You've already setup your limited access user (I called mine "svcsusr", and I'll use that name below). Go back into that user ID setup and configure its "Profile Path" property to point to an appropriate network location. Then, on a machine with the View client installed (and preferably nothing else--it'll keep the profile to a minimum size), log in as svcsusr. Don't do this on a machine setup in the OU from Part 2--the roaming profile changes won't get sent back to the server from those machines.
We need to change a few registry settings on this user. We'll change the default shell from Explorer to the View client. We'll also disable the user's ability to lock the system. Why do that? If our end user locks the system using Windows Key
Open regedit and go to HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System. We're going to modify the "DisableLockWorkstation" value--you'll most likely have to create it (create it as a DWORD Value). Set it to 1 to keep svcsusr from locking the workstation.
Then, go to HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon. Create a new String Value in here called "Shell". The default Shell on the system is explorer.exe, and it's defined in HKLM--if the user doesn't have a customized Shell value, it runs the HKLM shell. We're going to give svcsusr a customized shell. But we haven't created it yet...
There's two options here. First option is to just put the path to the View client executable in here. This will work--but when the user shuts down the View client, the system will just sit there with no interface until someone hits the power button. I started off using the instructions here, which just restarts the View client over and over again. I decided that I wanted something a little more fully featured.
Create a new folder in the "Application Data" folder of your user (for mine, c:\documents and settings\svcsusr\application data\) and call it "Scripts". Then create a new file in this Scripts folder called viewshell.vbs. Open it in Notepad and put in the following:
dim wshshell
dim shutdowncmd
set wshshell = createobject("wscript.shell")
do
wshshell.run chr(34) & "c:\program files\vmware\"_
& "vmware view\client\bin\wswc.exe"_
& chr(34), 0, true
shutdowncmd = msgbox("You appear to have shut down the Virtual Desktop Client"_
& " Do you wish to shut down the computer?", vbyesno, "Shutdown")
loop until shutdowncmd <> 7
wshshell.run "shutdown.exe -s -f -t 05", 0, 0
We could probably do this as a batch file as well, but I liked the VBScript approach from the VMWare blog post, so I stuck with it. Now, we put this into Application Data because that is part of the user profile that will roam around to all machines. Since the actual profile location may vary by system, set the Shell value we created above to be
wscript "%userprofile%\application data\scripts\viewshell.vbs"
Just to make sure that the script works, run that command from a command line as well (just don't shut down when you exit the View client).
Go ahead and log off--your profile will be saved to the network and used anywhere that svcsusr logs on in the future. The next post will be about forcing our "thin client" systems to log in using this ID.
No comments:
Post a Comment