-Windows, Wyse ThinOS, endpoint as the client device to support new Skype features. Previously, you were limited to using a Windows endpoint running a full Windows PC or Windows Embedded thin client.

More importantly, your able to leverage the power of the Citrix Real Time Media Engine (RTME) which is embedded in the Wyse ThinOS for audio/video offload. This allows the client to offload rendering from the server VM onto the client leveraging the client CPU/memory to process audio/video. This freeing of VM resources allow greater server/desktop density and better performance as local client resources are also being used.

The key benefit of leveraging the RTME support is you eliminate the traditional VDI hair-pinning of the unified communications audio/video traffic which would route all the audio/video traffic through the virtual machines as illustrated below.

This is very well illustrated in below video.

Site feedback? chris@vditoolbox.com | Twitter | LinkedIn