A token reader is a specific Sun Ray Client that you can set up to administer user's tokens, such as registering smart cards. This token reader is not the same as hardware devices into which users insert their smart cards, which are typically called smart card readers. Site administrators can use these token readers to administer Sun Ray tokens, such as assigning a token to a user (token owner).
Sun Ray Software provides a way to designate one or more specific Sun Ray Clients as dedicated token readers. A dedicated token reader is not used for normal Sun Ray services, so it does not need a keyboard, mouse, or monitor. Inserting a smart card in a token reader does not enable hotdesking. It does allow the administrator to assign the card to a user.
When you enable an authentication policy with registered users or token owners, be sure to specify smart card IDs for them. To use token readers with regional hotdesking based on Sun Ray pseudo-tokens, use the Site-specific Mapping Library.
Figure 7.3, “Token Reader Setup” shows that the second client is used as a token reader.
Command Line Steps
The utreader command enables a client to be used as a token reader for registering smart cards. When a client is configured as a token reader, inserting or removing a smart card does not initiate session mobility. Any session connected to that client remains connected to it regardless of card movement events.
Token reader mode is useful when you want to determine the raw token ID of a smart card.
To configure the Sun Ray Client with MAC address
0800204c121cas a token reader:# utreader -a 0800204c121c
To re-enable the Sun Ray Client with MAC address
0800204c121cto recognize card movement events and perform session mobility based on the smart card inserted into the client:# utreader -d 0800204c121c
To unconfigure all token readers on this server:
# utreader -c
Admin GUI Steps
Click the Desktop Units tab.
Click the identifier of the client that you want to use as a token reader.
On the Desktop Units Properties window, click Edit.
On the Edit Desktop Unit Properties window, select the Token Reader option.
Click OK.
The client you have selected is now set up to read smart card tokens.
Restart Sun Ray services.
The client is now a token reader.
This procedure describes how to locate a token reader using the Admin GUI.
Click the Desktop Units tab.
Select Token Readers from the drop-down list.
Click Search.
The default search finds all possible matches.
To change the search criteria, type text in the Search text box.
You can access the token card reader by invoking utuser -r from any server in the relevant failover group.
Type the following command:
# utuser -r token-reader
where token-reader is the MAC address of
the client containing the smart card whose ID you want to
read. Insert the smart card into the client and run the
utuser command. This command queries the
client for the smart card token's ID and, if successful,
displays it. For example:
# /opt/SUNWut/sbin/utuser -r 08002086e18f Insert token into token reader '08002086e18f' and press return. Read token ID 'mondex.9998007668077709'
