Public hostname; the name that clients should connect to. If not defined, the agent will use the server's (first) IP address. This is the default configuration, and means that ThinLinc does not require DNS to work properly. However, if you are using Network Address Translation (NAT), you must set this parameter to a IP address or DNS name that all clients can connect to. Example:

agent_hostname = thinlinc.example.com

This is the list of VSM servers that should be allowed to connect to this VSM agent and create new sessions. The localhost is always allowed as well as the IP of the hostname the VSM agent runs on, and the host specified in the /vsmagent/master_hostname/ parameter.

This subfolder of /vsmagent contains environment variables that should be set in each user's session. Example:

[/vsmagent/default_environment]
LANG=sv_SE
LC_CTYPE=sv_SE.UTF-8
FOOBAR=foobar

This will set the LANG environment variable to sv_SE , the LC_CTYPE variable to sv_SE.UTF-8 and the FOOBAR variable to foobar in each user's session.

The default session size, to be used when clients are not requesting any specific session size. This is used by the Java Browser Client.

The maximum display number to be used for ThinLinc sessions on each specific VSM agent host. Default value is 2000.

The maximum ThinLinc sessions allowed on a specific VSM Agent host is /vsmagent/legacy_display_max + /vsmagent/display_max - /vsmagent/display_min .

The lowest display numbers to use for clients. The default is 1, and unless there are other processes needing display numbers, the recommendation is not to change this number. Note that older clients cannot connect to a display number of 100 and above. See Appendix B, TCP Ports Used by ThinLinc for an in-depth explanation of port allocation.

The maximum display number to be used for legacy (pre 1.4) clients. The highest number allowed is 99.

By setting this parameter to 1, no legacy (pre 1.4) clients are allowed.

The TCP port VSM Agent listen to for incoming requests. This should normally be set to the same value as /vsm/vsm_agent_port.

The lowest port to be used by normal user processes. This may never be lower than /vsmagent/max_session_port . See Appendix B, TCP Ports Used by ThinLinc for an in-depth explanation of port allocation.

If this parameter is true, the users home directory will be automatically created if it doesn't exist.

When a home directory is created (see parameter /vsmagent/make_homedir above), the mode for the newly created directory will be determined by this parameter.

This parameter specifies the hostname of the master machine, i.e. the machine that runs the VSM server. In a HA setup, this should be the hostname of the IP address that is on the machine that is currently the active node, to ensure that services on the agents that need to access the VSM Server always connects to the machine that is up and running.

The highest port to use for VNC and tunnel ports on the VSM Agent. See Appendix B, TCP Ports Used by ThinLinc for an in-depth explanation of port allocation.

This parameter is deprecated. It prepends the arguments -nolisten tcp -localhost to the parameter /vsmagent/xserver_args .

This parameter decides whether the passwords of the users should be saved in order to support Single Sign-On when connecting to servers from the ThinLinc session, for example when running a Windows session.

Extra arguments to pass on to the Xserver Xvnc. One common case is to use -localhost , which makes Xvnc require connections to originate from localhost, thus forcing clients to use encryption. Another examples is -MaxIdleTime. For more information, see Section 14.4, “ Limiting Lifetime of ThinLinc Sessions ”.

The option -KeyboardMap is also recognized. It can be used to override the default keyboard map. The swedish keyboard map "sv" is default. This map is also suitable for english languages. A Brazilian ABNT2 keyboard map ("pt-br") is also supported. Note that changing the keyboard map is only necessary with applications which violates the X11 specification by depending on certain keycode values.

This parameter controls the location of the Xauthority file. Currently, two values are supported: With "homedir", the file will be placed in the users home directory. With "sessiondir", the file will be placed in the session directory below /var/opt/thinlinc/sessions. The XAUTHORITY environment variable is set accordingly by the VSM agent.

The administrator's email address. This is where warnings about overuse of Licenses are sent, among with other administrative messages. Make sure this is a valid address.

The hostname the outbound requests from the VSM server to the VSM agents should come from. This parameter should be set if the machine running VSM server has several interfaces in order to make sure that the correct interface is used for outbound connections to the VSM Agents

A list of hosts from which privileged operations are allowed. The default (empty) allows localhost to do this. Privileged operations are for example to deactivate a session, something that should be allowed by the host running Webmin.

ThinLinc access can be limited to certain groups. If allowed_groups is empty, all users are accepted. Otherwise, the user must be a member of the groups listed below, to be able to use ThinLinc. Example:

 allowed_groups = students teachers
            

A list of users that are allowed to shadow other users. Please note that these users will gain full access to other users' sessions.

This parameter presents a way to force the sessions created for users in certain groups to always be created on specific agent hosts. See Section 14.3.10, “ Forcing sessions for some users to certain agent hosts ” for more information.

All ThinLinc machines part of this ThinLinc cluster. This should be a list of DNS host names. These will be used for communication between the server and the agent. The names reported to clients are fetched from the agent itself; names in /vsmserver/terminalservers are not reported directly to clients.

Estimated bogomips required for each user.

This parameter decides the importance of the amount of logged in users on a VSM agent host when calculating load balance parameters. A host with low load, but a lot of users, is generally more likely to get a higher load within short time when the users get active. For this reason, the load balance calculating code takes the number of users at a certain host into its calculation. The /vsmserver/existing_users_weight controls how important this factor is. A higher value of this parameter means the load balancing code will care less about a high number of users on a certain machine.

If this parameter is true, the VSM server will try to repliccate information about sessions to the other VSM server node. See Chapter 6, High Availability (HA) for more information about ThinLinc in a High Availability configuration.

This parameter lists the hostnames of both nodes in a ThinLinc HA setup. The list should include the hostname of the current node. This means that vsmserver.hconf can be identical on both nodes.

The TCP port VSM Server listen to for incoming requests. This should normally be set to the same value as /vsm/vsm_server_port.

The number of seconds allowed for updating the load status in the entire cluster.

Integer, number of estimated MiB memory required for each session. A value of 8 is appropriate if only tl-run-windesk is used.

A list of sshd log files. These files are used for determining the client IP. Different systems uses different files. VSM server will try all listed files in order. If this list is empty, VSM server will not try to determine the client IP.

If this parameter is true, processes occupying the users interval of forwarded ports will be killed at login. This means that if a user logs in twice to the same session, the second login will get working tunnel ports, if this parameter is true. The first session's tunnel ports will stop working. If the parameter is false, the first session will keep the ports.

The tunnels setup by the client to access various resources (audio, serial port, network resources, local printer) need one port number each on the server running the VSM agent the client is connected to. This parameter decides the lowest such port that is allocated by the VSM agent. Each user has a port range defined by the formula /vsm/tunnel_bind_base + display-ID*10 + service_slot where the service_slot depends on which service will use the tunnel. This port range is however used only for sessions with display numbers less than 100. See Appendix B, TCP Ports Used by ThinLinc for an in-depth explanation of port allocation.

There are several parameters under the /vsm/tunnelservices folder. Each one decide which ports are used at serverside termination points for the tunnels used to access client resources. See Appendix B, TCP Ports Used by ThinLinc for an in-depth explanation of port allocation.

The number of ports to reserve for tunnel port endpoints on the server. The number of ports actually used depends on the number of services defined under /vsm/tunnelservices/ . We recommend letting this parameter have its default value (10), since that leaves for further services and easy live upgrades of ThinLinc. See Appendix B, TCP Ports Used by ThinLinc for an in-depth explanation of port allocation.

The port base for VNC communication. The VNC protocol runs on one port per active user on the VSM agent host, and this is the base of the numbers used. That is, for the first user, the port will be /vsm/vnc_port_base + 1, for the second user /vsm/vnc_port_base + 2 and so on. This algorithm is used only for display numbers below 100. See Appendix B, TCP Ports Used by ThinLinc for an in-depth explanation of port allocation.

VSM agent communication. This is the port that the VSM server connects to on VSM Agents. This traffic is not encrypted.

The port that the VSM server listens to.

The Windows NT domain to use.

The keyboard layout to use for connections to Windows Terminal Servers.

Extra arguments for RDP connections to Windows Terminal Servers. See the documentation for tl-run-rdesktop in Chapter 13, Commands on the ThinLinc Server for information about the possible values of this parameter.

True if printers should automatically be redirected to Windows Terminal Servers. See Section 5.6, “ Printer Configuration on Windows Terminal Servers ” for details.

A list of Windows Terminal Servers to connect to using the RDP protocol. This list is read by tl-run-rdesktop (and associated commands) to decide which Windows Terminal Server to connect to. The Windows Terminal Server with the least load is chosen.

This parameter determines the sound system to use. If set to "esddsp", sound redirection using the "esddsp" wrapper will be enabled. A value of "padsp" uses the PulseAudio system instead. If "auto" is specified, "padsp" and "esddsp" are both tried, in that order. The empty string disables sound redirection.

A list of external UNIX servers to connect to when the tl-run-unixapp is called.

True if X11 traffic should be encrypted via SSH.

The path to the xauth executable on the remote server. This is only used if use_ssh_encryption is false.

The script /opt/thinlinc/etc/xstartup.d/02-set-background.sh will run this command early in the session startup. The default value sets a nice blue background.

This parameter controls if there should be a progress bar visible to the user while running the scripts in /opt/thinlinc/etc/xstartup.d. The default value is 1, meaning that the progress bar is displayed. Set to 0 if this behaviour is not desired.