Regaining Control of a Wyse 3040 ThinClient

My university workplace has been tinkering of late with thin clients. On the backend we have a VMWare/Horizon/VDI setup. With this setup, we can set up virtual computers for students/faculty/staff to log into remotely.

For example, we have a Math VDI. I used the VMWare tools to build a master image consisting of a virtual PC with certain specs (so many core processors, so much RAM, so much hard drive space, etc), and then installed Windows 10 Enterprise 64-bit on it. Then I used more VMWare tools to make ten read-only copies of this master; we refer to these copies as the VDI (Virtual Device Interface) machines, and the group of them make up the Math VDI Pool.

Students/etc can access one of these ten virtual Win10 boxes, each identical to the other, having math-specific software (like MATLAB) either through an HTML (web-based) interface, or a downloaded-client interface called "Horizon View Client" (available at least on Windows, Mac, and Linux - I run the Linux version on my Debian box if I need things like USB- or printer-passthru; the HTML interface otherwise, usually, just because I always have a web browser open and it's more convenient than firing up the client, but only marginally).

In this way, we only have to make one master image per departmental lab, and click a couple of buttons to make a few or a few hundred copies, to make a virtual computer lab. This is much easier than making a master image and copying it to a few or a few hundred physical computers, and then tweaking each machine to have the correct name or be added to the domain, and remembering to lock it down against student-initiated changes, etc, and if a physical machine dies, replacing a physical machine (or its hard drive, or repairing its registry, or cleaning a virus, or...) is much more labor intensive than simply telling the VMWare tools to .. oh, wait, I don't have to tell the VMWare tools to do anything; it automatically makes sure I have 20 working machines if I have specified I always need 20 working machines. Sweet!

As mentioned, the virtual Math lab computers can be accessed via a web-based or a client-based app on just about any Internet-connected device (Windows, Mac, Linux, Android, iOS, etc). They can also be accessed through a dedicated piece of hardware called a thin (or in some cases, "zero") client.

Now we have acquired three different models of the Dell/WYSE thin/zero-clients; a 3040, a PxN zero client, and a 5040 All-In-One (AIO - monitor built-in). The first two of these are smaller than your typical Louis L'amour western paperback novel; the third just looks like a typical flat-panel LCD computer monitor. They have a very minimal operating system, just enough to allow them to point to a VDI (or other similar thin-client-based solution). We're thinking along the lines of replacing relatively-expensive full-blown PCs in our computer labs with relatively-inexpensive (and much less labor-intensive) thin-client AIOs.

I have gone into the settings of each of these thin-client boxes and pointed them to the Math VDI. Then plug in an Ethernet cable, a mouse and keyboard (and monitor in the non-AIO cases), turn it on, and the system boots up to a login prompt, at which a user can plug in his credentials and be connected to a Math VDI machine, and it's just like he's sitting at a real physical Windows 10 computer in a dedicated Math lab classroom (whether he's sitting at home with a laptop, or in a physical Math lab classroom with a thin-client box), to use the Math-type apps on this very ordinary Windows 10 setup, math department printers included.

So now the student can use his laptop at home, his desktop at his mother's house, or a thinclient set up in the campus Recreation Center, to connect to the Math VDI and get access to his math app (like the quite expensive MATLAB app mentioned above). On his personal computers, he can use the HTML client, or the Horizon View Client; on the thin-client, he just logs in like it's a physical Math lab PC. In all cases, he's actually just running a virtual PC off in another building, but it feels like a local PC.

It would be a pain to have to go each thin-client to set it up to point to the appropriate VDI, or to change its mouse settings, or to allow Math students to log into the Math VDI and Business students to log into the Business VDI, etc. So a centralized management system would be helpful.

Thus steps in the Dell Wyse Management Server (comes in both a free version and a pay-for version, depending on your needs).

So we created another virtual machine (just a plain virtual machine, not a VMWare Horizon/View VDI type setup). It's running Windows Server 2012R2, and is accessed via Microsoft Remote Desktop Protocol - RDP. Logged into that machine, I downloaded the Dell/Wyse Management Server software from the "Dell File Download" site (not the "Dell Digital Locker" site), and installed it (easy install (and easy uninstall as I found out later)).

I then went and configured my 3040 thin client to look to the Wyse Management Server (WMS, formerly known as the CCM - Cloud Client Manager) app installed on my 2012R2 server, and rebooted the 3040, and voila! The 3040 device showed up in my WMS console. (After figuring out what I'm doing, I can similarly configure the other two thin clients we have. (Well, maybe not the zero-client PxN. Not sure yet.) Eventually, we may have tens or dozens or hundreds of thin clients, replacing more expensive actual PCs in computer labs, etc, which would be more easily managed via the WMS than by going to each one and manually configuring them.)

Sweet! Now I can remotely manage the little 3040 thin client, specifying things like what background to use, what VDI it should connect to automatically, if any, whether the user can tweak his mouse settings, or get into Admin mode, etc.

Only problem is, during the install of the WMS and the configuration of the 2040, I had some confusion about security certificates, a subject about which I know nothing (and I really should). When configuring either the WMS or the 3040 to point to the WMS, I didn't do anything with the certificate options, because I didn't know what to do, and this was just a test-bed pilot, not a production setup, so I wasn't worried yet about security; I just wanted to see if I could get the thin-client and WMS server talking to each other.

And I did get them talking to each other. For one day. The next day, the client couldn't log into the WMS server, complaining about certificates. I didn't know how to fix the problem, so I went about trying to get into the local settings of the 3040 thin client to tinker in there, but in my setting up of things, either I neglected to leave the Admin mode option turned on, or I intentionally turned it off, and while the two machines were talking for that one day, the client got the message, and now when it no longer will talk to the server, it won't let me get into its Admin-type innards.

I looked for ways to reset the 3040 thin client to factory condition, thinking I could start over. I found a "press G during boot-up" that was supposed to work, but didn't. I found that this feature too was turned off by the server when the two machines were talking to each other. the option to reset to factory specs when shutting down was missing, so that method was unavailable to me. I then discovered that you can "flash the BIOS" back to factory specs, by downloading from the Dell site a flash image file to an 8GB USB stick and boot the thin-client from that and then flashing the software to the thin-client. Wow. Really? Thankfully, not having an 8GB thumb drive on-hand, and running into some complexities (minor, but still new to me, so that it wasn't a totally fluid, easy process), I wasn't able to get around to actually trying this before I thought of one more option for me to try.

I pulled the Ethernet cable loose from the 3040.

Then I rebooted the 3040.

In a few seconds, the system was complaining about not having a network, but in the "Start" menu, the option to get into the admin settings were no longer grayed out. I had regained control of my 3040! W00t!

I document this here, because I was unable to find the information on the web that I have discovered in this process. Hopefully, Duck-duck-go's and Google's spiders will crawl over this blog and garner this info so that if anyone else is looking for this solution, they'll be able to find it.

Originally published at:

https://kentwest.blogspot.com/2018/03/regaining-control-of-wyse-3040.html

YAD - Yet Another Dialog

What a wonderful tool for building graphical dialog boxes from Linux shells!

In imaging Windows computers for my workplace, I needed a graphical window to pop up to ask the technician for the computer's name and the Active Directory group into which it needed to be placed. I wound up building the tool using PowerShell.

After building the tool, I got to wondering what it would take to do the same thing in Linux, and finding the tool "YAD" (a souped-up alternative to Zenity, which is a souped-up alternative to Dialog, which is a souped-up version to just the command line), found it is a very powerful little utility for building GUI dialog boxes. ("aptitude install yad" will install it on your Debian system.)

There are a couple of good documents on the web for learning how to use this utility, so I won't try to provide any kind of tutorial. But I thought I'd share the script so that perhaps it might help someone see the bigger picture. Just copy the script to your Linux box, "chmod +x" it, and run it ("./GetComputerNameAndOU.sh").

#!/bin/bash

#            RENAME COMPUTER AND GET OU
#
# This script creates an input box with two
# fields, one for the computer name, and one
# for the computer's OU
#

### Set these constants
CONFIG_DIR="/tmp"           # Output of this script will be saved here,
CONFIG_FILE="config.txt"    # in this file.
DefaultName="ACUxxxxx"
ouDefaultLandZone="Computers,DC=acu,DC=loacl"    # If no OU is selected
# Final product = ouLeafNode + selected OU + ouBaseLandZone
ouBaseLandZone=",OU=Departments,DC=acu,DC=local"
ouLeafNode="OU=Computers,OU="
 
### Specify your Active Directory Organizational Units here.
### The line starting with a caret will be the default
### selection in the pull-down selection field.
ou=$(echo "\
^Not Specified,\
Abilene Library Consortium,\
Academic Development Center,\
Accounting,\
Accounting and Finance,\
ACU Foundation,\
ACU Police Department,\
ACU Press,\
Adams Center,\
Advancement,\
Advancement Services,\
Advancement Stewardship,\
Advancement Strategies,\
Advising Center,\
AG and Environmental Sciences,\
Alpha Scholars and Student Success,\
Alumni Relations,\
Alumni Relations, Annual Projects & University Relations,\
Analytics,\
Art and Design,\
Arts and Sciences,\
Athletics,\
Bible Missions and Ministry,\
Biblical Studies,\
Billings and Receivables,\
Biology,\
Brown Library,\
Brown Library Dean's Suite,\
Brown Library Technical Services,\
Business and Services,\
Campus Center,\
Campus Recruiting,\
Campus Visits,\
Campus Visits and Events,\
Career Center,\
CEHS Dean's Office,\
Center for Christian Service and Leadership,\
Chancellor's Office,\
Chemistry and Biochemistry,\
CIE,\
City Square,\
COBA,\
College of Arts anbd Science,\
College of Education and Human Services,\
Communication,\
Communication and Sociology,\
Communication Science and Disorder,\
Computing Services,\
Conflict Resolution,\
Construction and Risk Management,\
Creative Services,\
Distance Education,\
Doctor of Ministry Program,\
Electronic Resources and Serials,\
Engineering Physics,\
English,\
Enrollment Management,\
Enrollment Management & Student Engagement,\
Enrollment Marketing,\
Enterprise Infrastructure,\
Exercise Science and Health,\
Facilities and Campus Development,\
Facilities Management,\
Financial Operations,\
First Year Program,\
Foreign Languages,\
General Counsel,\
General Education,\
Graduate Admissions,\
Graduate School,\
Graduate School of Theology,\
Graduate Studies in Education,\
Griggs Center,\
Halbert Institute for Missions,\
History,\
Honors College,\
Human Resources,\
Information Technology,\
Institutional Effectivness,\
Investment Services,\
Journalism and Mass Communication,\
KACU,\
Kinesiology and Nutrition,\
Landscape and Grounds,\
Language and Literature,\
Learning Studio,\
Mail Services,\
Management Sciences,\
Marketing,\
Marketing Operations,\
Marriage and Family Therapy,\
Mathematics,\
McNair Scholars,\
Medical Care and Counseling Center,\
Medical Clinic,\
Ministry Events,\
Ministry Programs,\
Music,\
Occupational Therapy,\
Office and Research and Sponsored Programs,\
Online Marketing,\
Online Programs,\
Payroll,\
Physical Resources,\
Physics,\
Political Science,\
Political Science and Criminal Justice,\
President's Office,\
Provost,\
Pruett Gerontology Center,\
Psychology,\
Psychology Clinic,\
Public Relations,\
Public Services,\
Pura Vida Salon,\
Registrar,\
Residence Life,\
Retention and Student Services,\
School of Information Technology,\
School of Nursing,\
Service Learning and Volunteer Resources,\
Siburt Institute,\
Social Work,\
Sociology and Family Studies,\
Special Collections,\
Spiritual Formation Office,\
Spiritual Life,\
Spiritual Life and Chapel Programs,\
SRWC,\
Strategic Planning,\
Student Administrative Services,\
Student Financial Services,\
Student Leadership Development,\
Student Life,\
Systems and Operations,\
Talent Search,\
Teacher Education,\
Team55,\
Technology Support Services,\
Territory Recruitment,\
Test GPOs,\
TestMalwarebytesDeployment,\
The Campus Store,\
Theatre,\
University Counseling Center,\
University Events,\
University Procurement,\
University Relations,\
Upward Bound,\
Vice President for Student Life's Office,\
Video Production,\
WFF\
")


value=$(yad --width=400 --title="Name Computer & Select AD Org Unit" \
  --timeout=120 --timeout-indicator=bottom \
  --form \
    --item-separator="," \
    --field="Enter new computer name\:" \
    --field="\tAD Organizational Unit\:":CE \
    "$DefaultName" "$ou")

### Split response into an array
IFS="|" read -a val_array <<< "${value%;}"

### Convert Name to uppercase
val_array[0]=${val_array[0]^^}

### Save the values to config file
echo Name:${val_array[0]} > $CONFIG_DIR/$CONFIG_FILE
echo OUName:${val_array[1]} >> $CONFIG_DIR/$CONFIG_FILE
if [ $"{val_array[1]}" = "Not Selected" ]
then
  echo OU:$ouDefaultLandZone >> $CONFIG_DIR/$CONFIG_FILE
else
  echo OU:$ouLeafNode${val_array[1]}$ouBaseLandZone >> $CONFIG_DIR/$CONFIG_FILE
fi




Originally published at: 
https://kentwest.blogspot.com/2018/03/yad-yet-another-dialog.html

"That Which is Perfect"

Many in my church heritage have claimed that tongues and prophecies (and by extension all miraculous activity) have ceased, citing 1 Cor 13:8-10 as their proof. This passage says:

WEB 1 Cor 13:8 Love never fails. But where there are prophecies, they will be done away with. Where there are various languages, they will cease. Where there is knowledge, it will be done away with. 9 For we know in part, and we prophesy in part; 10 but when that which is complete has come, then that which is partial will be done away with.

Their belief is that "that which is complete" (or "perfect", in the older King James Bible) refers to the word of God, the Bible, and then they use other arguments to say the Bible is now complete.

This view has been taught as the view by many of our brethren, to the point we barely consider if it's true.

But let me offer a different view. This is not the only place where Paul writes of spiritual gifts and that which is "perfect". It is highly likely that whatever is the "perfect" that results from spiritual gifts in one place is the "perfect" that results from spiritual gifts in the other place. That other place is Ephesians 4.

Paul starts off in Ephesians by writing that gifts are given to all:

WEB Eph 4:7 But to each one of us was the grace given according to the measure of the gift of Christ. 8 Therefore he says, “When he ascended on high, he led captivity captive, and gave gifts to men.”

Then he goes on to explain how some of those gifts are manifested:

Eph 4:11 He gave some to be apostles; and some, prophets; and some, evangelists; and some, shepherds and teachers;

Then he explains what the gifts are for:

Eph 4:12 for the perfecting of the saints, to the work of serving, to the building up of the body of Christ;

And finally, he explains how long the gifts were to last:

Eph 4:13 until we all attain to the unity of the faith, and of the knowledge of the Son of God, to a full grown man, to the measure of the stature of the fullness of Christ; 14 that we may no longer be children, tossed back and forth and carried about with every wind of doctrine, by the trickery of men, in craftiness, after the wiles of error; 15 but speaking truth in love, we may grow up in all things into him, who is the head, Christ; 16 from whom all the body, being fitted and knit together through that which every joint supplies, according to the working in measure of each individual part, makes the body increase to the building up of itself in love.

The parallel to 1 Cor 12-14 is striking:

First he starts off in 1 Corinthians by explaining that gifts are given to all:

WEB 1 Cor 12:7 But to each one is given the manifestation of the Spirit for the profit of all.

Then he goes on to explain how some of those gifts are manifested:

1 Cor 12:28 God has set some in the assembly: first apostles, second prophets, third teachers, then miracle workers, then gifts of healings, helps, governments, and various kinds of languages. 29 Are all apostles? Are all prophets? Are all teachers? Are all miracle workers? 30 Do all have gifts of healings? Do all speak with various languages? Do all interpret? 31 But earnestly desire the best gifts.

He explains what the gifts are for:

1 Cor 12:18 But now God has set the members, each one of them, in the body, just as he desired. 19 If they were all one member, where would the body be? 20 But now they are many members, but one body. ... 14:5 Now I desire to have you all speak with other languages, but rather that you would prophesy. For he is greater who prophesies than he who speaks with other languages, unless he interprets, that the assembly may be built up. ... 20 Brothers, don’t be children in thoughts, yet in malice be babies, but in thoughts be mature.

And then he explains how long the gifts were to last:

1 Cor 13:9 For we know in part, and we prophesy in part; 10 but when that which is complete has come, then that which is partial will be done away with. 11 When I was a child, I spoke as a child, I felt as a child, I thought as a child. Now that I have become a man, I have put away childish things.

In both passages, the gifts are for the building up of the body, that we may no longer be children, and will cease when maturity arrives. It should be noted that in both passages, the Greek word behind the English "perfect"/"mature"/"complete"/"full-grown" is the same Greek word, telion. It should also be pointed out that in both passages, love is the dominant gift that runs throughout this maturing process.

I propose that in 1 Cor 13:10, "that which is perfect" does not refer to the finished word of God, but to the same maturity of the church/Christian which is a core thrust of both passages. The contrast in both passages is immaturity vs maturity, and the gifts are given for that exact purpose of taking us to maturity, and are to last until the maturity arrives.

Originally published at:
http://kentwest.blogspot.com/2018/03/that-which-is-perfect.html