The Atrust system needs some support from the network so that thin clients can automatically register with the Atrust device manager.
Summary
Thin client devices will connect to the network using dynamic
addresses from DHCP pools, and auto register with the Atrust device
manager via the host name dm-hostserver in the DNS domain from DHCP.
Teams and request channels
Thin clients are supported by the UIS Desktop Services team. Regardless of where devices are installed, change requests to support thin clients should come to Networks / IP Register from Desktop Services.
Auto registration with DHCP
The thin client devices must be installed on a subnet with DHCP support for automatic network configuration.
Auto registration uses DHCP option 205 with a string value containing the IP address of the Atrust device manager. (DHCP option 205 is not registered with IANA.)
Auto registration with DNS
In the absence of DHCP option 205, a thin client will construct a host
name for the Atrust device manager by concatenating dm-hostserver
with the domain name from DHCP. (This will typically be somewhere
under private.cam.ac.uk for dynamic pool addresses.)
Deployment considerations
The plan is to allow thin clients to be installed anywhere in the University, not just on the existing Managed Cluster Service subnets, so they cannot rely on existing MCS infrastructure.
They might be deployed on subnets using the IP Register DHCP service, or on subnets using an institution's own DHCP service.
We want to mimimize per-device setup work, so we prefer to use dynamic pool addresses for thin clients, rather than registering them with fixed addresses in IP Register.
The only way we can use DHCP alone for auto registration is if option 205 is provided in all DHCP responses for the thin client's subnet.
It is not clear that we will be able to rely on option 205 in all cases, whereas auto registration with DNS will work regardless of the capabilities of the DHCP server.
Therefore we will add dm-hostserver entries to the DNS for
institutions that use thin clients.