I've wrestled this particular monster for a few weeks now and seeing as I've used sources from all over I thought I might be able to save someone else some time and trouble and post my 'how to'.
Before I get into it: It took me a while to work through a variety of different methods to accomplish my goal. My goal was to create a thin client that would be able to boot off pxe and load into a remote desktop session with our terminal server that would maintain connection after a user logged out. I didn't want multiple sign on's or a desktop that a user could view/manipulate or the ability to cancel out of the terminal session. So here's what I did:
1. Install Ubuntu 11.10 on Hyper-V host running Windows Server. I found a great walk-through for this at Narendra Patel's site. It covered everything I needed, including the bain of my existence when trying to proof of concept on another box, the network interface. Getting Ubuntu to correctly use apt-get to install and update through an NTLM proxy was always a pain. But after following those instructions it works a treat. i can install all the necessary software and just manually change the browser proxy settings if i needed.
2. Install a remote desktop client on the server. (honestly i was getting tired of standing at the terminal in my server room.) i used sudo apt-get install xrdp. the only thing i needed to do was change the keyboard shortcut keys. ('D' was set to minimize all windows. i set it to Alt + D and moved on.)
3. Install LTSP. Awesome step by step found here at Mojotechblog. My setup was actually easier as i didn't need to make any changes to eth0 after following Narendra's guide. Briefly, it was:
sudo apt-get install ltsp-server-standalone openssh-server
gedit /etc/ltsp/dhcpd.conf and corrected the settings to apply to my network.
ltsp-build-client –-arch i386
gedit /var/lib/tftpboot/ltsp/i386/lts.conf which created a conf file for my thin clients to use. I kept it fairly simple and added the following lines in:
RDP_OPTIONS = "-f -a 16"
RDP_SERVER = TS_IP_Address_goes_here
SCREEN_02 = rdesktop
I found without the rdp options -a and 16 i'd get nothing but a black screen and white cursor. had to add -f to full screen it otherwise i got a box about 800 x 600 in the top left for the terminal session.
4. finally i just wanted to make sure it was all up to date across the board so i ran:
sudo ltsp-update-image ltsp-update-sshkeys
5. and rebooted the server for good measure.
that's all it took to set up my ltsp server for thin clients to boot straight into a terminal server session. Just a few things I didn't have success with:
1. Windows Thin PC. I thought this might have been easiest to use due to already running a windows network environment and just installing this to older machines. The problem was that it's speed was still very dependent on the system's crappy internals to boot and couldn't quite get an rdp session to open like i desired. I had the help of another edugeek member (Thanks for all the help, FN-GM!) wherein we tried using vbscripts to open a default.rdp preconfigured with the settings i wanted but that never quite worked. We also tried using RDP+ but that was a whole other headache to run. (however it did work great if you could get the scripts to work properly) But again this didn't fulfill my main requirements for a thin client so i moved on.
2. Thinstation. Sounds great when i first heard of it. can boot off pxe or etherboot, only 10-15mb img file, can add rdesktop in to the build. but for the life of me couldn't get it running. some of it was my fault (i manually created a 'tftpboot' folder on my ubuntu test box and pointed my dhcp to that when i should have installed ltsp and found the real tftpboot folder under /var/lib/ not in /) but even after realizing my mistake it wouldn't boot pxelinux.0 without missing 'diag' folder. I still have never seen that folder. I'm making an educated guess that it is on the full install image but again it wouldn't install on any of my test machines to allow me to copy that folder. once i had ubuntu ltsp up and running i realize how much easier it would be to just work with that and there we had it.
Wanted to give an update/warning. Upgrading from 11.10 to 12.04 broke my thin client setup. Maybe I was just unfortunate but the package upgrades created an error with my dhcp3-server and had to completely kill it out. Went as far as having to manually delete the cache files before it was able to reinstall properly. then found the thin clients giving an error message that i'm attributing to missing modules. tried updating client image, didn't work, so i've completely reinstalled ltsp-server-standalone and its currently rebuilding my i386 image. Hope no one else has to go through this...
so the 'upgrade' totally hosed the dhcp service. won't start no matter what I've tried so far. Will probably have to re-do the entire server. while looking at this how-to again, i can't seem to open Narendra's guide so I found a copy of it on isummation. Installing Ubuntu Server 11.04 64bit on Hyper-V - iSummation WebSite
I think I will give FreeRDP a run this time. I've just finished reinstalling my ubuntu server.
oh man. what a rough few weeks. anyway, i've finally gotten time to sit down and smack this around a bit. took a little time to work out some bugs and had to jump on the ltsp irc for a chat but it is up and functioning now with freerdp.
For those that don't know, freerdp is now the default rdp client in ltsp. the first difference I noticed with freerdp is that it actually remembers the domain so that students no longer have to type domainname\studentuser to login to our Terminal server, just username now. but to save you fine people the pain of set up here is what i had to do:
on a fresh install of ubuntu 12.04, i installed the ltsp-standalone-server openssh-server as before.
removed isc-dhcp-server as it wasn't needed with our MS dhcp server doing the boot work.
had to make some adjustments to a few config files here they are:
sudo gedit /opt/ltsp/i386/usr/share/ltsp/xinitrc
add this line below . /usr/share/ltsp/ltsp-client-functions
i did try to setup nat as i read one user was having the same issue and this corrected it for him when using a virtual machine like my setup.
sudo gedit /etc/sysctl.conf
uncommented the line net.ipv4.ip_forward=1
add entries to iptables
the key i believe though is of course the lts.conf file. with freerdp you have to tell it to ignore network level authentication and certificates otherwise it'll hang. also adding a few other options helped the look. here is my lts.conf for reference:
SOUND = True
NBD_SWAP = True
SCREEN_04 = ldm
SCREEN_07 = xfreerdp
RDP_OPTIONS = "--no-nla --ignore-certificate -z --gdi sw -f 172.16.0.12"
the first two options relate to the authentication and cert. -z is for compression i believe and most importantly --gdi sw is for the graphics. without this option it looks horrible on our clients. -f is full screen and the ip is for our internal terminal server.
there we have it. it was rough going for me and frustrating at time so i hope this helps someone else out. thanks to alkis and variant over at ltsp for helping me out.
I have been also looking at LTSP. How many client do you have running from on Ubuntu server? Does it work like your running a RDP session inside a linux terminal session or is there a client image downloaded to the client on boot?
well, despite my issues I think it was fairly easy and straightforward to setup LTSP. Currently, I've got about 30 thin client machines around school, i'll be adding more to this number as i finish diags on some other machines. they are a mix of 7 year old Dell's and 5 year old Asus units. All can boot in about 15 seconds to a login screen. It looks exactly like if they were in front of the terminal servers display itself. No close connection bar at top, on logout it goes straight back to the login screen, etc. basically nothing for a student to cause any problems with (as long as you have the right GPO for students to use TS).
there is a small image downloaded to the client on boot which opens xfreerdp in screen 7, in my lts.conf you can see this. I have since removed ldm and xterm. those i used to troubleshoot a thin client connection and its running fine now so i just killed them out. (xterm allowed me to ping the servers and check IP and ldm gave me a desktop to work with if i wanted. you can swap between screens on a thin client by holding ctrl + alt + function key number correlating to the screen number.)
Is the processing done the the client or the ubuntu server please? (ignore the session for now )
What happens if the users presses CTRL + ALT + DEL does it work like it does on a desktop?
Also are you using it with RDS Broker? What OS is the RDS servers running please?
Also can i name my ThinClients something Logical please?
Last edited by FN-GM; 19th June 2012 at 12:01 AM.
on boot the ubuntu server handles the request for the pxelinux.0 file and then loads the image to the client. the image is loaded into memory on the thin client and the ubuntu server doesn't have much else to do with it at that point. (i've pulled all the HDD's from my thin clients just to reduce electricity usage, noise, and heat.) if you choose to try and use the LDM (display manager, something like a linux login screen that can load a *nix desktop. not sure which one, maybe Gnome) then the ubuntu server will be used to authenticate the user but thats about it.
Ctrl alt del is disabled when you are on the RDP screen. if you switch to xterm screen, ctrl alt del will reboot. (one reason to just have freerdp designated in your lts.conf file)
don't currently use rds broker just basic terminal sessions manager on server 2k8 r2.
as an aside, i'm currently working on installing SSO to the ubuntu server as well to get more function out of it.
Did you use Ubuntu Desktop of the Server edition to get this going please?
You should use broker. If i machine is powered off when the users logs back on broker will find the existing session and connect it up. One of the reason i am looking at this is we have a pile of Thin Clients that dont support broker so it would be handy.
Do you know how you can get CTRL + ALT + DEL working please?
ooo what will that do please?as an aside, i'm currently working on installing SSO to the ubuntu server as well to get more function out of it
using the x64 ubuntu server edition 12.04 now.
I'll take a look in to broker now that i'm aware of it.
Are you wanting to use ctrl alt del to pull up lock, switch user, task manager, change password? once the user is logged in then they have those options using ctrl alt del (based on policy of course). i thought you were just curious about if it would reboot the client haha. my students only have access to log off when hitting ctrl alt del so that is the only option they see.
SSO - single sign on that would allow a student/user to login to their school account and then it would automatically log them in to their google apps accounts and moodle account. the end user would only see one login screen (windows 7 login) and would be able to access all their data (emails, google drive, google docs, moodle assignments, etc.) some vendors have offered this to us but its a monthly or annual fee based on number of users. i thought, we could do this for nothing. I'm working on shibboleth identity provider with apache tomcat 7 to do this on our ubuntu machine. still unforeseen if it will work or not lol.
We use change password as well for students and staff have task manager so thats what i was wondering.
What happens when you boot the machines and leave the session not logged on? Does something happen? Does it disconnect?
Do you name your ThinClients please?
Oh right, we are pretty much set on SSO so wont be needing that
in the previous version of ltsp with rdesktop as the rdp client it would go in to standby. i'm discovering with the new ltsp using xfreerdp that the client machine appears to shut the connection completely after some time without any activity. i've only had this new setup running for less than a week so haven't got any hard numbers yet. I think it would be best to close it completely so it doesn't keep the performance high on the TS and frees up a CAL for another user. but it seems upon wake it doesn't re-establish the connection as previous version did. the machine has to be rebooted to do this. there might be a fix but haven't gotten to it yet.
thin clients on the ts are named in order of connection such as #ltsp0001 , #ltsp0002, yada yada. i haven't bother naming them. using the lts.conf though i can specify different options using MAC addresses for different machines. for example, i might throw a few thin clients in to our staff break room and could add an xterm screen to those if i wanted quick access while having my lunch. (cause when do we ever get breaks, right?)
ooo not good our machines are locked away so that would be a big no no.
I will bring my test laptop to work tomorrow and give this a bash. I hope it works well
Thanks for taking part in my grilling!
There are currently 1 users browsing this thread. (0 members and 1 guests)