Everyone having a Good Citrix Synergy week? Some great new products announced! Ready for more announcements? Great! After 5 months of coffee, tears of frustration and hair pulling we’re absolutely delighted, thrilled and relieved to announce ThinKiosk 4.0 is nearly ready.

Complete with my new partner in crime Remko Weijnen (I’ve been saying ‘we’ for ages, now you know who… awesome eh?) we’ve worked some long nights to get this version out the door. With that out of the way, we’re proud to announce some of the new features coming in 4.0. Bear in mind this is just a preview, the final features and details of the product are still being hammered out, but below is a taster of some of the functionality you can expect to see shortly.  

Back to the drawing board: ThinKiosk 4.0 is a complete rewrite and refactor of ThinKiosk. It’s built on the 4.0 .Net framework which has brought a lot of simplicity and new features to our tool-set. ThinKiosk 4.0 was built with three main aims:

  • Enterprise Ready.
  • Fool Proof.
  • Secure by Design.

With ThinKiosk 4.0, your setup time will go from days to minutes. Out of the box, ThinKiosk is ready for the following technologies without any local machine tuning:

  • Citrix XenDesktop / XenApp.
  • Citrix VDI in a Box.
  • VMware View.
  • Microsoft Remote Desktop Services.

For the exact details of each of these optimizations, follow the subsequent blog posts / documentation.   New Look and Feel: Without further ado, lets start with the new look and feel.

ThinKiosk 4.0 has also been built on the industry leading graphical interface DevExpress giving us a really shiny, professional and sleek interface. Finally giving us an Interface we can be proud to put on your desktops. ThinKiosk’s interface has been further improved giving you an Applications tab for Publishing desktops for VMware View, Microsoft Remote Desktop services or Citrix Desktops via ICA file or local applications.

This Applications tab has been modelled after the windows 8 Metro err, I mean Windows 8 UI. This provides a similar look and feel to the new Windows start menu and it really breathes new life into old hardware. With this tab, you can publish shortcuts to VDI Desktops or local applications making it a one stop shop for applications. You can flick from one tab to another easily, or disable the one you do not wish to use.   It’s all about the customization! Beauty is in the eye of the beholder right? Agreed!

Themes:

 ThinKiosk 4.0 will ship with over 8 themes and wallpapers, customization of the splash screen, buttons… everything!

The Applications tab can also be completely customized to your tastes:

Lock down: As with Previous versions of ThinKiosk, every button and object in ThinKiosk can be locked down to exactly what you wish, for example here’s a stripped back browser session.

Or a stripped back application window.

Anyway… Enough about the appearance, Lets talk tech!  

Introducing the new ThinKiosk Broker Service and Management console:

The ThinKiosk Broker, Management Console and ThinKiosk clients use an all new ThinKiosk TCP protocol (I never ever, ever want to see a tcp socket again for as long as I live, writing this protocol was a killer!) to allow you to centrally manage, catalog and report on your ThinKiosk devices. The protocol is lightening fast and secure by design. This new framework will form a long blog post itself, but some quick fire information is below:

  • Complete off domain management.
  • Auto device registration, just point ThinKiosk at the broker and it will check in and download the default profile.
  • Remote Control / Shadowing of end point devices via the console.
  • Device Grouping for profiling multiple devices or creating an organisation structure.
  • Remote actions (power off, restart, update).
  • Device Reporting.
  • No Enterprise database software necessary.
  • Audit logging.

Unlike other Thin Client protocols and software, ThinKiosk does not accept any inbound connections, in user or system context. Removing the ability to hijack thin clients… which is all too possible with certain vendors! The console is simple, and quick to navigate.

Installation of the broker takes roughly 5 minutes and is ready to serve your Devices as soon as you configure the default profile.  

New Profile Handler: The ThinKiosk client has received an overhaul and with it we’ve streamlined the profile. ThinKiosk no longer requires group policies or the clunky offline config tool, we have a new profile system based on XML files with a fitting profile editor to match.

No more configuring 5 group policies for one url, the new policy manager is clean, self explanatory, full of new functionality and uses the same interface whether you are using the ThinKiosk management console or modifying the local profile. If you want to still use group policy to deploy configuration? No problem! just drop the file on the client via group policy preferences!  

And the Client! Lets talk about the 4.0 client.  

Supported platforms: Windows XP – Windows 8  

Browser Ahoy!

browser

ThinKiosk is now a fully fledged browser, complete with address bar. If you want to allow your users to browse around, now you can.  

Browser improvements: The ThinKiosk 4.0 browser will:

  • Supress scripting errors.
  • Allow you to add your sites to the trusted sites via policy.
  • Auto tunes the browser for VDI portals.
  • Auto circumvent silly SSL untrusted or mismatched errors (great for POC’s *cough* VDI in a Box *cough*)
  • ThinKiosk now runs as an Internet explorer executable. No more flicking between iexplore.exe and thinkiosk.exe.

VDI Improvements: Now to the nuts and bolts!  

Local login pass through: Now that you have the ability to add direct VDI connections. ThinKiosk will handle the log in experience and pass the credentials to the responsible technology.

This integration allows ThinKiosk to better manage the desktop experience and provide your users with a single login pane rather than the recurrent login screens you can experience with Microsoft / Citrix file connections. These connection files can also be auto launched, to remove that pesky click first thing each day.  

Citrix Technologies:

  • Log off screen redirection for Web interface, storefront and VDI in a box.
  • Log off the web portal when a desktop launches for the above platforms.
  • Support for Adding ICA file connections.
  • Auto configuration of Single sign on from local pc to remote desktop. (Nightmare previously).
  • VDI in a Box auto browser tuning for compatibility.
  • Optionally disable the Citrix Desktop viewer (CDviewer.exe).

  VMware View:

  • Support for publishing multiple pool connections
  • Support for publishing multiple direct desktop connections.
  • Support for PassThrough.
  • Disables Certificate checking by default for quick POC’s.
  • Pass through ctrl alt del / Windows + l (more on this later).

  Microsoft Remote Desktop Services:

  • Support for publishing multiple connections.
  • Support for 2012 RDS and VDI.
  • SSL Certificate warning suppression.
  • Support for login once.

 Improved local application handling: ThinKiosk 4.0 has an improved local application engine, When you add an application to the Applications tab, it will automatically pull in the icon window and you can also specify to launch apps but hide them (think run key entries). If ThinKiosk is restarted via admin task, it’s smart enough to know not to relaunch them. Environment variables for paths and arguments are fully supported and i’ve also added a variable for 32bit program files paths… I always wondered why Microsoft didn’t do this, but I digress.  

Windows secure keystroke blocking and passthrough: You asked… (and asked and asked and asked and asked). It’s done, with ThinKiosk 4.0 you will be able to block CTRL + Alt + Del, + etc. Pass through of these keystrokes to the remote desktop is available for VMware View already and will be coming shortly after 4.0 for Citrix and Microsoft connections.   

Group Policy Lockdown: By default when you install ThinKiosk 4.0, it will arm the PC with the most restrictive policies via the local group policy engine, disabling access to all admin utilities and even local disks. This lockdown can be tuned or turned off via policy if required. ThinKiosk performs privileged actions via the ThinKiosk Machine service which installs as part of the installation.  

Auto log in account: ThinKiosk will ship with it’s own user account for fast deployment. This account will be created on the local machine and gives you a quick an easy method to manage local accounts on non domain joined PC. The accounts password is synchronized with the ThinKiosk unlock password you specify. This account is completely optional and you can turn it off or substitute it with a domain account of your choice. ThinKiosk will also manage the Windows Shell replacement policy itself via policy, so no more mucking around with local group policy or registry keys. ThinKiosk also now encrypts the auto login account using LSA.  

Active Setup:

as

With ThinKiosk as shell, you can now run Active Setup with ThinKiosk’s improved Active Setup Async. Active setup Async is a utility we have implemented into ThinKiosk that will perform active setup 60% faster than standard Microsoft active setup via a threading and queuing engine, the end result is active setup support ( for example: HDX flash redirection) with a much faster (and prettier)  interface.  

Start up Script: ThinKiosk can now implement the local group policy engines start-up script to allow you to manage off domain PC’s. With the start-up script, you can install software, updates, disable services, uninstall software, delete files, profiles… anything! The only limitation here is your own imagination or scripting abilities. If the latter is a concern? worry not, we’ll be creating a scripting library where ThinKiosk enthusiasts can share and collaborate on similar tasks.  

Local session control: ThinKiosk 4.0 offers you the ability to control local volume, printers, screen saver and even background color.  

Improved debug logging: ThinKiosk logs everything, every action, command, hiccup… everything. If something isn’t quite working as expected, chances are the debugging window will announce in triumphant glory exactly what is broken!  

Redundant profile management: ThinKiosk takes a copy of it’s profile on each check in to an FTP server or Broker server. In the event of the server being offline ThinKiosk attempts five times to connect before failing back to the local profile allowing your users to continue working without an outage. If the broker server becomes available again throughout the day, ThinKiosk will check back in to allow management but will not disturb the user.  

And so much more! I’m not going to go on and on, but as you can see… It’s awesome! Check back in a few weeks for the release as we ready the build.

Andrew Morgan works as a Senior Solutions Architect, focusing on Desktop Virtualisation and application delivery.  His primary focus is on SBC, VDI and Application virtualisation with a preference for Citrix products. Andrew spends most of his time Blogging about Desktop Virtualisation challenges, stirring the pot on twitter or developing tools / scripts to plug holes in current projects.

Andrew is currently a Citrix CTP, RES Software RSVP and MCSE, CCIA and VCP certified.

 

Ready to see it in action?