Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices
In addition to normal Sun Ray smart card functionality, such as hotdesking, the Windows connector enables additional smart card functionality, such as the following:
Strong, two-factor authentication for access control with digital certificates
PIN-based logins
Digital signing, encrypting, and decrypting of email messages from Windows-based email clients
The Windows connector uses the smart card services on the Sun Ray server and smart card middleware on the Windows system. For detailed information about the smart card services and the configuration details, see Chapter 8, Smart Card Services .
If you want to use an external smart card reader for Windows session authentication, a CCID-compliant USB smart card reader must be used. See Section 17.13.1, “How to Enable Smart Card Readers on a Windows System” for details.
This section describes how to redirect a smart card reader connected to a desktop client so it can be used by the Windows system. The smart card services on the Sun Ray server must still be configured, which is described in Section 8.6, “Configuring Smart Card Services”.
To enable internal or external smart card readers, you must use the -r
scard:on option of the uttsc command.
CCID-compliant USB smart card readers are redirected through the Windows RDP smart card channel, which enables the smart card to be used for Windows session authentication. USB smart card readers that are not CCID-compliant use USB redirection, but they cannot be used for Windows session authentication.
This procedure describes how to set up smart card login for Windows.
Set up Active Directory and Certification Authority (CA) on the Windows system.
Install the smart card middleware product on the Windows system.
If you use ActivClient middleware, set the Disable PIN Obfuscation option to Yes through the ActivClient user console on the Windows system.
Enroll the necessary certificates onto the smart card using either a Sun Ray token reader or an external smart card reader connected to the Windows system.
Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices