background image

Quick Reference Guide

www.hp.com

23

HP recommends adding a program instead of adding a port. Adding a 
program is easier and safer than adding a port because you do not 
have to know which port numbers to use, and the port is only open 
when the program is waiting to receive a connection. Only the 
specified application can use the port, whereas opening a port allows 
any application to use it.

Adding a program

The recommended configuration involves adding a program to the 
exception list. This solution provides the easiest configuration, as 
well as enables the firewall to open ranges of ports that can change 
each time the program runs.

To add a program exception:

1. Open Windows Firewall and click the Exceptions tab.

2. If the program is in the list, click to enable the setting. If the 

program is not in the list, click 

Add Program

 to display the Add 

a Program dialog box.

3. Click 

Browse

 to choose the program you wish to add as an 

exception, and then click 

OK

.

4. Click 

Change Scope

 to view or set the scope for the program, 

and then click 

OK

.

5. Click 

OK

 to close the Add a Program dialog box.

6. Click the check box to enable the program. By default, the 

program is not enabled in the list. 

Adding a port

If adding the program to the exception list does not resolve the 
application issue, you can add ports manually. You must first identify 
the ports used by the application. The most reliable method for 
determining port usage is consulting with the application vendor.

If the port number(s) for the process are less than 1024, it is likely that 
the port numbers will not change. If the port numbers used greater 
than 1024, the application may be using a range of ports, so opening 
individual ports may not resolve the issue reliably.

Once you have the port number and protocol, add an exception for 
that port. 

Summary of Contents for Compaq t57*0

Page 1: ...t5000 Series Document Part Number 253378 007 October 2005 This guide supplements the standard Microsoft Windows XPe documents supplied by Microsoft Corporation This document highlights the differences enhancements and additional features provided with this terminal ...

Page 2: ...Nothing herein should be construed as constituting an additional warranty HP shall not be liable for technical or editorial errors or omissions contained herein Å WARNING Text set off in this manner indicates that failure to follow directions could result in bodily harm or loss of life Ä CAUTION Text set off in this manner indicates that failure to follow directions could result in damage to equip...

Page 3: ...strator logon access 5 Pre installed utilities 5 Altiris Client Agent 6 Citrix Program Neighborhood 6 Enhanced Write Filter Manager 6 Macromedia Flash Player 6 Remote Desktop Connection 7 The XPe desktop 7 User desktop 7 Administrator desktop 8 Logging off from restarting and shutting down the thin client 9 Programs menu extended selections 10 Citrix Program Neighborhood 10 Remote Desktop Connecti...

Page 4: ...ws Messenger 25 Windows Media Player 9 25 Utilities and settings 25 Enhanced Write Filter Manager 26 Enhanced Write Filter Manager command line control 27 Enhanced Write Filter user interface 28 Enhanced Write Filter status tool 29 Local drives 30 Drive Z 30 Drive C and Flash 30 Saving files 31 Mapping network drives 31 Roaming profiles 31 User log accounts 32 Creating a new user account 32 User p...

Page 5: ...mentation that provides specific information for your image version You can find support documentation at http welcome hp com country us en support html This guide provides information about Microsoft Windows XPe For more information about the latest features see Microsoft Windows XPe Service Pack 2 SP2 on page 16 Server environment requirements HP thin clients use a variety of services accessed t...

Page 6: ...CA and RDP a Terminal Services Client Access Licenses TSCAL server must also reside somewhere on the network Client Access licenses permit clients to use the terminal file print and other network services provided by Windows 2000 2003 Server The server grants temporary licenses on an individual device basis that are good for 90 days Beyond that you must purchase TSCALs and install them in the TSCA...

Page 7: ...s Deployment Solution refer to the Altiris Web site at www altiris com documentation and review the Altiris Deployment Solution User Guide Extended Windows XPe features The operating system of the Microsoft Windows XPe based thin client has extended features not found in the standard Microsoft Windows XP operating system Controls for extended Windows XPe features are only available through the Adm...

Page 8: ...ing automatic logon bypasses the Log On to Windows dialog box To log on as a different user while auto logon is enabled press and hold Shift while clicking Start Shut Down Log Off This displays the Log On to Windows dialog box and allows you to manually enter the logon information Manual logon When automatic logon is disabled thin client startup displays the Log On to Windows dialog box Type the l...

Page 9: ... user mode While holding down Shift use the mouse to initiate logoff of the User invoked from the Start menu The logon screen for Administrator logon displays The default username and password for the Administrator account is Administrator The default username and password for the User account is User You can use the HP Manager application to permanently modify the default login user Located in th...

Page 10: ...ter Manager Booting the system launches the Enhanced Write Filter Manager utility The write filter provides security and protects flash memory from excessive write activity See Enhanced Write Filter Manager on page 26 for information about the write filter Changes made to the thin client configuration will be lost when the thin client is rebooted unless you disable the write filter cache or issue ...

Page 11: ... available from the Start menu If the terminal emulator application is installed you can open it from Start Programs Links to remote ICA NFuse published applications may also be listed on the Start menu and or displayed as icons on the desktop Refer to the Citrix documentation for information and instructions For information about the functionality of the standard Windows XPe desktop and Start men...

Page 12: ...e desktop that displays when you are logged on as Administrator is a standard Windows XP desktop except that the Citrix Program Neighborhood Remote Desktop Connection and Internet Explorer are the only icons present These selections are also available from the Start menu If installed you can open the terminal emulator application from Start Programs Administrators can access extended resources fro...

Page 13: ...own the thin client Enhanced Writer Filter Power Management System Time Enhanced Write Filter For detailed information about the Enhanced Write Filter see Enhanced Write Filter Manager on page 26 If you want to save changes to system configuration settings you must disable the write filter cache or issue the commit command during the current boot session Otherwise the new settings will be lost whe...

Page 14: ...s may require access to the local thin client time To open the Date and Time Properties dialog click on the time area in the task bar or double click the Date and Time icon in the Control Panel Programs menu extended selections Open the Programs menu by clicking Start Programs Additional selections available on the Programs menu include Citrix Program Neighborhood also available as a desktop icon ...

Page 15: ...on the thin client The Internet options settings for the browser have been preselected at the factory to limit writing to the flash memory These settings prevent exhaustion of the limited amount of flash memory available and should not be modified You may access another browser through an ICA or RDP account if you need more browser resources Control Panel extended selections The Control Panel is a...

Page 16: ... and the installed memory size The maximum Ramdisk size that you can is 64 MB The minimum is 2 MB Regional and Language Options The keyboard language options are preset at the factory Should you need to make a change the keyboard language selection is made through the Regional and Language Options selection in the Control Panel From this program you can select the type of keyboard you are using as...

Page 17: ...ect the USB end of the converter cable to the thin client at this time 2 Open the Device Manager window Control Panel System Hardware Tab Device Manager 3 A Ports COM LPT listing may or may not display depending on thin client model and whether a device driver was previously installed to a port If the listing does display expand it to display ports currently used 4 Plug in the USB end of the conve...

Page 18: ...ent becomes unstable Downloading and using printers requires sufficient flash space In some cases you may have to remove software components to free up space for printers Printing to a locally connected printer from an ICA or RDP session using the print drivers of the server produces full text and graphics functionality from the printer To do this you must install the print driver on the server an...

Page 19: ... T Using manufacturer print drivers Install the driver provided by the manufacturer and follow the manufacturer s instructions Be sure to disable the write filter or issue the commit command to save the installation Audio You can redirect audio from applications to the audio jacks on the thin client You control the level externally such as by a 600 ohm potentiometer control and driving speakers re...

Page 20: ...nt provides a customizable firewall that helps protect your computer from intrusion and misuse whether malicious or unintentional It detects and identifies known Trojans port scans and other common attacks and in response selectively allows or blocks the use of various networking services applications ports and components HP Sygate Standalone Agent has the ability to allow or block any port or pro...

Page 21: ...1 hp com support files ThinClients us downloa d 22630 html On by default After you install the add on Windows Firewall is turned on by default for all network interfaces On by default also protects new network connections as they are added to the system This could break application compatibility if the application does not work with stateful filtering by default Configuring Microsoft Windows Firew...

Page 22: ...b provides access to the main three configuration options as shown below On Recommended Don t allow exceptions Off Not Recommended When you select Don t allow exceptions Windows Firewall blocks all requests to connect to your computer including those from programs or services on the Exceptions tab The firewall also blocks file and printer sharing and discovery of network devices ...

Page 23: ...n you use Windows Firewall with no exceptions you can still view Web pages send and receive e mail or use an instant messaging program Exceptions Tab Provides the ability to add program and port exceptions to permit certain types of inbound traffic The exception settings specify the set of computers for which this port program is open You can specify three different modes of access Any computer in...

Page 24: ... the same subnet to connect to the program on the machine but drops traffic originating from a remote network Advanced Tab Enables you to configure the following functions Network Connection Settings Select connection specific rules which apply per network interface Security Logging Create a log file for troubleshooting ICMP With Global Internet Control Message Protocol ICMP the computers on a net...

Page 25: ... Firewall you can use the following command netsh firewall show configuration Troubleshooting applications Modifying an application to work with a stateful filtering firewall is the ideal way to resolve issues This is not always possible so the firewall provides an interface for configuring exceptions for ports and applications ...

Page 26: ...requests Examples include a Web server such as Internet Information Services IIS Remote Desktop and File Sharing Failures in network applications are not limited to firewall issues RPC or DCOM security changes can cause failures It is important to note whether the failure is accompanied by a Windows Firewall Security Alert indicating that an application is being blocked Resolution With either of t...

Page 27: ...ot in the list click Add Program to display the Add a Program dialog box 3 Click Browse to choose the program you wish to add as an exception and then click OK 4 Click Change Scope to view or set the scope for the program and then click OK 5 Click OK to close the Add a Program dialog box 6 Click the check box to enable the program By default the program is not enabled in the list Adding a port If ...

Page 28: ... additional Microsoft Windows Service Pack 2 and Microsoft Windows Firewall information TechNet Windows XP Professional Web site http www microsoft com technet prodtechnol winxppro default mspx Manually Configuring Windows Firewall in Windows XP Service Pack 2 http www microsoft com technet community columns cableguy cg0204 mspx Using the Windows Firewall INF File in Microsoft Windows XP Service P...

Page 29: ... XPe Service Pack 2 added a block unsafe file transfers feature to Windows Messenger For a list of files generally considered unsafe see Information About the Unsafe File List in Internet Explorer 6 on the Microsoft Web site at http go microsoft com fwlink LinkId 25999 Windows Media Player 9 Version 9 of the Windows Media Player contains security performance and functionality improvements For more...

Page 30: ...er the contents of the cache to the flash on demand using the Altiris Deployment Solution software or manually using the Enhanced Write Filter Manager After you disable the write filter all future writes during the current boot session are written to the flash with no further caching until reboot You can also enable disable the write filter using the command line Always enable the writer filter af...

Page 31: ... format of the overall EWF configurations By including the EWF Manager console application component in your configuration and building it into your image you enable use of Ewfmgr exe and the corresponding commands To use the Enhanced Write Filter Manager using the command line select Start Run Open and access the system DOS prompt by typing CMD in the Open field and clicking OK At the system prom...

Page 32: ...ce In addition to the DOS command line tool the Windows XP Embedded image now includes an Enhanced Write Filter EWF GUI You can access the EWF GUI through the Control Panel or the Administrative Tools option for the administrator To access the EWF GUI 1 Log in as an administrator 2 Select Start Control Panel Other Control Panel Options or Start Control Panel Performance and Maintenance Administrat...

Page 33: ...at shows the status of EWF The EWF Status icon appears as a red lock when disabled green lock when enabled yellow lock when the state is set to change on next boot In the event of a corrupted EWF state you must re flash the thin client with the standard shipping image provided on the Web For additional information see the HP Compaq Thin Client Imaging Tool white paper located at http h200005 www2 ...

Page 34: ...t use this drive to save data that you want to retain For Ramdisk configuration instructions see HP RAMDisk on page 11 For information about using the Z drive for roaming profiles see Roaming profiles on page 31 Drive C and Flash Drive C is in the onboard non volatile flash memory HP recommends that you do not write to drive C as writing to drive C reduces the free space on the flash Ä CAUTION If ...

Page 35: ...n as either Administrator or User To keep the mappings after the thin client is rebooted 1 Disable the write filter cache during the current boot session or issue the commit command 2 Select the Reconnect at Logon check box Because a user logon cannot disable the write filter cache you can retain the mappings by logging off the user do not shut down or restart and logging back on as Administrator ...

Page 36: ...ult user or administrator access settings in the registry browser profiles and ICA and RDP initial settings If the default user or administrator profile settings are changed from those set at the factory the changed settings are automatically applied to the new user profile For the new user to match the characteristics of the default user the administrator must create the user in the user group an...

Page 37: ...he attributes you want 7 Click Create and then click the Close command button 8 In the Local Users and Groups window select highlight the Users folder in the left pane 9 In the right pane double click the name of the user just created This opens the user name Properties tabbed dialog box 10 Open the Member Of tab dialog 11 Click Add This opens the Select Groups dialog box 12 Type Administrators in...

Page 38: ...ust use the Altiris Deployment Solution for administering the thin client Disable enable the write filter as needed to save the changes Ä CAUTION If the available free space on the flash memory is reduced to below 3 MB the thin client becomes unstable For add on modules to work and be downloaded there must be sufficient flash space available In some cases it may be necessary to remove software com...

Page 39: ...hat contains the original factory image for the HP Compaq t5000 thin client You can use this utility to restore the original factory image to your thin client This utility allows you to perform the following options Generate and ISO image to use with CD creation software to create a bootable CD for deployment using a USB CD ROM drive Create a bootable flash image on a USB flash device such as on a...

Page 40: ...D desktop Administrator 8 user 7 drive C 30 drive Z 30 E Enhanced Write Filter Manager 6 26 clear boot command 29 command line control 27 disabling 28 enabling 28 overlay configuration 29 status tool 29 user interface 28 Enhanced Writer Filter manager 9 extended selections Control Panel 11 F firewall Microsoft Windows 17 Sygate 16 Flash 30 H HP Compaq Thin Client Imaging Tool 35 HP RAMDisk 11 HP S...

Page 41: ...herals 13 power management 10 pre installed utilities 5 print driver manufacturer 15 text only 14 printers 14 R regional and language options 12 roaming profiles 31 S saving files 31 services 12 session services 1 shutting down 9 support service 3 Sygate Firewall 16 Sygate Security Agent 16 system time 10 T TeemNT 11 Telnet protocol 2 terminal emulation support 2 Terminal Services Client Access Li...

Reviews: