Atrust thin client auto registration

The Atrust system needs some support from the network so that thin clients can automatically register with the Atrust device manager.


Thin client devices will connect to the network using dynamic addresses from DHCP pools, and auto register with the Atrust device manager via the host name dm-hostserver in the DNS domain from DHCP.

Teams and request channels

Thin clients are supported by the UIS Desktop Services team. Regardless of where devices are installed, change requests to support thin clients should come to Networks / IP Register from Desktop Services.

Auto registration with DHCP

The thin client devices must be installed on a subnet with DHCP support for automatic network configuration.

Auto registration uses DHCP option 205 with a string value containing the IP address of the Atrust device manager. (DHCP option 205 is not registered with IANA.)

Auto registration with DNS

In the absence of DHCP option 205, a thin client will construct a host name for the Atrust device manager by concatenating dm-hostserver with the domain name from DHCP. (This will typically be somewhere under for dynamic pool addresses.)

Deployment considerations

The plan is to allow thin clients to be installed anywhere in the University, not just on the existing Managed Cluster Service subnets, so they cannot rely on existing MCS infrastructure.

They might be deployed on subnets using the IP Register DHCP service, or on subnets using an institution's own DHCP service.

We want to mimimize per-device setup work, so we prefer to use dynamic pool addresses for thin clients, rather than registering them with fixed addresses in IP Register.

The only way we can use DHCP alone for auto registration is if option 205 is provided in all DHCP responses for the thin client's subnet.

It is not clear that we will be able to rely on option 205 in all cases, whereas auto registration with DNS will work regardless of the capabilities of the DHCP server.

Therefore we will add dm-hostserver entries to the DNS for institutions that use thin clients.