About This Book WARNING! Text set off in this manner indicates that failure to follow directions could result in bodily harm or loss of life. CAUTION: Text set off in this manner indicates that failure to follow directions could result in damage to equipment or loss of information.
Table of contents 1 Introduction What's New in This Release ........................ 2 Multi-Level Administrator ..................... 2 Multi-Session – Role Assignment ..................3 Single Location Client Configuration ..................3 Blade Service Windows XP 64-bit ..................3 Blade Service PWS Workstation ..................3 USB Session Simplification ....................
Page 6
Change the Firewall ......................25 Active Directory ........................25 3 Installation Install the HP SAM Web Server and SQL Software ................26 Grant Users HP SAM Administrator Access ..............28 Configure HP SAM System Settings ................. 28 Install and Validate the HP SAM Registration Service Software ............28 Install the HP SAM Registration Service ................
Page 7
Appendix B Frequently Asked Questions Appendix C Registration Service Error Codes Appendix D Glossary Index ................................... 79...
Introduction HP Remote Client Solutions are designed to support a variety of users’ needs, from the most basic computing tasks to more demanding professional and technical applications, while giving IT greater control over technology resources, simplifying desktop management, increasing agility and, in many cases, reducing total cost of ownership.
What's New in This Release ● Multi-Level Administrator ● Multi-Session – role assignment ● Single Location Client Configuration ● Blade Service Windows XP 64-bit ● Blade Service PWS Workstation ● USB session simplification ● Reconnect All Button ● Legal Banner ●...
Multi-Session – Role Assignment This feature allows administrators to assign roles in Monitor Layout IDs as they do with static assignments. Administrators can specify a position on the client device and a resolution for the blade chosen within the role. Single Location Client Configuration This feature allows Administrators to set up sessions on an access device (with resolutions and offsets), and then save that to the server as a Monitor Layout ID.
Name the file disclaimer.<file type> and copy the file into the following directory (create the folder, if necessary) on the access device: ◦ XP: C:\Program Files\Hewlett-Packard\HP Session Allocation Client\$LANG\disclaimer.<file type> ◦ Workstation Client OS: /opt/hpsam/$LANG/disclaimer.<file type>...
Workstation Client OS file location: /root/user/hprdc.sam /etc/hprdc.sam (/root/writable/etc/hprdc.sam) ● Parameters in the local file override the personal parameters ◦ XP file location is the install directory. Default: C:\Program Files\Hewlett-Packard\HP Session Allocation Client\hprdc_accessdevice.sam ◦ Workstation Client OS file location: /opt/hpsam/hprdc_accessdevice.sam (/root/writable/opt/ hpsam/hprdc_accessdevice.sam) ●...
● Monitor layout IDs ● Asset Groups NOTE: The Template User must have a dedicated resource in a role and there must be enough available resources in that role to satisfy the users during automatic assignment of dedicated resources. NOTE: This feature allows administrators to clone from a single user to many users, but not to clone to Organizational Units (OUs) or Security Groups (SGs).
● Usage and Capacity Planning reports ● Dedicated user/display to computing resource mapping HP SAM is logically broken up into three areas: ● HP SAM client application running on a thin client or other access device ● HP SAM registration service running on a computing resource ●...
How HP SAM Works When a user on an access device (desktop, notebook, thin client) requests a desktop session, the HP SAM client sends a request to the HP SAM Web server. If configured, HP SAM supports server failover. If the HP SAM Web server does not respond, the HP SAM client goes down the list to the next HP SAM Web server.
HP SAM Software Components The following are the primary components of HP SAM. ● HP SAM Client—The HP SAM Client runs on the access device and displays the graphical interface employed by the user to request a connection from a client computer to a computing resource.
Common Tasks Setting up HP SAM Install HP SAM. See Installation on page Add users. Add new users. See Add New Users on page Create administrative groups, assign users, and customize permissions. See Manage Administrative Permissions on page Create a policy. See Create or Update a Policy on page Create a role.
Setting up a User with a Dynamic Resource HP SAM enables computing resources to be dynamically shared among users. Figure 1-2 Dynamic Connection Example Figure 1-2 Dynamic Connection Example on page 12, we need to grant user Mai access to computing resources.
Setting up a User with Static (Dedicated) Resources Dedicated (static) resource assignment allows one or more specific computing resources to be assigned to a user and it allows one or more computing resources to be assigned as backup. Support for Static roaming allows users to work from other locations. The differing display configurations can be stacked on the client desktop to provide full access with fewer monitors.
Configuring a Monitor Layout for a User HP SAM allows a user to connect to multiple computing resources, thus running simultaneous RGS or RDP sessions. Blades can be made available either by static assignment to the user or by assignment to roles allocated to the user.
Page 23
Figure 1-5 Monitor Offset Configuration Example Common Tasks...
Requirements HP SAM Hardware and Software Requirements HP SAM Web and SQL Server Requirements You can install HP SAM on one or more failover HP SAM Web servers with one central HP SAM SQL database. You can also install HP SAM on one server hosting both the HP SAM Web server and SQL database.
Page 25
NOTE: You must install Microsoft .NET Framework Version 2.0 for the HP SAM version 2.2 Web Server to function. It is recommended that Microsoft .NET Framework 2.0 is installed after IIS, for appropriate asp.net registration. SSL: It is recommended that you configure SSL on the HP SAM Web server (which includes installing a certificate) to encrypt your password and browser session when you log into the HP SAM administrator console.
Page 26
HP SAM SQL Database Server Hardware Requirements If you have an existing SQL database server, you can install the HP SAM database on the same server. However, a separate dedicated HP SAM SQL database server for HP SAM is highly recommended to support future scaling of environment.
Page 27
HP SAM Hardware and Software Requirements...
Page 29
HP SAM Hardware and Software Requirements...
Page 30
HP SAM SQL Database Server Software Requirements Minimum: One of the following must be installed: ● Microsoft SQL Server 2000 Standard or Enterprise Edition, with Service Pack 4 ● Microsoft SQL Server 2005 Enterprise, Standard, or Express Edition, with Service Pack 1 or Service Pack 2 HP recommends using Microsoft SQL Server 2000 or 2005 Standard or Enterprise Edition.
HP SAM Registration Service Requirements Hardware Requirements ● HP blade PC ● HP blade workstation series ● HP xw8400 Workstation ● HP xw9400 Workstation NOTE: If you are running VMware virtual sessions using VMWare 3.X, refer to the VMware documentation for hardware requirements. Software Requirements Install and enable one of the following operating systems: ●...
If the HP SAM client is preinstalled, you need only to configure the HP SAM client to connect to the appropriate HP SAM Web server. If the HP SAM client is not preinstalled, installation requires that the access device has at least 3 MB of flash memory available. Software Requirements Install and enable one or both of the following: ●...
Software Requirements ● Windows XP with Service Pack 2 ● Windows Vista, 32-bit or 64-bit Other requirements Create a Service Account The HP SAM Web server must run under a domain user account in which it can execute the HP SAM services on the local server.
Installation For new setup, the recommended order of installation is: ● Install the HP SAM Web Server and SQL Software on page 26 ● Install and Validate the HP SAM Registration Service Software on page 28 ● Install and Validate the HP SAM Client Software on page 31 ●...
Page 35
For HP SAM Web server installation, the installer asks for a user account. The user account is the owner of the HP SAM Web site and the HP SAM server service. The permissions required for this account are: ● Administrative rights on all computing resources (such as blade PCs) ●...
HP SAM Registration Service. If it is running, stop it. ● Customize the service CFG file to match HP SAM. Go to the C:\Program Files\Hewlett-Packard \HP SAM Registration Service folder and edit the hpevent.cfg-sample file. For details about how...
Once the service locates the file, the service stops the search and extracts the contents. ● In the same directory in which the service resides (usually C:\Program Files\Hewlett-Packard\HP SAM Registration Service) ●...
sample-role-1 sample-role-2 [WebServerList] The [WebServerList] section lists one or more HP SAM Web servers. Each HP SAM Web server (primary and failover) is listed, one per line. The service uses this list in the order provided. The first HP SAM Web server in the list is the one tried first;...
Test the HP SAM Registration Service Log into the HP SAM administrator console, click on the Resources tab, and search for the computing resource within the role it was assigned. ● If the computing resource was not found, check the firewall settings and make sure that the service was started on that computing resource.
##.exe file (## is the software version) to install the Windows XP-based client. NOTE: The language is automatically detected. Follow the installation wizard. After the software is installed, verify the program is placed on the start menu (Start > All Programs > Hewlett-Packard > HP Session Allocation Client). Chapter 3 Installation...
Customization Steps (Recommended) Start up the HP SAM client. Type the HP SAM Web server name. Click the Options button. Change appropriate connection settings. Click the Save Settings button. Place the config file (hprdc.sam) on the desktop. Click Save. You are now able to double-click the HP SAM icon to start the client. NOTE: You can set additional settings by manually editing the .SAM file.
HP Blade Workstation Client Series The HP SAM client is delivered preinstalled on the HP Blade Workstation Client series. To upgrade to a newer HP SAM client, go to www.hp.com, click software & driver downloads, select the appropriate client, select Workstation Blade Client Embedded OS, and reimage the client. Customization Steps (Recommended) Start up the HP SAM client.
Page 43
● Autodial—integer value, 0 or 1. If value is set to 1, the program automatically tries to connect on startup, without waiting for the user to type login information. Default value is 0. ● DefaultUsername—string value. If value is not specified, the program attempts to determine the user name from the user’s login information, which may or may not be accurate.
Page 44
● DefaultSessionAction—integer value, 0, 1, or 2. When set to 0, the default session action (pressing the button without dropping down the list) for the button is Shutdown. If set to 1, the default action is Restart. If set to 2, the default action is Logoff. If only one action is enabled, that option is the default action, and this setting is ignored.
Page 45
Smart Card Settings NOTE: Smart card settings are not valid for Windows CE-based client or Blade Workstation Client series. ● SmartCardAlways—integer value, 0 or 1. Allows user to use smart card to enter credentials and log in. If UiMode = 0 or 1, user has option of using smart card to log in. If UiMode = 2, user must log in with smart card.
Page 46
● EnablePassword—integer value, 0 or 1. When set to 1, shows the Password box on the access device user interface. When set to 0, the password box is not available. Default is 1. ● UILanguage—language identifier. Supported identifiers include: ◦ EN = English ◦...
Page 47
● MicrophoneEnabled—integer value, 0 or 1. If 1, microphone input from the access device is sent to RGS sessions. This value is only supported for RGS connections. Ignored by RDP sessions. This feature requires RGS 5.1.3 or later. Not valid for CE. Default is 0. ●...
Page 48
handled on the remote machine. If 2, the keys are handled on the remote machine while the session is full screen. This value is only supported for RDP connections. Default is 2. ● Height—integer value. Together with Width, indicates size of the window. Default is 600. ●...
● Span—integer value, 0 or 1. When set to 1, specify that the session should span over all available monitors (to the limits of the protocol being used). This setting requires RDP6 or RGS and is ignored for RDP5. Not valid for CE. The default value for this option is 0 (do not span). Additionally, the following restrictions apply for RDP6: ◦...
Page 50
Various methods can be used to deploy the Windows XPe-based or Windows CE 5.0-based HP SAM client to the access devices. Following are two examples. ● Use software deployment tools such as HP Rapid Deployment Pack. Install the HP SAM client on the access devices. Update the client hprdc.sam file to connect to the HP SAM server and specify desired settings (see the customization steps for the specific HP SAM client type).
Administration Log In In the Internet Explorer Address bar, enter in the HP SAM Web server name with /Manage added to the URL (for example, https://HP SAMservername/Manage). If SSL is configured and a certificate-related security pop-up message is displayed, click Yes. Once you get to the log-in page, enter username, password, and click the Sign In button.
Managing the HP SAM Administrator Access List The Domain Administrator, Domain Users in the Administrators group on the domain controller, and Domain Users in the HP SAM server Local Administrator Group are automatically members of the HP SAM Administrator Group. To add another user to the HP SAM Administrator group, see To Assign Attributes on page Add Individual Users to the HP SAM Administrator Group...
Search for groups by entering characters in the search field. Results are shown as you type. You can highlight one group and use the View button to see the users in the group. Click Add to add highlighted groups into the list. Select the groups in the list that you want to add into HP SAM.
HP SAM Administrator Console Tabs Home Tab When you log in to HP SAM, the Home tab page defaults. HP SAM shows a snapshot of current resource status grouped by roles, as a convenience to the administrator. Users and Roles Tab The Users and Roles tab facilitates the management of roles and user access list.
Page 55
● Create button: Click to create a new role that you can assign to resources. ● Delete button: Click to delete selected settings. Manage Asset Groups Asset Groups allow focused management of business group assets such as Clients, Resources, Users, OUs, SGs, Roles, Monitor Layout IDs, Policies, Logs, and Reports.
Page 56
To change values for the different categories, select a category from the Category list, and in the Permissions area, change the permissions as necessary. Repeat this process for each category you want to modify. Click Save. To delete an Administrator group: Select the group or groups to delete.
Page 57
From the Operation list, select Assign Attributes, and then click Go to open the Assign User to Policy/Role window. If you want to assign a policy to a user, select the policy from the Policy list. If you want to assign the user to an Administrator group, select the group from the Administrator Group list.
Page 58
If you want to assign a dedicated resource to the user: Click Add. Type the IP address or host name of the resource. Click Search to search for resource to assign. Select the resource from the list. Click Save to change the resource assignment. Repeat a–e for each additional resource to be assigned to the user.
Page 59
Select the template user from the list. Click Continue. NOTE: A message will be displayed if you attempt to assign resources to a user who already has resources or if the primary roles do not have enough resources available. The template user must have at least one dedicated resource that exists in a role. The selected users will be assigned dedicated resources from free resources in this role.
Page 60
Select the USB Default, which is the session you want RGS to use by default with USB devices connected to the access device. Click Save. To Change the Monitor Layout Configuration for the User Select the check box next to the appropriate name. From the Operation list, select Assign Monitor Layouts, and then click the Go button to open the Monitor Layouts for <username>...
Type one or more of the parameters, as shown in the following examples: Last Name: Search is performed by last name when entering characters. First name: Characters entered after a comma is typed initiate a search by first name. You can also search by first name and last name by entering a space.
Page 62
● Role—Show resources that belong to a specific role. ● Asset Group—Show resources that belong to a specific asset group. ● Available—Show resources that are available for allocation (no users connected). ● Disconnected—Show resources that have users in a disconnected state. ●...
Page 63
● Logoff User—Force logging off the current user on the resource. ● Restart—Reboot the resource. ● Send Message—Send a text message to the user on the resource (a pop-up message). ● Shutdown—Power down the resource. ● Synchronize—Send a request directly to the resource for it to send back the current status. In normal situation, this is not needed, since the registration service sends back its status whenever there is a change in status (power on, power off, user log-in, user disconnect, and user log-off).
To Change an Access Device Type one or more parameters and click Search, or click Search to find all registered access devices. If you want to change the settings for the access device: Click the Serial Number link, and then change desired settings for the access device in the dialog box.
To Create a Data Center Click Create. Type the data center name and enclosure password. Click Save. To Change a Data Center Click on a link in the Data Center column. Change the Data Center name and/or password. Click Save. To Add Enclosures into a Data Center Select the check box for the appropriate data center.
Page 66
The HP SAM hierarchical policy has 5 levels: ● Global ● Role ● OU (organizational unit) ● Security Group ● User Steps: Create or update the policy in the Policies tab. To update an existing policy, click the policy name hyperlink.
Page 67
Create or Update a Policy To create a new policy, click the Create button and type a new policy name. To update or edit an existing policy, click the policy name hyperlink. When the Update Policy window displays, set the value that you want or leave the value blank to allow it to inherit a value.
System Settings Tab This tab allows the administrator to set how the HP SAM server behaves. General This page allows the administrator to define the settings for the entire system. Make the appropriate change(s) and click Save to apply. ● History—If selected, the system records and retains historical data for reports for the number of days selected in the Keep raw data for list.
Page 69
● Multi-Session Autoconnection—When enabled, allows the system to autoconnect to all blades when user is on an access device without a monitor layout ID assigned. Select one or more: ◦ Dedicated Resources ◦ Roles with Public Enabled ◦ Roles with Public Disabled ●...
Page 70
● Banner text—Select the language and type the appropriate message in the box to change the customizable message that is displayed to the user on the HP SAM Web client page. ● Smart Card ◦ Smart card login—Select the value for the type of login you want. - Disallowed—Select to disable logging in using a smart card.
Page 71
Synchronization Scheduler To schedule when to run the synchronize operation task to capture any resources that are offline, set the timer as instructed below and click Create or Update. In general, you do not need to do this if the resources are running under normal operation.
Licensing By default (i.e., no license key entered), you are allowed to run up to 30 resources (such as blade PCs). This is meant for evaluation purposes only. There is no expiration date for this evaluation software. Click the Enter New Key button to add a new key to HP SAM. Once entered, the system displays the information encoded on the key.
Page 73
Output Report ● Role Name—Name of role. ● Minimum Available %—For the time period chosen, the peak value of minimum available is shown. This value indicates the percentage of computing resources that are still available for allocation dropped to this lowest value. ●...
Page 74
Output Report ● Minimum and Maximum Capacity graphs—The graphs show the minimum number of blades available and the maximum number of blades used for the specified time period. In general, these values should add up to 100%. However, if a blade supports multiple roles, then the numbers will not add up because consuming a blade (which is in two or more roles) in one role will also decrease the minimum available in the other role.
Output Report ● Role Name—Name of role. ● Offline—Number of offline computing resources ● Disabled—Number of manually disabled computing resources ● Available—Number of available computing resources ● Disconnected—Number of computing resources with users disconnected from the session ● In-Use—Number of computing resources with users actively using ●...
Page 76
(NOTE: Step a is the default setting.) For the Windows XPe-based client (default setting), edit the ‘scwatch.cfg’ file with the following: [scwatch] Action=c:\Program Files\Hewlett-Packard\HP Session Allocation Client\hprdcw32.exe ActionDir=c:\Program Files\Hewlett-Packard\HP Session Allocation Client\ — or —...
Firewall Rules This appendix lists the rules needed for communication between the various components. The values in parenthesis represent ports, with ANY meaning any ports on that component. Web Server ● Incoming: ◦ From clients (TCP/ANY) to Web server (TCP/80—HTTP) ◦...
◦ - From access devices (TCP/ANY) to blade (TCP/42966)—RGS ◦ - From blade (UDP/47777) to Web server (UDP/47777) ● Outgoing: ◦ From blade TCP/ANY) to Web server (TCP/80—HTTP) SQL Server (only if not running on the same machine as the Web server) ●...
Frequently Asked Questions Question Answer Why do some users on the HP SAM client have to select a role Users who are in more than one role need to select the role to to connect and others do not. connect. Those users who are in only one role do not see this screen.
Page 80
Internet Information Services (IIS) Manager, modify the CONNECTION.CONFIG file located on the HP SAM Web server in root of the HP SAM installation directory (usually c: \Program Files\Hewlett-Packard\HP SAM). Use Notepad to edit the file. Modify the three lines below: <!-- add key="ClientServiceURL"...
Page 81
Modify the connection.config file located on the HP SAM to another value beside the default 47777? Web server in the HP SAM installation directory (usually c: \Program Files\Hewlett-Packard\HP SAM). Use Notepad to edit the file. Add this line in the appSettings section: <add key="ProtocolChannel" Value="port number"/>...
Page 82
Registration Service Error Codes The following is a list of possible errors which the registration service writes to the event log file on the computing resource. If you encounter a critical issue on the blade, note the error code and communicate it to the support team.
Page 83
BC0018—Internal program error. Contact your HP SAM support team. BC0020—Memory allocation error. Close other applications or increase memory. BC0021—Memory allocation error. Close other applications or increase memory. BC0022—Memory allocation error. Close other applications or increase memory. BC0023—Internal error. Contact your HP SAM support team. BC0024—Internal error.
Page 84
BC0047—Failed to read Win32_NetworkAdapterConfiguration WMI class. Contact your HP SAM support team. BC0048—Failed to query a specific WMI property. Contact your HP SAM support team. BC0049—Failed to register a WMI event. Contact your HP SAM support team. BC0050—Problem accessing WMI, possibly related to missing QFE documented in MS KB 828653. BC0100—Failed to setup timer.
Page 85
Glossary Access Device—A device such as a thin client used to access HP SAM to connect to computing resources. Active Directory—A Microsoft Windows directory service that stores an enterprise’s information and settings in a central, organized, accessible database. Active Directory allows administrators to assign policies, deploy programs, and apply critical updates to an entire organization.
Page 86
OU—Organizational Unit Policy—The policy is the user experience as defined by the connection settings. It defines the appearance of the desktop, taskbar, command access, sound availability, etc. There are five levels of policy: Global, Role, OU, SG, User (in that order). Public—A public role is one that is accessible to all users in Active Directory.
Page 88
policy 59 DisplayRestart 35 HP Remote Graphics Software 7, Registration service DisplayShutdown 35 configuration file 29 double-byte numbers, use of 73 HP SAM service account 25 dynamic connection 7 ActiveX controls 32 creating a data center 57 dynamic resource, setting up 12 client comparison table 31 Cryptographic service providers client software, installing 31...
Page 89
IP address list 27 multi-session—role assignment 3 policy Mute 38 creating or updating 59 effective, viewing 59 Japanese characters 72 policy entries 38 navigation, HP SAM administrator policy, hierarchical, table 58 console 43 port value 80 and 443, KeyRepeatEnabled 39 network glitch, reconnect 71 changing 72 Keys 39...
Page 90
requirements Show configuration options Resources 53 access device 23 box 61 System Settings 60 Blade Workstation client 24 Show domain field box 61 Users and Roles 46 desktop or notebook PC 24 Show resolution selection box 61 template user, assigning resources hardware and software 16 ShowVersion 37 from 50...
Page 91
hardware requirements 16 software requirements 16 WebServerList 30 Width 40 window position enhancements 4 Windows CE-based client 33 Windows XPe-based client 32 WindowSnapEnabled 38 Index...